API
Authentication
All API requests require a workspace API key sent as a Bearer token.
Base URL
https://api.slatesecurity.aiThe API is served from the same application as the dashboard. Non-API paths return 404 on the API hostname.
Bearer token
Include the header on every request:
Authorization: Bearer ba_your_key_hereCreate keys in Settings → API keys. Revoked keys return 401 Unauthorized.
Errors
- 401 — missing or invalid key
- 402 — insufficient scan credits
- 404 — target or scan not found (or wrong org)
Error bodies use JSON: { "error": "message" }