Escape
Escape was founded in 2020 after one of our co-founders experienced a cyberattack and saw firsthand how vulnerable exposed APIs can be. Driven by a belief in the power of AI to transform cybersecurity, we built a platform that emulates hacker behavior to identify vulnerabilities before they can be exploited. Escape is a DAST (Dynamic Application Security Testing) platform that helps you document all your APIs, detect complex business logic flaws across modern applications like APIs, SPAs, and Microservices, and seamlessly integrate security into your CI/CD pipeline.
APIs
Escape Public API
The Escape Public API (V3) provides programmatic access to DAST scanning profiles, assets, integrations, scan results, authentications, issues, and job/report exports. Endpoints...
Collections
Escape Public API
OPENPricing Plans
Rate Limits
FinOps
Escape Finops
FINOPSResources
Sources
opencollection: 1.0.0
info:
name: Escape Public API
version: 3.0.0
request:
auth:
type: apikey
key: X-ESCAPE-API-KEY
value: '{{X-ESCAPE-API-KEY}}'
placement: header
items:
- info:
name: Profiles
type: folder
items:
- info:
name: List profiles
type: http
http:
method: GET
url: https://public.escape.tech/v3/profiles
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: assetIds
value: ''
type: query
description: Filter by asset IDs
- name: domains
value: ''
type: query
description: Filter by domain
- name: issueIds
value: ''
type: query
description: Filter by issue IDs
- name: tagIds
value: ''
type: query
description: Filter by tag IDs
- name: search
value: ''
type: query
description: Search term to filter profiles by name or description
- name: initiators
value: ''
type: query
description: Filter by initiator
- name: kinds
value: ''
type: query
description: Filter by kind
- name: risks
value: ''
type: query
description: Filter by risk
docs: List and search profiles of the organization.
- info:
name: List all scan statuses and problems
type: http
http:
method: GET
url: https://public.escape.tech/v3/profiles/problems
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: assetIds
value: ''
type: query
description: Filter by asset IDs
- name: domains
value: ''
type: query
description: Filter by domain
- name: issueIds
value: ''
type: query
description: Filter by issue IDs
- name: tagIds
value: ''
type: query
description: Filter by tag IDs
- name: search
value: ''
type: query
description: Search term to filter profiles by name or description
- name: initiators
value: ''
type: query
description: Filter by initiator
- name: kinds
value: ''
type: query
description: Filter by kind
- name: risks
value: ''
type: query
description: Filter by risk
docs: List all scan statuses and problems
- info:
name: Get a profile
type: http
http:
method: GET
url: https://public.escape.tech/v3/profiles/:profileId
params:
- name: profileId
value: ''
type: path
description: The profile ID
docs: Get a profile by ID
- info:
name: Update a profile
type: http
http:
method: PUT
url: https://public.escape.tech/v3/profiles/:profileId
params:
- name: profileId
value: ''
type: path
description: The profile ID
body:
type: json
data: '{}'
docs: Update a profile of a given scanner kind
- info:
name: Delete a profile
type: http
http:
method: DELETE
url: https://public.escape.tech/v3/profiles/:profileId
params:
- name: profileId
value: ''
type: path
description: The profile ID
docs: Delete a profile by ID
- info:
name: Update profile configuration
type: http
http:
method: PUT
url: https://public.escape.tech/v3/profiles/:profileId/configuration
params:
- name: profileId
value: ''
type: path
description: The profile ID
body:
type: json
data: '{}'
docs: Update the configuration of a profile
- info:
name: Update profile schema
type: http
http:
method: PUT
url: https://public.escape.tech/v3/profiles/:profileId/schema
params:
- name: profileId
value: ''
type: path
description: The profile ID
body:
type: json
data: '{}'
docs: '
*This route is deprecated, use the [PUT /profiles/:profileId](#tag/profiles/PUT/profiles/:profileId) endpoint instead.*
Update the schema used to scan this profile.
The schema ID is the ID of a schema uploaded to the Escape Platform using the [POST /assets/schema](#tag/assets/POST/assets/schema)
endpoint.
'
- info:
name: Create a DAST REST profile
type: http
http:
method: POST
url: https://public.escape.tech/v3/profiles/rest
body:
type: json
data: '{}'
docs: Create a DAST REST profile.
- info:
name: Create a DAST GraphQL profile
type: http
http:
method: POST
url: https://public.escape.tech/v3/profiles/graphql
body:
type: json
data: '{}'
docs: Create a DAST GraphQL profile.
- info:
name: Create a DAST WebApp profile
type: http
http:
method: POST
url: https://public.escape.tech/v3/profiles/webapp
body:
type: json
data: '{}'
docs: Create a DAST WebApp profile.
