Authentication
All API requests require a Bearer token in the Authorization header. Generate API keys from your Account page.
Authorization: Bearer ags_your_api_key_here
API keys start with ags_. Keep them secret — they grant full scan access to your account.
Rate Limits
Premium plan: 100 requests per day. The limit resets at midnight UTC. When exceeded, the API returns 429 Too Many Requests.
POST /api/v1/scan
Submit a URL for scanning. The API runs the full audit synchronously and returns results when complete (typically 30-90 seconds).
Request
curl -X POST https://adgatescore.com/api/v1/scan \
-H "Authorization: Bearer ags_your_key" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'Response (200 OK)
{
"scanId": "abc123",
"url": "https://example.com",
"score": 72,
"grade": "C",
"label": "Needs work",
"modules": {
"performance": { "score": 85, "grade": "B" },
"content": { "score": 60, "grade": "D" },
"policy": { "score": 90, "grade": "A" },
"architecture": { "score": 55, "grade": "F" },
"traffic": { "score": 70, "grade": "C" }
},
"pagesCrawled": 15,
"scannedAt": "2026-05-22T10:30:00.000Z",
"fixCount": 7
}Error Responses
400Missing or invalid URL
401Invalid or missing API key
403Premium plan required
422Scan failed (site unreachable, blocked, etc.)
429Daily rate limit exceeded
504Scan timed out
GET /api/badge/{domain}
Returns an SVG badge with the latest scan score for a domain. No authentication required. Cached for 1 hour.
<img src="https://adgatescore.com/api/badge/example.com" alt="AdGateScore" />