API Reference

REST API for SecurityRIP

Authentication

SecurityRIP uses HTTP-only session cookies. Log in via POST /api/v1/auth/login and the session cookie is set automatically. All subsequent requests should include credentials: 'include'.

Alternatively, pass the JWT token in the Authorization: Bearer <token> header.

Base URL

https://api.securityrip.com

Endpoints

POST

/api/v1/auth/register

POST

/api/v1/auth/login

Authenticate and receive a session cookie

POST

/api/v1/auth/logout

Invalidate session

Auth required

GET

/api/v1/auth/profile

Get current user profile

Auth required

PUT

/api/v1/auth/profile

Update name and company

Auth required

POST

/api/v1/scans

Create and start a new scan

Auth required

GET

/api/v1/scans

List your scans (limit, offset query params)

Auth required

GET

/api/v1/scans/:scanId

Get scan status and results

Auth required

GET

/api/v1/scans/stats/overview

Aggregated scan and vulnerability stats

Auth required

POST

/api/v1/stripe/subscriptions

Create a Stripe subscription

Auth required

POST

/api/v1/stripe/billing-portal

Open Stripe billing portal

Auth required

Example: Create a Scan

curl -X POST https://api.securityrip.com/api/v1/scans \
  -H "Content-Type: application/json" \
  -b "token=<your-session-token>" \
  -d '{
    "url": "https://yourapp.com",
    "scanType": "AUTOMATED"
  }'