GuidesMarketplaceAPI ReferenceAtlas API Reference
Guides
Switch to SecurityScorecard
Start typing to search…

Get a new score, add a company to a portfolio

Because the best way to learn is doing, we compiled a few samples that show how to use our APIs for different example use cases.
Each of these comes from a public repository you're welcome to clone and play with.

In the following example we identify the default private portfolio, and then we add a company to that portfolio.

import os
import requests
import sys

token = os.getenv('SSC_API_TOKEN')
api_url = os.getenv('API_URL', 'https://api.securityscorecard.io')

headers = {
    'Accept': 'application/json; charset=utf-8',
    'Content-Type': 'application/json',
    'Authorization': 'Token ' + token,
    'cache-control': 'no-cache',
    }

# get portfolios
url = api_url + '/portfolios'
response = requests.get(api_url + '/portfolios', headers=headers)
response.raise_for_status()

portfolios = response.json()['entries']
my_portfolio = [
    item for item in portfolios
    # My Portfolio is read_only and private
    if 'readOnly' in item and item['readOnly'] == True and item['privacy'] == 'private'
][0]

# add google.com to the portfolio
url = api_url + '/portfolios/' + my_portfolio['id'] + '/companies/google.com'
response = requests.put(url, headers=headers)
response.raise_for_status()

# get scorecards in My Portfolio
url = api_url + '/portfolios/' + my_portfolio['id'] + '/companies'
response = requests.get(url, headers=headers)
response.raise_for_status()

scorecards = response.json()['entries']

# check google.com is in the portfolio
scorecard = [
    item for item in scorecards
    if item['domain'] == 'google.com'
]
assert len(scorecard) == 1, 'scorecard not found in the portfolio'

print ('google.com score is ' + str(scorecard[0]['score']))
const axios = require('axios');

const token = process.env.SSC_API_TOKEN;
const apiUrl = process.env.API_URL || 'https://api.securityscorecard.io';

const headers = {
    'Accept': 'application/json; charset=utf-8',
    'Content-Type': 'application/json',
    'Authorization': 'Token ' + token,
    'cache-control': 'no-cache',
};

(async() => {
    try {
        // Get portfolios
        let response = await axios.get(`${apiUrl}/portfolios`, { headers });
        const portfolios = response.data.entries;
        const myPortfolio = portfolios.find(
            (item) => item.readOnly === true && item.privacy === 'private'
        );

        if (!myPortfolio) {
            throw new Error('My portfolio not found');
        }
        // Add google.com to the portfolio
        response = await axios({
            method: 'put',
            url: `${apiUrl}/portfolios/${myPortfolio.id}/companies/google.com`,
            headers
            },
        );

        // Get scorecards in My Portfolio
        response = await axios.get(
            `${apiUrl}/portfolios/${myPortfolio.id}/companies`,
            { headers }
        );
        const scorecards = response.data.entries;

        // Check google.com is in the portfolio
        const scorecard = scorecards.find((item) => item.domain === 'google.com');

        if (!scorecard) {
            throw new Error('scorecard not found in the portfolio');
        }

        console.log(`google.com score is ${scorecard.score}`);
    } catch (error) {
        console.error('Error:', error);
        process.exit(1);
    }
})();

At the end of the example we assert that the company was truly added to the default private portfolio, and print the score.

Updated 29 days ago

Did this page help you?