Authentication

The TestSavant Guard API requires an API key on every request. This is defined in the OpenAPI spec as a required header parameter named X-API-Key for all documented endpoints (e.g., /scanners, /guard/prompt-input, /guard/prompt-output).

Send your API key

Include your key using the X-API-Key header:

X-API-Key: YOUR_API_KEY

Examples

cURL

curl -s https://api.testsavant.ai/scanners \
  -H "X-API-Key: $YOUR_API_KEY"

Python

import requests

resp = requests.get(
    'https://api.testsavant.ai/scanners',
    headers={'X-API-Key': 'YOUR_API_KEY'}
)
print(resp.status_code)

JavaScript

const res = await fetch('https://api.testsavant.ai/scanners', {
  headers: { 'X-API-Key': 'YOUR_API_KEY' }
});
console.log(res.status);

Notes from the OpenAPI spec

• The spec (v1.1.8) declares a header parameter X-API-Key as required for each endpoint.
• No separate login/auth endpoints are defined in the spec; you provision API keys in the dashboard and send them with requests.
• If the X-API-Key is missing or invalid, the server may reject the request. The spec documents 422 Validation errors; other auth errors may be returned by the service but are not explicitly enumerated in the spec.