Skip to main content

Documentation Index

Fetch the complete documentation index at: https://apyguard.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

What ApyGuard does

ApyGuard helps teams understand, test, and improve the security of their APIs from one platform. Instead of relying on manual checks alone, security and engineering teams can use ApyGuard to organize API assets, configure authentication, run scans, and review prioritized findings with clear remediation context.

Asset discovery

Organize API assets, collections, and environments in one place so teams can manage API security coverage with clarity.

Authentication-aware testing

Configure token, login-based, OIDC, and OAuth2 authentication so protected endpoints can be tested correctly.

Security scanning

Run API security scans to identify vulnerabilities, exposure risks, and weak API protections.

Authorization analysis

Evaluate role-based access patterns and detect authorization weaknesses across endpoints and user roles.

Sensitive data detection

Detect exposed sensitive data and response patterns that may create privacy or compliance risk.

Risk visibility

Review findings, risk scores, and remediation context so teams can prioritize the issues that matter most.

How it works

ApyGuard supports a practical API security workflow:
  1. Create an asset to represent the API environment you want to monitor.
  2. Import an API collection or specification so ApyGuard can understand the available endpoints.
  3. Configure authentication using the method that matches your API.
  4. Choose scan settings such as endpoints, security options, and testing scope.
  5. Run scans against the API surface you want to validate.
  6. Review findings including vulnerabilities, authorization issues, and sensitive data risks.
  7. Improve posture by fixing issues and repeating scans as your API evolves.

Who ApyGuard is for

  • Security teams that want continuous visibility into API risk
  • Developers who need actionable feedback during validation and release workflows
  • Platform and engineering teams responsible for API governance
  • Organizations managing multiple APIs across different environments

Next steps

Quick Start

Create your first asset, configure authentication, and prepare your first scan.

Authentication Setup

Learn how to configure token, login URL, OIDC, and OAuth2 authentication.