API Reference

ShieldLabs exposes endpoints on two hosts. See Endpoints & URLs.

Pub API — `account.shieldlabs.ai` (no JWT)

Use your public_key and secret_key in the URL path to query session data from your server:

Endpoint	Description
`GET /pub/{public_key}/{secret_key}/debug/{search_type}/{value}`	Debug snapshots — last 1–20 sessions
`GET /pub/{public_key}/{secret_key}/history/{search_type}/{value}`	Full history with pagination
`GET /pub/{public_key}/{secret_key}/request/{request_id}`	Single session by RequestID

Dashboard API — `account.shieldlabs.ai/api` (JWT required)

Used by the ShieldLabs dashboard. Available for programmatic access. Base URL: https://account.shieldlabs.ai/api Authentication: Authorization: Bearer <token> Get a token via POST /api/auth/login → { "token": "..." }.

Core Management API — `api.shieldlabs.ai` (legacy)

Authenticated with {domain}:{secret} in the path:

Endpoint	Description
`POST /{domain}:{secret}/callback`	Register webhook URL
`GET /{domain}:{secret}/profile`	Domain profile
`GET /{domain}:{secret}/history/{type}/{value}`	Session history

Overview

Authentication, base URLs, and conventions

Data Models

Site, Snapshot, Score, Pattern, and other schemas

Debug Snapshots

Query recent sessions by identifier

Session History

Paginated history for any identifier

Score Query

Get score for a specific session

Webhook Verify

Verify webhook signatures

API Overview

​API Reference

​Pub API — account.shieldlabs.ai (no JWT)

​Dashboard API — account.shieldlabs.ai/api (JWT required)

​Core Management API — api.shieldlabs.ai (legacy)