CircleCI · Authentication Profile

Circleci Authentication

Authentication

CircleCI secures its APIs with apiKey and http across 3 declared security schemes, as derived from its OpenAPI definitions.

CI/CDContinuous IntegrationContinuous DeploymentDevOpsPipelinesWorkflows
Methods: apiKey, http Schemes: 3 OAuth flows: API key in: header

Security Schemes

apiToken apiKey
· in: header (Circle-Token)
basicAuth http
scheme: basic
resourceClassToken http
scheme: bearer

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/circleci-rest-api-v1-openapi.yml, openapi/circleci-rest-api-v2-openapi.yml,
  openapi/circleci-runner-api-openapi.yml
summary:
  types:
  - apiKey
  - http
  api_key_in:
  - header
schemes:
- name: apiToken
  type: apiKey
  in: header
  parameter: Circle-Token
  description: Personal API token for authenticating with the CircleCI API. Can also be passed
    as a query parameter.
  sources:
  - openapi/circleci-rest-api-v1-openapi.yml
  - openapi/circleci-rest-api-v2-openapi.yml
  - openapi/circleci-runner-api-openapi.yml
- name: basicAuth
  type: http
  scheme: basic
  description: HTTP basic authentication using a personal API token as the username with an
    empty password.
  sources:
  - openapi/circleci-rest-api-v2-openapi.yml
- name: resourceClassToken
  type: http
  scheme: bearer
  description: Resource class token generated when creating a new resource class. This token
    is only displayed once and cannot be retrieved again.
  sources:
  - openapi/circleci-runner-api-openapi.yml