API Reference
Integrate DepGraph intelligence directly into your own internal tooling using our REST API.
Authentication
All authenticated endpoints accept either a session cookie (from GitHub OAuth login) or an API key via header:
Public Endpoints
GETGET /api/package/:name/score
Returns the health score for a single npm package.
GETGET /api/report/:share_token
Returns a full scan report by its public share token.
Authenticated Endpoints
POSTPOST /api/scan
Scan a list of npm packages and return a full scored report.
POSTPOST /api/projects
Create a new saved project in your dashboard.
Error Responses
All errors follow this envelope format:
| Code | HTTP Status | Meaning |
|---|---|---|
| UNAUTHORIZED | 401 | Missing or invalid auth |
| PLAN_REQUIRED | 403 | Feature requires Pro/Team plan |
| NOT_FOUND | 404 | Resource not found |
| VALIDATION_ERROR | 400 | Invalid request body |
| RATE_LIMITED | 429 | Too many requests |