Skip to main content

Documentation Index

Fetch the complete documentation index at: https://apyguard.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Credentials store the access details ApyGuard needs for authenticated testing. They can represent user identities, service identities, API keys, or OAuth client applications.

Password credentials

Use username and password combinations for login-based authentication flows.

API key credentials

Store API keys or related identifiers used for static token authentication.

OIDC credentials

Save client ID, client secret, and scopes for OpenID Connect flows.

OAuth2 credentials

Create password grant or client credentials grant records for OAuth2 authentication.

What to include

  • Role name
  • Description
  • Environment-appropriate secrets
  • Scope values when needed
  • Whether the credential should be used for authenticated testing
    Screenshot 2026 05 12 At 11 23 16
    Screenshot 2026 05 12 At 11 23 23

Best practices

  • Use descriptive roles like Admin, Support, or Integration Bot
  • Keep descriptions clear so scan results are easy to interpret
  • Separate credentials by environment
  • Review and rotate credentials after security changes