Authentication

Authentication against the Gigs API is done using simple static API keys. Your organization can have one or more projects (e.g. production, test, experiment) and each will come with its own set of unique API keys.

Please contact us to set up projects in your organization: support@gigs.com.

Getting an API key

API keys can be managed in the developers section of the Gigs Dashboard. We highly recommend rotating API keys regularly and creating them with an expiration date.

Security

An API key provides full access to all the data in a project. Please keep your API key secret at all times, don't hardcode it in code repositories and don't share it with others.

Using an API key

Your API key is used as Bearer token in the Authorization header of your request, for example:

Authentication example - cURL

$ curl --request "GET" \
--url "https://api.gigs.com/projects/${GIGS_PROJECT}/sims" \
--header "Accept: application/json" \
--header "Authorization: Bearer ${GIGS_TOKEN}"

Error handling

If the token is missing, expired, or if there's anything else wrong with the authentication or authorization of the request, you will receive a 401 HTTP response.

For example, here's the response you'd get if you lost a character while copy-pasting your token:

{
  "object": "error",
  "message": "Invalid authorization token",
  "type": "unauthenticated"
}

Check our section on error handling for more information.