API Quickstart

This guide takes you from zero to a completed audit with PDF report — entirely via the API.
Only run audits against domains you own or have written authorization to test.

1. Set your API key

export GIGA_API_KEY="giga_sk_..."
Generate one from Profile → API Keys or POST /api/keys.

2. Create a workspace

A workspace is a project container scoped to a target domain. 
WORKSPACE=$(curl -s -X POST https://api.withgiga.ai/api/workspaces \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name":"Acme Production","domain":"acme.example.com"}' \
  | jq -r '.data.workspace.id')

echo "Workspace: $WORKSPACE"

3. Launch a shallow audit

AUDIT=$(curl -s -X POST "https://api.withgiga.ai/api/workspaces/$WORKSPACE/audits" \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"type":"shallow","targets":["acme.example.com"]}' \
  | jq -r '.data.audit.id')

echo "Audit: $AUDIT"

4. Poll until complete

while true; do
  STATUS=$(curl -s "https://api.withgiga.ai/api/workspaces/$WORKSPACE/audits/$AUDIT" \
    -H "Authorization: Bearer $GIGA_API_KEY" | jq -r '.data.audit.status')

  echo "Status: $STATUS"
  [ "$STATUS" = "completed" ] || [ "$STATUS" = "failed" ] && break
  sleep 30
done

5. Retrieve the report

# Structured report with findings
curl "https://api.withgiga.ai/api/workspaces/$WORKSPACE/audits/$AUDIT/report" \
  -H "Authorization: Bearer $GIGA_API_KEY" | jq

# Presigned PDF URL
curl "https://api.withgiga.ai/api/workspaces/$WORKSPACE/audits/$AUDIT/pdf" \
  -H "Authorization: Bearer $GIGA_API_KEY"

# Full asciinema recording
curl "https://api.withgiga.ai/api/workspaces/$WORKSPACE/audits/$AUDIT/recording" \
  -H "Authorization: Bearer $GIGA_API_KEY"

Full one-liner script

#!/usr/bin/env bash
set -e

API="https://api.withgiga.ai"
KEY="$GIGA_API_KEY"
DOMAIN="${1:?usage: $0 <domain>}"

WS=$(curl -s -X POST "$API/api/workspaces" \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d "{\"name\":\"$DOMAIN\",\"domain\":\"$DOMAIN\"}" \
  | jq -r '.data.workspace.id')

AUDIT=$(curl -s -X POST "$API/api/workspaces/$WS/audits" \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d "{\"type\":\"shallow\",\"targets\":[\"$DOMAIN\"]}" \
  | jq -r '.data.audit.id')

echo "Running audit $AUDIT against $DOMAIN..."

while :; do
  S=$(curl -s "$API/api/workspaces/$WS/audits/$AUDIT" \
    -H "Authorization: Bearer $KEY" | jq -r '.data.audit.status')
  [ "$S" = "completed" ] || [ "$S" = "failed" ] && break
  sleep 30
done

curl "$API/api/workspaces/$WS/audits/$AUDIT/report" \
  -H "Authorization: Bearer $KEY" | jq

Next steps

Audits API

Full audit endpoint reference.

Scheduled Audits

Run recurring audits via cron.

Webhooks via callback

Get notified when audits complete.

Error handling

Full error code reference.