search
SupportSnyk LearnAPI referenceProduct updatesSign up for free
githubEdit

Authentication for API

To use the Snyk API, you must be an Enterprise plan customer and have a token from Snyk.

Enterprise users have access to a personal token under their profile and to service account tokens. The personal API token is associated with your Snyk Account and not with a specific Organization. Service accounts are associated with an Organization or a Group. For more information, see Service accounts.

  • Enterprise users should use a service account to authenticate for any kind of automation. This includes, but is not limited to, CI/CD scanning with the CLI or build system plugins and any automation, including automation with the API.

  • Enterprise users should use the personal token under their user profile for:

    • Running the CLI locally on their machine; for details, see Authenticate to use the CLI.

    • Authenticating with the IDE manually

    • Running API calls one time, for example, to test something

Note that for free and team plan users, the personal token does not have access to the API and may be used for authenticating to IDE, CLI, and CI/CD integrations only. For details, see Obtain and use your API token.

For additional information, see Snyk API token permissions users can control.

hashtag
How to obtain your personal token

You can find your personal API token in your personal General Account Settingsarrow-up-right after you register with Snyk and log in. In the key field, Click to show. Then, highlight and copy the API key.

If you want a new API token, select Revoke & Regenerate. This will make the previous API token invalid. For details, see Revoke and regenerate a Snyk API token.

hashtag
How to use a Snyk API token

When using the API directly, provide the API token in an Authorization header, as in the following example request, replacing API_TOKEN with your token

curl --request GET \
--url "https://api.snyk.io/rest/self?version=2024-06-10" \
--header "Content-Type: application/vnd.api+json" \
--header "Authorization: token API_TOKEN"

If you are using the API through Snyk Apps, provide the access_token in an Authorization header preceded by bearer as follows:

Otherwise, a 401 Unauthorized response will be returned:

PreviousGetting started with the REST APINextSnyk API token permissions users can control

Last updated

Was this helpful?