- info:
name: Create an Automated Pentest REST profile
type: http
http:
method: POST
url: https://public.escape.tech/v3/profiles/ai-pentesting/rest
body:
type: json
data: '{}'
docs: Create an Automated Pentest REST profile.
- info:
name: Create an Automated Pentest GraphQL profile
type: http
http:
method: POST
url: https://public.escape.tech/v3/profiles/ai-pentesting/graphql
body:
type: json
data: '{}'
docs: Create an Automated Pentest GraphQL profile.
- info:
name: Create an Automated Pentest WebApp profile
type: http
http:
method: POST
url: https://public.escape.tech/v3/profiles/ai-pentesting/webapp
body:
type: json
data: '{}'
docs: Create an Automated Pentest WebApp profile.
- info:
name: Start an authentication configuration check
type: http
http:
method: POST
url: https://public.escape.tech/v3/authentications
body:
type: json
data: '{}'
docs: Validates authentication credentials without running a full scan. Provide `authentication` directly, or pass a `profileId`
to reuse its saved authentication (optionally overriding it). Poll `GET /authentications/{id}` until `status` is FINISHED,
FAILED, or CANCELED.
- info:
name: Get authentication configuration check status
type: http
http:
method: GET
url: https://public.escape.tech/v3/authentications/:authenticationId
params:
- name: authenticationId
value: ''
type: path
description: Identifier returned by the start endpoint
docs: Returns the current status, chronological log messages, and (when finished) structured authentication results for
a check started via `POST /authentications`.
- info:
name: Assets
type: folder
items:
- info:
name: List assets
type: http
http:
method: GET
url: https://public.escape.tech/v3/assets
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: search
value: ''
type: query
description: Search term to filter assets by name or description
- name: types
value: ''
type: query
description: Filter by type
- name: statuses
value: ''
type: query
description: Filter by status
- name: manuallyCreated
value: ''
type: query
description: Filter by manually created
docs: List and search assets of the organization.
- info:
name: Bulk update assets
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/bulk-update
body:
type: json
data: '{}'
docs: Update tags, projects, or status of multiple assets matching a filter predicate.
- info:
name: Bulk delete assets
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/bulk-delete
body:
type: json
data: '{}'
docs: Schedule multiple assets matching a filter predicate for deletion.
- info:
name: Get an asset
type: http
http:
method: GET
url: https://public.escape.tech/v3/assets/:assetId
params:
- name: assetId
value: ''
type: path
description: The asset ID
docs: Get an asset by ID
- info:
name: Update an asset
type: http
http:
method: PUT
url: https://public.escape.tech/v3/assets/:assetId
params:
- name: assetId
value: ''
type: path
description: The asset ID
body:
type: json
data: '{}'
docs: Update an asset by ID
- info:
name: Delete an asset
type: http
http:
method: DELETE
url: https://public.escape.tech/v3/assets/:assetId
params:
- name: assetId
value: ''
type: path
description: The asset ID
docs: Delete an asset by ID
- info:
name: List activities of an asset
type: http
http:
method: GET
url: https://public.escape.tech/v3/assets/:assetId/activities
params:
- name: assetId
value: ''
type: path
description: The asset ID
docs: List activities related to a specific asset.
- info:
name: Comment on an asset
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/:assetId/activities
params:
- name: assetId
value: ''
type: path
description: The asset ID
body:
type: json
data: '{}'
docs: Add a comment to an asset.
