Skip to main content


Our APIs have predictable resource-oriented URLs, accept form-encoded request payloads, return JSON-encoded responses, and use standard HTTP response codes and verbs.



You can authenticate against the stackguardian API using an API Key which can we generated inside your Organization's settings. You can then pass the Authorization HTTP Request header to your requests like so: Authorization: apikey <API_KEY>

Generate API Key

Navigate to your Organization settings by clicking on the settings icon in the organizations dropdown.

Now, you can follow the instructions inside the API Key tab to generate an API Key.


StackGuardian uses conventional HTTP response codes to indicate the success or failure of an API request. In general: Codes in the 2xx range indicate success. Codes in the 4xx range indicate an error that failed given the information provided.

HTTP Status CodeReasons
200 - OKAll worked as expected.
204 - OKAll worked but no content to return
400 - Bad RequestThe request was unacceptable, often due to missing a required parameter
401 - UnauthorizedInvalid, expired API key
403 - ForbiddenForbidden to access the requested resource
404 - Not FoundRequested resource does not exist
5xx - Server ErrorsSomething wrong on our side - Awkward 😑


Please report if you encounter any issues at or connect with us on Slack.