> ## Documentation Index
> Fetch the complete documentation index at: https://docs.apyguard.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Quick Start

> Create your first asset, import an API collection, configure authentication, and run your first API security scan with ApyGuard.

## Overview

This guide covers the fastest path to getting value from ApyGuard.

## Step 1: Create an asset

Create an asset for the API environment you want to assess.

Typical asset details include:

* Asset name
* Environment
* Description
* API specification source

Continue with: [Create Your First Asset](/get-started/create-your-first-asset)

## Step 2: Import your API collection

Import an OpenAPI, Swagger, or Postman collection so ApyGuard can map your endpoints and request structure.

Continue with: [Import an API Collection](/get-started/import-collection)

## Step 3: Configure authentication

Choose the authentication flow that matches your API:

* Predefined Token
* Login URL
* OIDC
* OAuth2 Password
* OAuth2 Client Credentials

Continue with: [Authentication Setup](/authentication/overview)

## Step 4: Choose scan settings

Select the scope and behavior of the scan, including:

* Authenticated or unauthenticated testing
* Sensitive data detection
* Endpoint selection
* Security options

## Step 5: Run your first scan

Start the scan and monitor progress from the product dashboard.

Continue with: [Security Scanning](/get-started/security-scanning)

## Step 6: Review results

After the scan completes, review:

* Vulnerabilities
* Risk scores
* Sensitive data findings
* Authorization issues
* Supporting remediation context

Continue with: [Scheduled Scan Tasks](/core-workflows/scheduled-scan-tasks)

## Next steps

<CardGroup cols={2}>
  <Card title="Authentication Setup" icon="key" href="/authentication/overview">
    Learn how to configure access for protected endpoints.
  </Card>

  <Card title="Security Scanning" icon="play" href="/get-started/security-scanning">
    Configure and run a real API security scan.
  </Card>
</CardGroup>
