API documentation

Authentication

Get a key at /account → API keys (Pro plan required). Send it as the X-API-Key header on every request.

X-API-Key: pg_live_abc12345...

Rate limits

POST /api/v1/scansingle URL

curl -X POST https://tryphishguard.com/api/v1/scan \
  -H "X-API-Key: pg_live_..." \
  -H "Content-Type: application/json" \
  -d '{"url": "https://suspicious-site.example"}'

Response (truncated):

{
  "id": "abc123",
  "permalink": "https://tryphishguard.com/scan/abc123",
  "plan": "pro",
  "used_today": 42,
  "limit": 1000,
  "result": {
    "url": "https://...",
    "domain": "suspicious-site.example",
    "verdict": "suspicious",
    "confidence": 70,
    "ai_reasoning": "Domain mentions PayPal branding...",
    "ai_red_flags": ["Password form on lookalike domain"],
    "screenshot_url": "https://...",
    "findings": [
      { "source": "safebrowsing", "signal": "clean", "detail": "..." },
      { "source": "ai-analysis", "signal": "suspicious", "detail": "..." }
    ]
  }
}

POST /api/v1/scan-emailextract from raw email

Paste a raw email body (text or HTML) and we’ll extract every URL, dedupe by domain, and scan up to 25 per request. Returns per-URL results plus an overall verdict (worst case wins).

curl -X POST https://tryphishguard.com/api/v1/scan-email \
  -H "X-API-Key: pg_live_..." \
  -H "Content-Type: application/json" \
  -d '{"email_text": "<full email body>"}'

# OR if you already have URLs extracted:
curl ... -d '{"urls": ["https://...", "..."]}'

Response:

{
  "urls_found": 4,
  "overall_verdict": "phishing",
  "summary": { "phishing": 1, "suspicious": 2, "clean": 1 },
  "results": [ /* array of ScanResult objects */ ]
}

OpenAPI / Swagger

Full OpenAPI 3.1 spec at /api/v1/openapi.json.

Import into Postman / Insomnia / Bruno for an interactive playground, or run it through openapi-generator-cli to scaffold a typed client in any language.

CORS

Both endpoints accept OPTIONS preflight and allow any origin. Safe to call from a browser, a Chrome extension, or a server-side script.