Scantient API Documentation

Integrate Scantient into your workflow with our REST API.

Authentication

All API requests require an API key sent in the X-API-Key header. Keys use the vs_ prefix and are managed in Settings → API Keys.

curl -H "X-API-Key: vs_your_key_here" https://scantient.com/api/v1/apps

Endpoints

GET/api/v1/apps

List all monitored applications for the authenticated organization.

Example

curl -H "X-API-Key: vs_your_key_here" \
  https://scantient.com/api/v1/apps

Response

{
  "apps": [
    {
      "id": "clx123...",
      "name": "Production API",
      "url": "https://api.example.com",
      "status": "healthy",
      "criticality": "high",
      "lastCheckedAt": "2026-02-28T00:00:00Z",
      "uptimePercent": 99.97,
      "avgResponseMs": 142
    }
  ]
}

GET/api/v1/scan/:id

Retrieve the results of a specific security scan by ID.

Example

curl -H "X-API-Key: vs_your_key_here" \
  https://scantient.com/api/v1/scan/scan_abc123

Response

{
  "scan": {
    "id": "scan_abc123",
    "appId": "clx123...",
    "status": "completed",
    "startedAt": "2026-02-28T00:00:00Z",
    "completedAt": "2026-02-28T00:01:30Z",
    "findingsCount": 3,
    "criticalCount": 0,
    "highCount": 1,
    "mediumCount": 2,
    "lowCount": 0
  }
}

GET/api/v1/dashboard

Get the organization-wide security dashboard summary.

Example

curl -H "X-API-Key: vs_your_key_here" \
  https://scantient.com/api/v1/dashboard

Response

{
  "securityScore": 87,
  "totalApps": 5,
  "healthyApps": 4,
  "openFindings": 12,
  "criticalFindings": 1,
  "avgUptime": 99.94,
  "lastScanAt": "2026-02-28T00:00:00Z"
}

MCP (Model Context Protocol)

Scantient exposes an MCP-compatible endpoint at /api/mcp for AI agent integration. Send JSON-RPC 2.0 requests to query apps, findings, and trigger scans programmatically.

curl -X POST https://scantient.com/api/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'

Available tools: list_apps, get_app_status, get_findings, trigger_scan, get_security_score.

CI / CD Integration

Run automated security scans on every push or pull request. Scantient's CI endpoint returns structured JSON and uses HTTP 422 when the scan fails.

GitHub Actions Integration Guide →

Rate Limits

Free: 100 requests/hour

Pro: 1,000 requests/hour

Enterprise: 10,000 requests/hour