Overview

The ProjectDiscovery API v1 is organized around REST. Our API has resource-oriented URLs, accepts and returns JSON in most cases, and the API uses standard HTTP response codes, authentication, and verbs. Our API also conforms to the OpenAPI Specification. This API documentation will walk you through each of the available resources, and provides code examples for cURL, Python, JavaScript, PHP, Go and Java. Each endpoint includes the required authorization information and parameters, and provides examples of the response you should expect.

Authentication

The ProjectDiscovery API uses API keys to authenticate requests. You can view and manage your API key on ProjectDiscovery Dashboard or in left navbar Settings > API Key. Authentication with the API is performed using a custom request header - X-Api-Key - which should simply be the value of your API key found with your ProjectDiscovery account. You must make all API calls over HTTPS. Calls made over plain HTTP will fail, as will requests without authentication or without all required parameters.

Resources

Below (and in the menu on the left) you can find the various resources available to the ProjectDiscovery API.

Templates

Access public and private templates, AI template generation, and template sharing.

Scans

Manage scans, scan schedules, import/export, and scan configurations.

Vulnerabilities

View and manage vulnerabilities, changelogs, and retest results.

Leaks

Monitor domain leaks, email leaks, and customer leak data.

Users & Authentication

Manage API keys, user tunnels, team members, and workspace settings.

Asset Discovery

Perform asset enumeration, manage asset groups, and track discovery history.

Configurations

Configure scan settings, severity mappings, and template exclusions.

Export & Logs

Export scan results, download logs, and access audit information.

Utilities

Full-text search, filters, and additional utility functions.