Skip to main content

Authentication

The GitGuardian API uses API keys to authenticate requests.

Creating your API key#

There are 2 different types of API keys:

  • Service accounts: a special type of token intended to represent a non-human user that needs to authenticate and be authorized for scenarios such as secrets scanning in CI pipelines or batch processing open incidents.
  • Personal access tokens: a token intended for the use of the GitGuardian API and command-line application ggshield by individual developers on their local workstations (e.g. pre-commit or pre-push git hooks).

Authentication scheme#

The GitGuardian API uses Authorization header authentication for its requests.

The Authorization header value must be prefixed with Token.

Example request using curl:

curl -H "Authorization: Token ${TOKEN}" \  https://api.gitguardian.com/v1/health