Skip to main content

Overview

Legit’s API v1.0 is now available It allows issue query across multiple filters.

Authentication

The API is authenticated using a personal token (JWT). To generate a unique token, do the following:
  • Log in to Legit -> Settings -> API
  • Select either Read or Read & Write
  • Click Generate Token and copy the value
  • Add the HTTP Authorization Header with the following format:
Authorization: Bearer <token-value>
An example of a request that fetches all issues 
curl --request GET \
     --url https://{tenant}.legitsecurity.co/api/v1.0/issues \
     --header 'Authorization: Bearer <Token Value>'
The response show a list of issues in JSON format. See the specific API calls bellow to see examples The generated token will be subject to your user permissions and his workspaces.

Sending Requests for a Specific Workspace

If you need to target a specific workspace for an API request, you can include the X-Legit-WorkspaceId header in your API call. The header should contain the workspace ID you wish to query. For example: 
X-Legit-WorkspaceId: <workspace-id>
If the token you are using has permission to access the specified workspace, the API call will be subject to the requested workspace ID. If you do not have the necessary permissions for the specified workspace, you will receive an error. Here is an example of sending a request for a specific workspace: 
curl --request GET \
     --url https://{tenant}.legitsecurity.co/api/v1.0/issues \
     --header 'Authorization: Bearer <Token Value>'
     --header 'X-Legit-WorkspaceId: <workspace-id>'
Make sure that the workspace ID you provide corresponds to a workspace for which the requesting user and token has valid access permissions