REST API REFERENCE
API & Webhook Documentation
Programmatically initiate vulnerability scans and consume JSON security reports.
Authentication
Authenticate your requests by including your secret API token in the `Authorization` HTTP header as a Bearer token.
Authorization: Bearer sec_live_99a8b7c6d5e4f3a2b1
POST
/api/scans
Initiate a new synchronous or asynchronous dynamic vulnerability crawl against a specified target URL.
Request Body (JSON)
{
"target_url": "https://staging.company.com",
"scan_type": "Full Audit",
"async": true
}Response (201 Created)
{
"id": 1042,
"status": "scanning",
"target_url": "https://staging.company.com",
"created_at": "2026-06-28T09:30:00Z",
"estimated_duration": "42s"
}GET
/api/scans
Fetch the chronological list of past scan audits, security scores, and vulnerability count summaries for your authenticated workspace tenant.