Access tokens are provisioned on a per-user basis and provide authorization to resources based on the user’s role.
Multiple access tokens can be provisioned per user, and it is possible to revoke access to a token whenever needed by the deleting that token.
Bugcrowd enforces API rate limits to 60 requests / minute / IP Address.
To provision an access credentials, log in to Bugcrowd and browse to the
API Credentials page by clicking on your profile picture and selecting
API Credentials from the drop-down menu.
Enter a descriptive name for the credentials, usually the name of the application you will be creating to access the API, then click
Create API Credentials.
A section with your
token auth credentials will be displayed. Please record these credentials before leaving the page, they are only displayed upon creation and won’t be viewable after the page is refreshed.
The authorization tokens used in this reference are example tokens only, you will need to generate your own tokens for use with the API.
To access the API using token authentication, use the provided Authorization request header:
curl --include \ --header "Accept: application/vnd.bugcrowd+json" \ --header "Authorization: Token gvnzkgmklo:gPYS2SMN3zJ_k-QAEvyMAcr_PqsGlA-vJ2voA7ysZ635GlT_VZdr2Sg3_YCctkM3SwnBtDCn" \ 'https://api.bugcrowd.com/bounties'