Skip to main content

1. Create an API token

Go to Settings > API Access in the Strix dashboard and create a new personal token with scans:read scope.

2. List your recent pentests

curl -X GET "https://app.strix.ai/api/v1/scans?limit=5" \
  -H "Authorization: Bearer <YOUR_API_TOKEN>"
You’ll get back a JSON response with your most recent pentests: 
{
  "items": [
    {
      "id": "scan_abc123",
      "title": "Scan of example.com",
      "status": "completed",
      "scan_type": "blackbox",
      "findings": { "total": 7, "critical": 1, "high": 2, "medium": 3, "low": 1 },
      "created_at": "2026-04-07T10:00:00Z"
    }
  ],
  "meta": {
    "page": 1,
    "limit": 5,
    "total_items": 42,
    "total_pages": 9,
    "has_next": true,
    "has_prev": false
  }
}

3. Update a vulnerability status

Create a token with vulnerabilities:write scope, then mark a finding as in-progress: 
curl -X PATCH "https://app.strix.ai/api/v1/vulnerabilities/<VULNERABILITY_ID>" \
  -H "Authorization: Bearer <YOUR_API_TOKEN>" \
  -H "Content-Type: application/json" \
  -d '{"status":"in_progress","note":"Linked to remediation ticket"}'

4. Trigger a schedule

If you have pentest schedules configured, trigger one immediately: 
curl -X POST "https://app.strix.ai/api/v1/schedules/<SCHEDULE_ID>/trigger" \
  -H "Authorization: Bearer <YOUR_API_TOKEN>"

Next steps

Authentication

Learn about token types and scopes

Webhooks

Subscribe to pentest and vulnerability events