API Authentication

🔧 API5 min readUpdated May 2026

API Key Authentication

The simplest way to authenticate. Generate an API key from your dashboard and include it in the Authorization header:

Authorization: Bearer gl_live_abc123...

OAuth 2.0

For integrations that act on behalf of users, use the OAuth 2.0 authorization code flow:

1. Redirect user to https://auth.lockthegrid.com/authorize
2. User grants permissions
3. Exchange authorization code for access token
4. Use access token in API requests

Scoped Permissions

• agents:read — View agent status and configuration
• agents:write — Modify agent settings
• scans:read — View scan results
• scans:write — Trigger scans
• reports:read — View and download reports
• compliance:read — View compliance status
• billing:read — View billing information