GuardAPI Logo
GuardAPI
GuardAPI Logo GuardAPI
System Status
Operational
API Reference v3.0

Developer Docs

Integrate Guard-Engine into your CI/CD. Zero-friction API security scanning.

2
Free Scans/Day
~15s
Avg. Scan Time
OWASP
Top 10 Coverage
PDF
Report Export

Discovery Engine

Zero-config API detection

Guard-Engine v3.0 automatically discovers your OpenAPI/Swagger specification. Just provide the base URL — we find the spec at common paths like /openapi.json, /swagger.json, /api-docs.

Works
https://api.yourcompany.com
Also Works
https://api.yourcompany.com/openapi.json

Free Tier

No login required

Daily Quota 2 scans / 24h

Each IP address gets 2 free comprehensive scans per day. The quota resets every 24 hours. To unlock full vulnerability details and fix code, purchase a report for $19.

Authentication

Session-based for guests

GuardAPI uses temporary session tokens for guest users. The web interface handles this automatically. For programmatic access, obtain a session first.

GET SESSION POST 
curl -X POST https://api.guard-api.com/auth/guest
RESPONSE
{"token": "guard_sess_abc123...", "quota": {"limit": 2, "used": 0, "remaining": 2}}

Use the token in subsequent requests via the X-GUARD-TOKEN header.

POST /audit

Start a security scan

REQUEST POST 
curl -X POST https://api.guard-api.com/audit \
  -H "Content-Type: application/json" \
  -H "X-GUARD-TOKEN: guard_sess_abc123..." \
  -d '{"target_url": "https://api.yourservice.com", "agreed_to_terms": true}'
RESPONSE 201 
{"id": "audit_7f3a9c2b...", "status": "processing"}

GET /audit/:id

Retrieve scan results

Retrieve results in real-time via Zero-Latency SSE Streaming.

REAL-TIME STREAM (SSE) GET 
curl https://api.guard-api.com/audit/:id?stream=true \
  -H "X-GUARD-TOKEN: guard_sess_abc123..."
Pro 2026 Optimization: The SSE stream yields progress and status_message events in real-time. The final report is delivered via a result event the instant it's available.

POST /checkout

Unlock full report ($19)

One-time payment to unlock a specific audit report and get 5 extra credits.

CI/CD Pro

Automated Security Gate ($49/mo)

1 GitHub Action Integration

The fastest way to use GuardAPI in your CI/CD is our official GitHub Action. It automatically blocks deployments if your API security grade falls below your threshold.

.github/workflows/security.yml
- uses: KevinFalck/guardapi-action@v1
  with:
    api-key: ${ secrets.GUARD_API_KEY }
    openapi-path: ./openapi.json
    min-grade: B

2 POST /ci/scan

Directly scan your OpenAPI spec via API Key.

X-API-KEY required POST 
curl -X POST https://api.guard-api.com/ci/scan \
  -H "X-API-KEY: guard_ci_..." \
  -d '{"openapi_spec": "...", "min_grade": "B"}'

Get your API Key

API Keys are delivered via email immediately after subscribing to CI/CD Pro.

Upgrade to CI/CD Pro →