Authentication

Authentication against the Gigs API is done using simple static API keys. Your organization can have one or more projects (e.g. production, test, experiment) and each will come with its own set of unique API keys.

Please contact us to set up projects in your organization: support@gigs.com.

Getting an API key

API keys can be managed in the developers section of the Gigs Dashboard. We highly recommend rotating API keys regularly and creating them with an expiration date.

Using an API key

Your API key is used as Bearer token in the Authorization header of your request, for example:

Authentication example - cURL

curl --request "GET" \
  --url "https://api.gigs.com/projects/${GIGS_PROJECT}/sims" \
  --header "Accept: application/json" \
  --header "Authorization: Bearer ${GIGS_TOKEN}"

Error handling

If the token is missing, expired, or if there's anything else wrong with the authentication or authorization of the request, you will receive a 401 HTTP response.

For example, here's the response you'd get if you lost a character while copy-pasting your token:

{
  "object": "error",
  "message": "Invalid authorization token",
  "type": "unauthenticated"
}

Check our section on error handling for more information.