API Access
Full programmatic access to the LastHash security platform. Integrate website security scanning, reporting, and monitoring into your applications.
API Capabilities
Complete security platform access via RESTful API
Scan API
Trigger scans, retrieve results, and manage scan schedules programmatically.
Report API
Access detailed security reports, vulnerability data, and historical scan results.
Monitoring API
Configure monitoring, retrieve alerts, and track security score changes.
Website Management
Create, update, and manage websites in your account programmatically.
Webhook Integration
Configure webhooks for real-time event notifications and automated workflows.
CI/CD Integration
Integrate security scanning into your deployment pipelines and workflows.
Example API Requests
Simple, intuitive API endpoints
Trigger a Security Scan
POST https://api.lasthash.com/v1/scans
Headers:
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
Body:
{
"website_id": "ws_1234567890",
"scan_type": "full",
"priority": "high"
}Retrieve Scan Report
GET https://api.lasthash.com/v1/scans/{scan_id}
Headers:
Authorization: Bearer YOUR_API_KEY
Response:
{
"id": "scan_xyz123",
"status": "done",
"security_score": 85,
"vulnerabilities": {
"critical": 0,
"high": 2,
"medium": 5,
"low": 8
},
"scan_duration": 42,
"completed_at": "2024-03-10T14:32:15Z",
"report_url": "https://app.lasthash.com/reports/scan_xyz123"
}Get Vulnerability Details
GET https://api.lasthash.com/v1/scans/{scan_id}/vulnerabilities
Headers:
Authorization: Bearer YOUR_API_KEY
Response:
{
"vulnerabilities": [
{
"id": "vuln_abc123",
"type": "vulnerability",
"severity": "high",
"title": "Outdated WordPress Core",
"description": "WordPress 5.8.0 has SQL injection vulnerability",
"cve": "CVE-2023-xxxxx",
"remediation": "Update to WordPress 6.4.2",
"detected_at": "2024-03-10T14:30:00Z"
}
]
}Configure Webhook
POST https://api.lasthash.com/v1/webhooks
Headers:
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
Body:
{
"url": "https://your-app.com/webhooks/security",
"events": [
"scan.completed",
"threat.detected",
"score.degraded"
],
"secret": "your_webhook_secret"
}API Use Cases
Integrate security into your workflows
CI/CD Pipeline Integration
Automatically scan websites after deployment to ensure no security regressions.
Automated Reporting
Generate and distribute security reports to stakeholders on a schedule.
Custom Dashboards
Build custom security dashboards pulling data from LastHash API for multiple websites.
Ticketing Integration
Automatically create tickets in Jira, Linear, or GitHub Issues when vulnerabilities are detected.
Multi-tenant Security Platform
Build white-label security solutions on top of LastHash API for your customers.
Compliance Automation
Automate security compliance checks and generate audit-ready documentation.
Developer Experience
Built for developers, by developers
Comprehensive Docs
Complete API documentation with examples, SDKs, and interactive playground.
Secure Authentication
API key authentication with rate limiting and IP restrictions for security.
Fast & Reliable
99.9% uptime SLA with global CDN and low-latency API responses.
Client Libraries
Official SDKs for PHP, Python, Node.js, Ruby, and more coming soon.
Versioned API
Stable API versions with backward compatibility and deprecation notices.
Webhook Support
Real-time event notifications with automatic retries and webhook verification.
API Rate Limits
Fair usage limits based on your plan
| Plan | Rate Limit | Concurrent Scans |
|---|---|---|
| Starter | No API Access | - |
| Pro | 100 requests/minute | 5 scans |
| Business | 500 requests/minute | 20 scans |
Need higher limits? Contact us for Enterprise pricing.
Start Building with LastHash API
Get your API key and integrate security into your applications