Changelog NotificationsAPIAikido login

VS Code Plugin

Aikido integrates with VS Code and scans your codebases for dependencies, secrets, API keys & SAST code issues. It runs scans whenever you open or save a file.

Every time you make and save changes in a file, a scan runs. If any issues are detected, they are highlighted in the editor and also displayed in the Problems panel. When you hover over a detected SAST issue, additional context about the problem is provided.

Express.js server code in Visual Studio Code, showing endpoint and user authentication logic.

Installation and Authentication

This plugin is only available on paid plans.

Step 1. Head over to the Visual Studio Code Marketplace and click Install. After installation, you will be asked to add authenticate with the Aikido platform.

Step 2. Follow the authentication flow to automatically create a personal access token and enable it in Visual Studio Code

Step 3. Check out the examples in our docs on the Visual Studio Marketplace to test whether everything works well.

Manual authentication

If the automated authentication does not work you can manually create a personal access.

Step 2. In Aikido, go to the VS Code Integration Screen and create your token.

User token management interface for Visual Studio Code Extension, showing creation and expiration details.

Step 3. Check out the examples in our docs on the Visual Studio Marketplace to test whether everything works well.

Sign out

Click on the "Accounts" icon in the bottom left of the VSCode screen, select "Personal Access Token (Aikido)" and click on "Sign Out"

VS Code account menu showing personal access token management options.

Troubleshooting

Extension keeps disconnecting

This usually means your key isn’t persisting, check whether VSCode’s storage location is retained.

You can run VS Code in verbose mode code --verbose and look for log lines mentioning SecretStorage or globalState for errors and other information.

See additional details below for your OS.

  • Linux

    • Encrypted mode: Uses VSCode SecretStorage → KeyStorageLinux → OS-level library (e.g. libsecret), typically stored in the system keyring.

      • For libsecret you can use secret-tool search application code

    • Unencrypted mode: Uses globalState, stored at ~/.config/Code/User/globalStorage/state.vscdb. If keys aren’t persisting, verify this path is retained across sessions.

      • You read the database to view existing secrets: sqlite3 ~/.config/Code/User/globalStorage/state.vscdb "SELECT * FROM ItemTable;"

Last updated

Was this helpful?