Skip to main content

Usage and quotas


The GitGuardian API and its scan capability can be used to scan simple content quickly, or even to write complex integrations for non-publicly available services.

Most of GitGuardian's Open Source projects use the GitGuardian API as their backbone. ggshield and py-gitguardian are two examples.

Stateless scanning#

The GitGuardian API endpoints are stateless, meaning any scanned documents or found secrets are not stored on our servers when performing a secrets scan. We do, however, collect and store some metadata for purposes such as quota usage and access logs.


Only calls via the scan scope are subject to the API's quota system.

Workspace Managers can track usage of the scan scope of the API via the Quota section:

API usage

Quota usage is based on requests and not on the content amount nor size of the content you scan. As an example, the "single scan" and "multiple scan" endpoints both use 1 API call per request.

The quota is set on a rolling month and not on a calendar month. This means that if 200 API calls are made on the last day of the month, you will need to wait 30 days before 200 new calls are credited back to your account.

The quota depends on your plan but you can always contact us to increase it:

Free planPaid plan
Quota10,000 calls/month100,000 calls/month