API Reference
seeshare provides a RESTful API on the Professional tier and above for programmatic access to your security data. This article covers authentication, available endpoints for domains, scans, findings, and reporting, common query parameters, pagination, response formats, rate limiting, and example requests.
API Reference
seeshare provides a RESTful API for programmatic access to your security data. The API is available on the Professional tier and above.
Authentication
All API requests require a Supabase JWT token passed in the Authorization header as a Bearer token.
Base URL
All endpoints are relative to https://app.seeshare.io/api.
Endpoints
Domains: GET /api/domains lists all domains, POST /api/domains adds a new domain, GET /api/domains/{id} retrieves domain details, and DELETE /api/domains/{id} deletes a domain.
Scans: GET /api/scans lists scans (filterable by domain), POST /api/scans triggers a new scan, GET /api/scans/{id} retrieves scan details and status, and GET /api/scans/{id}/report?download=true downloads a scan report as PDF.
Findings: GET /api/findings lists all findings (filterable) and GET /api/findings/{id} retrieves a specific finding's details.
Issues: GET /api/issues lists all issues across domains and GET /api/issues/{id} retrieves issue details.
Reporting: GET /api/reporting/scans returns a scan summary export in CSV or JSON, GET /api/reporting/findings returns a detailed findings export in CSV or JSON, and GET /api/reporting/trends returns time-series analytics in JSON.
Query Parameters
Common filters include domain_id (filter by domain), severity (critical, high, medium, low, or info), status (open, confirmed, false_positive, fixed, or accepted_risk), from and to (ISO date range), and format (json by default, or csv). Pagination is controlled with page (default 1) and limit (default 20, max 100).
Response Format
Successful responses return a data array alongside a pagination object containing page, limit, total, and totalPages. Error responses return an error description and an HTTP status code.
Rate Limiting
API requests are rate-limited per account. If you exceed the limit you'll receive a 429 Too Many Requests response. Retry using exponential backoff.
Examples
To list critical open findings, send a GET request to /api/findings?severity=critical&status=open with your Authorization header. To trigger a scan, send a POST request to /api/scans with a JSON body containing your domain_id. To export high and critical findings as a CSV file, send a GET request to /api/reporting/findings?format=csv&severity=critical,high and write the output to a file.
Webhooks (Coming Soon)
Webhook support for real-time event notifications is planned. You'll be able to receive callbacks for scan completed, critical vulnerability found, and issue status changed events.