API Reference

The WithGiga API gives you full programmatic control of security audits, findings, and reports. Base URL

https://api.withgiga.ai

Authentication

Every request requires an API key in the Authorization header:

Authorization: Bearer giga_sk_YOUR_KEY

Generate a key from Profile → API Keys in the dashboard, or via POST /api/keys. See Authentication for details.

Security audits

The primary product surface — programmatic offensive engagements.

Resource	Description
Audits	Launch and retrieve security audits
Workspaces	Target containers and engagement history
Subdomains	Standalone passive OSINT enumeration
Scheduled Audits	Cron-based recurring audits

Account

Resource	Description
API Keys	Manage your API credentials
Billing	Plans, credits, subscription
Errors	Full error code reference

Response envelope

All successful responses use this shape:

{
  "success": true,
  "data": { ... }
}

Error format

All non-2xx responses use a consistent error envelope:

{
  "error": {
    "code": "ERROR_CODE",
    "message": "Human-readable explanation",
    "hint": "Optional remediation guidance",
    "requestId": "uuid-for-support"
  }
}

See Errors for the full code reference.

Rate limits

60 requests/minute per API key
Throttled requests return HTTP 429 with Retry-After and X-RateLimit-Remaining headers
Use exponential backoff in automated clients

Versioning

The API is currently unversioned. Breaking changes will be announced with a migration period via Discord and email.

​API Reference

​Authentication

​Security audits

​Account

​Response envelope

​Error format

​Rate limits

​Versioning