Overview

Introduction to the Cyborux REST API for domain security monitoring and OSINT reconnaissance.

Base URL

All API requests are made to:

https://api.cyborux.com

Authentication

Cyborux uses API key authentication via Bearer tokens. Include your API key in the Authorization header of every request.

const res = await fetch("https://api.cyborux.com/api/user/domains", {
  headers: {
    Authorization: "Bearer YOUR_API_KEY",
  },
});

User Tiers

Access levels control monthly quotas for analyses, reports, and deep scans.

Tier	Analyses/mo	Reports/mo	Deep Scans/mo
Basic	0	0	0
Protect	5	5	15
Vigilant	10	10	30
Enterprise	Custom	Custom	Custom

Yearly subscribers receive 12x the monthly allowance. One-shot credit packs can also be purchased to supplement subscription quotas.

Pagination

Paginated endpoints accept these query parameters:

Parameter	Type	Default	Description
`page`	integer	`1`	Page number (1-indexed)
`per_page`	integer	`50`	Items per page (max 100)
`sort_by`	string	`"risk_level"`	Sort field — varies by endpoint

Paginated responses include:

{
  "items": [],
  "total": 142,
  "page": 1,
  "per_page": 50,
  "total_pages": 3
}

Error Responses

The API uses standard HTTP status codes. Error responses return JSON:

{
  "detail": "Human-readable error message"
}

Status	Meaning
`400`	Bad request — invalid parameters or body
`401`	Not authenticated — missing or invalid API key
`403`	Forbidden — insufficient permissions or tier
`404`	Resource not found
`429`	Rate limit or quota exceeded
`500`	Internal server error
`502`	Upstream service unavailable (e.g. Stripe)
`503`	Service not configured

Rate Limiting

Domain analyses and deep scans are quota-limited per billing period
Stripe checkout creation is rate-limited to 5 requests per 60 seconds per user

Domain Access

All domain entity endpoints verify that the authenticated user has access to the requested domain. A user gains access to a domain when they run an analysis on it via POST /api/analyze-domain.