Skip to main content

Authentication

All API requests require authentication using an API key.

Getting an API Key

Visit wtfisthiscve.com/auth/github
Sign in with your GitHub account
Your API key will be displayed on the dashboard

Using Your API Key

Include your API key in the X-API-Key header:

curl -H "X-API-Key: your-api-key" \
  https://wtfisthiscve.com/api/cve/CVE-2021-44228

Rate Limits

100 requests per minute per API key
Rate limit headers are included in responses:
- X-RateLimit-Limit: Maximum requests per window
- X-RateLimit-Remaining: Remaining requests in current window
- X-RateLimit-Reset: Unix timestamp when the window resets

Security

Keep your API key secret
Do not commit API keys to version control
Use environment variables to store your key:

export WTF_API_KEY="your-api-key"

If your API key is compromised, sign in again to generate a new one.

Getting an API Key
Using Your API Key
Rate Limits
Security