API
Scans
Start a scan against a target id and poll for status and findings.
List scans
GET https://api.slatesecurity.ai/api/v1/scans
Authorization: Bearer ba_...
# Optional: scans for one target
GET https://api.slatesecurity.ai/api/v1/scans?targetId=uuid-of-targetReturns scans newest first. Each row includes target URL and findings count.
{
"scans": [
{
"id": "uuid",
"target_id": "uuid",
"target_url": "https://example.com",
"status": "complete",
"created_at": "2026-01-01T00:00:00.000Z",
"started_at": "2026-01-01T00:01:00.000Z",
"completed_at": "2026-01-01T00:10:00.000Z",
"failure_reason": null,
"findings_count": 4
}
]
}Start scan
POST https://api.slatesecurity.ai/api/v1/scans
Content-Type: application/json
Authorization: Bearer ba_...
{
"targetId": "uuid-of-target"
}Requires at least one scan credit. One credit is deducted when the scan job starts successfully.
Start scan responses
- 201 Created —
{ "scan": { "id", "status" } }(status begins as pending) - 402 — insufficient credits
- 404 — target not found
- 500 — failed to start scan job
Get scan
GET https://api.slatesecurity.ai/api/v1/scans/{scanId}
Authorization: Bearer ba_...Returns scan fields plus findings with IDs and remediation steps:
- Scan fields —
status,started_at,completed_at, progress findings— array ofid,severity,name,url,template_id,description,remediation_steps
For the full AI-ready fix prompt and scanner evidence, use GET /api/v1/findings/:id.
Example
# Start
curl -sS -X POST https://api.slatesecurity.ai/api/v1/scans \
-H "Authorization: Bearer $SLATE_API_KEY" \
-H "Content-Type: application/json" \
-d '{"targetId":"YOUR_TARGET_ID"}'
# Poll
curl -sS https://api.slatesecurity.ai/api/v1/scans/SCAN_ID \
-H "Authorization: Bearer $SLATE_API_KEY"