Authentication: API Key¶

API keys are long-lived credentials for programmatic or automated access to the API. They are an alternative to session tokens and do not require a login step on each request.

Obtaining an API Key¶

You can generate and manage your API keys directly from the Gigas client Control Panel. Navigate to the My account section to create a new key.

Using an API Key¶

Pass the API key in the Authorization header with the Bearer prefix on every request:

curl --request GET \
  --url https://api.gigas.com/account/ACCOUNT_ID/virtual_machines \
  --header 'Authorization: Bearer YOUR_API_KEY' \
  --header 'Content-Type: application/json'

Note

API keys have two expiration mechanisms:

Hard expiry: the valid_until date set at creation time. After this date the key stops working unconditionally.
Inactivity expiry: the key expires if it is not used for a configured number of days. Each use resets this timer.

Unlike session tokens, API keys do not need to be refreshed — include the key directly in the Authorization header of every request.

Authentication: API Key¶

Obtaining an API Key¶

Using an API Key¶

Table of Contents

Previous topic

Next topic