Skip to main content

How ggshield works

ggshield uses the GitGuardian API#

ggshield uses our public API through py-gitguardian to scan and detect potential secrets on files and other text content.

An API Key is needed to use ggshield. Read the authentication documentation for more information. The environment variable GITGUARDIAN_API_KEY is used to read the intended API key.

GITGUARDIAN_API_KEY=<GitGuardian API Key>

Only metadata are stored#

Only metadata such as call time, request size and scan mode is stored from scans using ggshield, therefore secrets and policy breaks incidents will not be displayed on your dashboard and your files and secrets won't be stored.