> ## Documentation Index
> Fetch the complete documentation index at: https://docs.withgiga.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Quickstart

> Run your first WithGiga security audit in under five minutes

# Quickstart

This guide walks you through running your first WithGiga audit — from creating a workspace to retrieving a PDF report.

<Warning>
  Only run audits against domains you own or have explicit written authorization to test. Unauthorized testing is illegal in most jurisdictions.
</Warning>

## 1. Sign in and generate an API key

1. Sign in at [build.withgiga.ai](https://build.withgiga.ai)
2. Navigate to **Profile** in the left sidebar
3. Click **Generate API Key**
4. Copy the key — it begins with `giga_sk_` and is shown only once

Store it as an environment variable:

```bash theme={null}
export GIGA_API_KEY="giga_sk_..."
```

## 2. Create a workspace

A workspace is a project container scoped to a target domain.

```bash theme={null}
curl -X POST https://api.withgiga.ai/api/workspaces \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Acme Production",
    "domain": "acme.example.com"
  }'
```

Save the returned `workspace.id` — you'll use it for every audit in this workspace.

## 3. Launch a shallow audit

Shallow audits run for \~30 minutes and cover OWASP Top 10 plus proof-of-concept exploitation, with no post-exploitation activity. Great for a first run.

```bash theme={null}
curl -X POST https://api.withgiga.ai/api/workspaces/{workspaceId}/audits \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "shallow",
    "targets": ["acme.example.com"]
  }'
```

**Response**

```json theme={null}
{
  "success": true,
  "data": {
    "audit": {
      "id": "audit_abc123",
      "status": "queued",
      "type": "shallow",
      "domain": "acme.example.com",
      "createdAt": "2026-05-18T12:00:00.000Z"
    }
  }
}
```

## 4. Watch the agent work

While the audit runs you can watch GigaOps in real time from the dashboard:

1. Go to **Workspaces → Your Workspace → Audits**
2. Click the running audit
3. The **Live Stream** panel shows the agent's desktop — terminals, browser windows, every command it runs
4. The **Findings** panel populates as confirmed vulnerabilities are discovered

You can also poll status via the API:

```bash theme={null}
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123 \
  -H "Authorization: Bearer $GIGA_API_KEY"
```

| Status      | Description                            |
| ----------- | -------------------------------------- |
| `queued`    | Sandbox provisioning                   |
| `running`   | GigaOps actively engaging the target   |
| `completed` | Engagement finished — report ready     |
| `failed`    | Run encountered an unrecoverable error |

## 5. Retrieve the report

Once status is `completed`, fetch the structured report and PDF:

```bash theme={null}
# Full report with all findings
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123/report \
  -H "Authorization: Bearer $GIGA_API_KEY"

# Presigned URL for the PDF
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123/pdf \
  -H "Authorization: Bearer $GIGA_API_KEY"

# Asciinema recording of the full engagement
curl https://api.withgiga.ai/api/workspaces/{workspaceId}/audits/audit_abc123/recording \
  -H "Authorization: Bearer $GIGA_API_KEY"
```

## Next steps

<Columns cols={2}>
  <Card title="Audit Modes" icon="layer-group" href="/audits/overview">
    Compare shallow, deep, and autonomous engagement modes.
  </Card>

  <Card title="Methodology" icon="crosshairs" href="/how-it-works/methodology">
    Understand the 10-phase chain GigaOps follows.
  </Card>

  <Card title="Scheduling" icon="calendar" href="/scheduling">
    Run recurring audits for continuous coverage.
  </Card>

  <Card title="Slack Integration" icon="slack" href="/slack-integration">
    Receive findings directly in your team channel.
  </Card>
</Columns>
