Skip to content

Codacy API Tokens

Codacy API Tokens allow you to authenticate when using the Codacy API. You must generate a Codacy API Token and include it in the headers of your API calls as described on the Codacy API documentation.


Never write API tokens on your configuration files and keep your API tokens well protected, as they grant owner permissions to your projects.

We recommend that you set API tokens as environment variables. Check the documentation of your CI/CD platform on how to do this.

To generate a Codacy API Token, open your account, tab Access management, and click the button Create API token.

Creating an API token

To revoke access to the Codacy API, you must remove the corresponding Codacy API Token from the list. After this, all applications or services using that token to access the Codacy API will fail to authenticate and will receive the following error reply:

{"error":"not found"}


You can create multiple Codacy API Tokens. This can be useful to have a more flexible control by revoking only a specific token.

See also

To send coverage results for your repository or to limit the API access to a repository, use a project API Token.

Share your feedback 📢

Did this page help you?

Thanks for the feedback! Is there anything else you'd like to tell us about this page?

We're sorry to hear that. Please let us know what we can improve:

Alternatively, you can create a more detailed issue on our GitHub repository.

Thanks for helping improve the Codacy documentation.

If you have a question or need help please contact

Last modified February 27, 2021