I am trying to use gitea as a backend system, and as such want to login with username and password via the api and then use a token for any further api requests
I must be blind - I just can’t see any documented api for login. I see that there is a “basic” auth but I don’t want to use that in case the headers get logged.
The login POST’s to /user/login - I have tried that, but no token is returned
any insight would be appreciated 
Here is the documentation on creating a token: https://try.gitea.io/api/swagger#/user/userCreateToken you must use username/pass via basic auth on that endpoint. Once you have a token you can use it an all other endpoints.
I can’t execute it on Gitea 1.7.4
Using Swagger UI I try to create a token for an existing user:
username = alice
password = 123456
Basic authorization: Done
Execute for ‘alice’ now:
curl -X POST "https://localhost:3000/api/v1/users/alice/tokens" -H "accept: application/json" -H "authorization: Basic bmlrb2xheToxMjM0NTY=" -H "Content-Type: application/json" -d "{ \"name\": \"token_name\"}"
Server response:
Code: 401 Error: Unauthorized
I tried Basic auth as an administrator but got the same error.
What did I miss here? 
Seems, it’s works only as:
curl -X POST "https://alice:123456@localhost:3000/api/v1/users/alice/tokens" -H "accept: application/json" -H "Content-Type: application/json" -d "{
\"name\": \"token_name\"
}"
Executed it via console.
Came across this and one reason could be that
your curl example has username “nikolay” and not “alice” inside the basic auth string.