- info:
name: Create asset dns
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/dns
body:
type: json
data: '{}'
docs: Create a dns
- info:
name: Create asset ipv4
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/ipv4
body:
type: json
data: '{}'
docs: Create a ipv4
- info:
name: Create asset ipv6
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/ipv6
body:
type: json
data: '{}'
docs: Create a ipv6
- info:
name: Create asset graphql
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/graphql
body:
type: json
data: '{}'
docs: Create a graphql
- info:
name: Create asset rest
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/rest
body:
type: json
data: '{}'
docs: Create a rest
- info:
name: Create asset grpc
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/grpc
body:
type: json
data: '{}'
docs: Create a grpc
- info:
name: Create asset websocket
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/websocket
body:
type: json
data: '{}'
docs: Create a websocket
- info:
name: Create asset mcp
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/mcp
body:
type: json
data: '{}'
docs: Create a mcp
- info:
name: Create asset soap
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/soap
body:
type: json
data: '{}'
docs: Create a soap
- info:
name: Create asset webapp
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/webapp
body:
type: json
data: '{}'
docs: Create a webapp
- info:
name: Create asset azure-tenant
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/azure-tenant
body:
type: json
data: '{}'
docs: Create a azure-tenant
- info:
name: Create asset ipv4-range
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/ipv4-range
body:
type: json
data: '{}'
docs: Create a ipv4-range
- info:
name: Create asset gitlab-repository
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/gitlab-repository
body:
type: json
data: '{}'
docs: Create a gitlab-repository
- info:
name: Create asset github-repository
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/github-repository
body:
type: json
data: '{}'
docs: Create a github-repository
- info:
name: Create asset bitbucket-repository
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/bitbucket-repository
body:
type: json
data: '{}'
docs: Create a bitbucket-repository
- info:
name: Create asset code-project
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/code-project
body:
type: json
data: '{}'
docs: Create a code-project
- info:
name: Create asset aws-lambda
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/aws-lambda
body:
type: json
data: '{}'
docs: Create a aws-lambda
- info:
name: Create asset package
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/package
body:
type: json
data: '{}'
docs: Create a package
- info:
name: Create asset software
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/software
body:
type: json
data: '{}'
docs: Create a software
- info:
name: Create asset schema
type: http
http:
method: POST
url: https://public.escape.tech/v3/assets/schema
body:
type: json
data: '{}'
docs: "Create a schema asset.\n\nThe schema data can either be fetched from a URL or uploaded from a file.\n\n**Fetch\
\ example:**\n```json\n{\n \"asset_type\": \"SCHEMA\",\n \"fetch\": {\n \"url\": \"https://api.example.com/v1\"\
\n }\n}\n```\n\n\n**Upload example:**\n\nThe file should first be uploaded to the Escape Platform using the [upload\
\ endpoint](/v3/#tag/upload/post/upload/signed-url).\n\nThe upload endpoint returns an `id` that should be used in the\
\ `temporaryObjectKey` field.\n\n```json\n{\n \"asset_type\": \"SCHEMA\",\n \"up"
- info:
name: Scans
type: folder
items:
- info:
name: List scans
type: http
http:
method: GET
url: https://public.escape.tech/v3/scans
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: after
value: ''
type: query
description: Filter by after date
- name: before
value: ''
type: query
description: Filter by before date
- name: assetIds
value: ''
type: query
description: Filter by asset IDs
- name: profileIds
value: ''
type: query
description: Filter by profile IDs
- name: ignored
value: ''
type: query
description: Filter by ignored status
- name: initiator
value: ''
type: query
description: Filter by initiator
- name: kinds
value: ''
type: query
description: Filter by kind
- name: status
value: ''
type: query
description: Filter by status
- name: projectIds
value: ''
type: query
description: Filter by project IDs
docs: List and search scans of the organization.
- info:
name: Start a new scan
type: http
http:
method: POST
url: https://public.escape.tech/v3/scans
body:
type: json
data: '{}'
docs: Start a new scan
- info:
name: List scans with their problems
type: http
http:
method: GET
url: https://public.escape.tech/v3/scans/problems
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: after
value: ''
type: query
description: Filter by after date
- name: before
value: ''
type: query
description: Filter by before date
- name: assetIds
value: ''
type: query
description: Filter by asset IDs
- name: profileIds
value: ''
type: query
description: Filter by profile IDs
- name: projectIds
value: ''
type: query
description: Filter by project IDs
- name: ignored
value: ''
type: query
description: Filter by ignored status
- name: initiator
value: ''
type: query
description: Filter by initiator
- name: kinds
value: ''
type: query
description: Filter by kind
- name: status
value: ''
type: query
description: Filter by status
docs: List scans together with the validation problems surfaced by the scanner during execution. Diagnostic counterpart
of GET /v3/profiles/problems, but indexed by scan instead of profile.
- info:
name: Get a scan
type: http
http:
method: GET
url: https://public.escape.tech/v3/scans/:scanId
params:
- name: scanId
value: ''
type: path
description: The scan ID
docs: Get a scan by ID
- info:
name: Cancel a scan
type: http
http:
method: PUT
url: https://public.escape.tech/v3/scans/:scanId/cancel
params:
- name: scanId
value: ''
type: path
description: The scan ID
docs: Cancel a scan by ID
- info:
name: Ignore a scan
type: http
http:
method: PUT
url: https://public.escape.tech/v3/scans/:scanId/ignore
params:
- name: scanId
value: ''
type: path
description: The scan ID
body:
type: json
data: '{}'
docs: Ignore a scan by ID
- info:
name: List scan targets and API coverage
type: http
http:
method: GET
url: https://public.escape.tech/v3/scans/:scanId/targets
params:
- name: scanId
value: ''
type: path
description: The scan ID
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: types
value: ''
type: query
description: Optional filter by target kinds (comma-separated or repeated), e.g. API_ROUTE or GRAPHQL_RESOLVER
docs: Returns targets discovered during a scan, including REST and GraphQL operations with per-endpoint coverage. Filter
by target type to focus on API routes and resolvers for CI/CD quality gates.
