API Reference

API Keys


When making programmatic calls to the Gremlin API, instead of using your own account profile with your username password credentials, you can leverage team-level API keys. This is akin to having a “service account” in other software products.

To create a new API key

  • Go to Company Settings.
  • Select your Team.
  • Select the API Keys tab.
  • Click New API Key button.
  • Give your key a unique name and an optional description.
  • Click save, and copy your key content for use.

To revoke and reinstate an API Key

  • Before you begin, confirm that you have stopped using the API Key.
  • Go to Company Settings.
  • Select your Team.
  • Select the API Keys tab.
  • Hover over the 3 dots to the right of your API Key.
  • Select Revoke Key or Reinstate Key in the popup.
  • If you are revoking a key, confirm by clicking the Revoke button.

Usage

Instead of using a Bearer token, provide the key content in the Authorization Header, prefixed with Key.

1Authorization: Key f02868098b13e4f68da82b0c5e5c950ea750fce53c62d982cdab0c61099e5f98

See Creating Attacks for examples of creating an attack via the API.

Limit

There is a limit of 5 active API Keys per team.