search

Authentication

hashtag
Authentication

All requests to the Guardis API require authentication using your API key. The method for including your key varies depending on the protocol you're using.

Don't have an API key yet? Contact us at [email protected]envelope to request access.

hashtag
REST API

For all REST requests, include your API key in the X-API-Key header.

Header format:

X-API-Key: your_api_key_here

Example request:

curl -X GET "https://enterprise.guardis.io/v1/endpoint" \
  -H "X-API-Key: your_api_key_here"

hashtag
WebSocket

For WebSocket connections, include your API key as a query parameter when establishing the connection.

Connection format:

wss://api.guardis.io/v1/ws?api_key=your_api_key_here

Example (JavaScript):

hashtag
gRPC

For gRPC requests, include your API key in the request metadata using the x-api-key field.

Metadata format:

Key
Value

x-api-key

your_api_key_here

Example (Python):

Example (Go):

hashtag
Keeping Your API Key Secure

Your API key grants access to your Guardis account and usage quota. Treat it like a password.

  • Never expose your key in client-side code — API calls should be made from your backend

  • Don't commit keys to version control — Use environment variables or a secrets manager

  • Rotate keys if compromised — Contact [email protected]envelope immediately if you suspect your key has been exposed

hashtag
Authentication Errors

If your API key is missing, invalid, or expired, you'll receive an error response.

Status Code
Meaning

401 Unauthorized

API key is missing or invalid

403 Forbidden

API key is valid but lacks permission for this resource

See the Errors section for full details on error handling.

PreviousBase URLNextErrors

Last updated