API

Authentication

All API requests require a workspace API key sent as a Bearer token.

Base URL

https://api.slatesecurity.ai

The API is served from the same application as the dashboard. Non-API paths return 404 on the API hostname.

Bearer token

Include the header on every request:

Authorization: Bearer ba_your_key_here

Create keys in Settings → API keys. Revoked keys return 401 Unauthorized.

Errors

  • 401 — missing or invalid key
  • 402 — insufficient scan credits
  • 404 — target or scan not found (or wrong org)

Error bodies use JSON: { "error": "message" }

Endpoints