Authentication
SecureHive’s API uses bearer token authentication. Tokens are scoped to specific permissions and can be rotated without disrupting other integrations.
Creating Tokens
- Navigate to Settings → API → Tokens
- Click Create Token
- Name the token (e.g., “Jira Integration”)
- Select permission scopes
- Set an expiration (optional but recommended)
- Copy the token — it won’t be shown again
Token Scopes
| Scope | Access |
|---|---|
risks:read | Read risk register data |
risks:write | Create and update risks |
controls:read | Read controls and evidence |
controls:write | Update controls and upload evidence |
vendors:read | Read vendor data and assessments |
vendors:write | Manage vendors and assessments |
policies:read | Read published policies |
audit:read | Read audit findings and reports |
webhooks:manage | Create and manage webhook subscriptions |
Token Rotation
Rotate tokens under Settings → API → Tokens by clicking Rotate next to the token. The old token remains valid for 24 hours to allow migration.
Last updated on