EDITH
Start

API + tokens

Bearer-token REST API for scans, issues, scores. Rotate keys.

8 min read4 sections

Authentication

Every request needs an Authorization header with a bearer token. Generate tokens at /settings/api-tokens.

bash
curl https://app.edith.expert/api/v1/repos \
  -H "Authorization: Bearer edith_..."

Endpoints

  • GET /api/v1/repos — list connected repos
  • POST /api/v1/repos/:id/scan — kick off a scan
  • GET /api/v1/repos/:id/scans/:scanId — scan details
  • GET /api/v1/repos/:id/issues — issues with filters
  • GET /api/v1/issues/:id — single issue
  • POST /api/v1/issues/:id/dismiss — dismiss a finding
  • GET /api/v1/compliance/:framework — framework status

Rate limits

  • Free — 60 requests / minute
  • Builder — 300 / minute
  • Pro / Agency — 1000 / minute

Excess returns 429 with a Retry-After header.

Errors

Errors use standard HTTP codes with a JSON body:

  • 400 — invalid input (zod validation error)
  • 401 — missing/invalid token
  • 403 — token lacks scope for this resource
  • 404 — not found
  • 429 — rate-limited
  • 5xx — server fault (we log + page oncall)
PreviousCustom rulesNextTeams + billing
Related
MCP server
6 min