REST API REFERENCE

API & Webhook Documentation

Programmatically initiate vulnerability scans and consume JSON security reports.

Authentication

Authenticate your requests by including your secret API token in the `Authorization` HTTP header as a Bearer token.

Authorization: Bearer sec_live_99a8b7c6d5e4f3a2b1
POST

/api/scans

Initiate a new synchronous or asynchronous dynamic vulnerability crawl against a specified target URL.

Request Body (JSON)

{
  "target_url": "https://staging.company.com",
  "scan_type": "Full Audit",
  "async": true
}

Response (201 Created)

{
  "id": 1042,
  "status": "scanning",
  "target_url": "https://staging.company.com",
  "created_at": "2026-06-28T09:30:00Z",
  "estimated_duration": "42s"
}
GET

/api/scans

Fetch the chronological list of past scan audits, security scores, and vulnerability count summaries for your authenticated workspace tenant.