Welcome to the SecurityScorecard API! This reference provides all the information you need to interact with our platform programmatically and integrate SecurityScorecard data and functionalities into your own applications and workflows. Use this reference to call all the endpoints that are available with SecurityScorecard.
To learn more about the functionality that these endpoints provide, see our Help Center.
NOTE: Do not call endpoints that are not documented in this reference. They are not designed or supported for public use. SecurityScorecard may stop requests to undocumented endpoints to prevent performance problems that these requests may cause. Contact Support with any questions.
Getting Started & Core Concepts
To begin using the API, we recommend exploring the following resources:
- Quickstart (5 mins): Your first stop to get your API key and make your initial API call in under five minutes. This guide walks you through token generation and testing your connection.
- Core Resources: Understand the fundamental resources exposed in our API, such as Portfolios, Scorecards, Reports, and Alerts. Learn how these elements interact and how to navigate them effectively to access the data you need.
API Specifications
Before diving deeper into specific endpoints, familiarize yourself with the following essential API specifications that govern how you interact with our services:
- Errors: Learn about the different types of HTTP errors you might encounter (content, network, server errors) and how to properly handle them in your integration.
- Pagination: Understand how to navigate large datasets returned by our API using pagination, ensuring you can efficiently retrieve all necessary information.
- Rate Limits: Review our API rate limits to ensure your application operates smoothly and avoids service disruptions. This section covers our limits and best practices for efficient API usage.
- HTTP API Requirements: Details the necessary HTTP standards for interacting with our API, including HTTPS requirements, supported TLS versions, and the primary JSON data format.
- Backwards Compatibility: Our policy on API versioning, what constitutes a breaking change, and how we manage API evolution to ensure stable integrations while allowing for improvements.