Skip to content
DOCS
User Guide API Guide

GitGuardian

GitGuardian is a cybersecurity platform dedicated to safeguarding sensitive information within source code repositories. It specializes in identifying and protecting against potential data leaks, ensuring that organizations maintain the confidentiality of their critical data.

Below you can find the Aembit configuration required to work with the GitGuardian service as a Server Workload using the GitGuardian API.

Prerequisites

Section titled “Prerequisites”

Before proceeding with the configuration, you will need to have a GitGuardian tenant (or sign up for one).

Server Workload Configuration

Section titled “Server Workload Configuration”
  1. Create a new Server Workload.
  • Name - Choose a user-friendly name.
  1. Configure the service endpoint:
  • Host - api.gitguardian.com
  • Application Protocol - HTTP
  • Port - 443 with TLS
  • Forward to Port - 443 with TLS
  • Authentication method - API Key
  • Authentication scheme - Header
  • Header - Authorization

Credential Provider Configuration

Section titled “Credential Provider Configuration”

  1. Navigate to the GitGuardian Dashboard and sign in with your account.

  2. On the left navigation pane, choose API and then go to Personal access tokens in the second left pane to access details.

  3. Click on Create Token in the top right corner.

  4. Provide a name, choose an expiration time, select scopes based on your preferences, and then click Create token at the bottom of the modal.

Create GitGuardian API Personal Access token

  1. Make sure to copy your new personal access token at this stage, as it will not be visible again. For more information on authentication, please refer to the official GitGuardian API documentation.

  2. Create a new Credential Provider.

  • Name - Choose a user-friendly name.
  • Credential Type - API Key
  • API Key - Provide the key copied from GitGuardian and use the format Token api-key, replacing api-key with your API key.

Client Workload Configuration

Section titled “Client Workload Configuration”

Aembit now handles the credentials required to access the Server Workload, eliminating the need for you to manage them directly. You can safely remove any previously used credentials from the Client Workload.

If you access the Server Workload through an SDK or library, it is possible that the SDK/library may still require credentials to be present for initialization purposes. In this scenario, you can provide placeholder credentials. Aembit will overwrite these placeholder credentials with the appropriate ones during the access process.

Access Policy

Section titled “Access Policy”
  • Create an access policy for a Client Workload to access the GitGuardian Server Workload and assign the newly created Credential Provider to it.

Required Features

Section titled “Required Features”
  • You will need to configure the TLS Decrypt feature to work with the GitGuardian Server Workload.