Authentication
Get your API key and start automating security scans.
🤖 Vibe Coding Prompts
Choose your path and copy the prompt to your AI assistant:
Automate scans in your pipeline
Read the Bugrit Authentication docs at https://bugrit.com/docs/authentication
Set up Bugrit API authentication in my CI/CD:
1. Store BUGRIT_API_KEY as a secret
2. Add header: Authorization: Bearer {API_KEY}
3. Trigger scans after deploy
4. Fail build if critical issues found
My CI platform: [GitHub Actions / GitLab CI / etc.]✨Works with Claude, ChatGPT, Cursor, Copilot, Cody, and other AI coding assistants
🔑 Quick Start
- 1.Go to Settings → API Keys to create a key
- 2.Copy the key (it starts with
bg_) - 3.Add to your requests as
Authorization: Bearer YOUR_KEY
Example Request
curl https://bugrit.com/api/v1/projects \ -H "Authorization: Bearer bg_your_api_key_here"
Technical Reference
Permissions
Select the minimum permissions your integration needs:
| Permission | Description |
|---|---|
projects:read | List and view projects |
projects:write | Create, update, delete projects |
scans:read | List and view scans |
scans:write | Create and cancel scans |
findings:read | View scan findings |
findings:write | Update finding status |
reports:read | View generated reports |
reports:write | Generate new reports |
Permission Presets
Read Only
projects:read, scans:read, findings:read, reports:read
Execute
All read + projects:write, scans:write, findings:write
Full Access
All permissions including reports:write
Error Responses
401 - Invalid API Key
{"error": {"code": "INVALID_API_KEY", "message": "Invalid or expired API key"}}403 - Missing Permission
{"error": {"code": "FORBIDDEN", "message": "Missing required permission: projects:write"}}Security Best Practices
- •Never expose API keys in client-side code
- •Use environment variables in CI/CD
- •Create separate keys for different environments
- •Revoke keys immediately if compromised
- •Use minimum permissions necessary