Authentication
Access tokens are provisioned on a per-user basis and provide authorization to resources based on the user’s role.
Multiple access tokens can be provisioned per user, and it is possible to revoke access to a token whenever needed by the deleting that token.
Bugcrowd enforces API rate limits to 60 requests / minute / IP Address.
Provisioning Credentials
To provision an access credentials, log in to Bugcrowd and browse to the API Credentials page by clicking on your profile picture and selecting API Credentials from the drop-down menu.
Enter a descriptive name for the credentials, usually the name of the application you will be creating to access the API, then click Create API Credentials.
A section with your token auth credentials will be displayed. Please record these credentials before leaving the page, they are only displayed upon creation and won’t be viewable after the page is refreshed.
The authorization tokens used in this reference are example tokens only, you will need to generate your own tokens for use with the API.
Token Authentication
To access the API using token authentication, use the provided Authorization request header:
curl --include \
--header "Accept: application/vnd.bugcrowd+json" \
--header "Authorization: Token gvnzkgmklo:gPYS2SMN3zJ_k-QAEvyMAcr_PqsGlA-vJ2voA7ysZ635GlT_VZdr2Sg3_YCctkM3SwnBtDCn" \
'https://api.bugcrowd.com/bounties'