- info:
name: Emails
type: folder
items:
- info:
name: List inbox emails
type: http
http:
method: GET
url: https://public.escape.tech/v3/scans/emails
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: ids
value: ''
type: query
description: Filter by email IDs
- name: before
value: ''
type: query
description: Filter by before date
- name: after
value: ''
type: query
description: Filter by after date
- name: email
value: ''
type: query
description: Inbox email address used as `to` filter
docs: Given a target email address, list inbox emails with cursor pagination.
- info:
name: Read inbox email content
type: http
http:
method: GET
url: https://public.escape.tech/v3/scans/emails/:id
params:
- name: id
value: ''
type: path
description: The inbox email ID
docs: Given an email id, fetch and return its full raw content.
- info:
name: Issues
type: folder
items:
- info:
name: List issues
type: http
http:
method: GET
url: https://public.escape.tech/v3/issues
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: profileIds
value: ''
type: query
description: Filter by application IDs
- name: assetIds
value: ''
type: query
description: Filter by asset IDs
- name: domains
value: ''
type: query
description: Filter by domain
- name: ids
value: ''
type: query
description: Filter by specific issue IDs
- name: names
value: ''
type: query
description: Filter by issue names
- name: scanIds
value: ''
type: query
description: Filter by scan IDs
- name: tagIds
value: ''
type: query
description: Filter by tag IDs
- name: search
value: ''
type: query
description: Search term to filter issues by name or description
- name: jiraTicket
value: ''
type: query
description: Filter by issues with Jira tickets
- name: risks
value: ''
type: query
description: Filter by risk types
- name: assetClasses
value: ''
type: query
description: Filter by asset classes
- name: scannerKinds
value: ''
type: query
description: Filter by scanner kinds
- name: severities
value: ''
type: query
description: Filter by issue severities
- name: status
value: ''
type: query
description: Filter by issue status
docs: List and search issues of the organization.
- info:
name: Get issue funnel
type: http
http:
method: GET
url: https://public.escape.tech/v3/issues/funnel
params:
- name: projectIds
value: ''
type: query
description: Filter by project IDs
docs: 'Get issue funnel data showing how issues distribute across severity/exposure steps: ALL → OPEN_ISSUES → EXPOSED
→ UNAUTHENTICATED → HIGH_BUSINESS_IMPACT → CRITICAL.'
- info:
name: Get issue severity trends
type: http
http:
method: GET
url: https://public.escape.tech/v3/issues/trends
params:
- name: after
value: ''
type: query
description: Start date (ISO 8601)
- name: before
value: ''
type: query
description: End date (ISO 8601)
- name: interval
value: ''
type: query
description: Time bucket interval (e.g. "1 day", "1 week")
- name: applicationIds
value: ''
type: query
description: Filter by application IDs
- name: projectIds
value: ''
type: query
description: Filter by project IDs
docs: Get time-bucketed issue counts by severity. Useful for tracking security posture over time.
- info:
name: Bulk update issues
type: http
http:
method: POST
url: https://public.escape.tech/v3/issues/bulk-update
body:
type: json
data: '{}'
docs: Update the status of multiple issues matching a filter predicate. For example, mark all LOW severity issues on a
given asset as IGNORED.
- info:
name: Get an issue
type: http
http:
method: GET
url: https://public.escape.tech/v3/issues/:issueId
params:
- name: issueId
value: ''
type: path
description: The issue ID
docs: Get an issue by ID
- info:
name: Update an issue
type: http
http:
method: PUT
url: https://public.escape.tech/v3/issues/:issueId
params:
- name: issueId
value: ''
type: path
description: The issue ID
body:
type: json
data: '{}'
docs: Update an issue by ID
- info:
name: List activities of an issue
type: http
http:
method: GET
url: https://public.escape.tech/v3/issues/:issueId/activities
params:
- name: issueId
value: ''
type: path
description: The issue ID
docs: List activities related to a specific issue.
- info:
name: Comment on an issue
type: http
http:
method: POST
url: https://public.escape.tech/v3/issues/:issueId/activities
params:
- name: issueId
value: ''
type: path
description: The issue ID
body:
type: json
data: '{}'
docs: Add a comment to an issue.
- info:
name: Notify issue owners
type: http
http:
method: POST
url: https://public.escape.tech/v3/issues/:issueId/notify
params:
- name: issueId
value: ''
type: path
description: The issue ID
body:
type: json
data: '{}'
docs: Send an email notification to the owners of the asset associated with this issue.
- info:
name: Jobs
type: folder
items:
- info:
name: Trigger a template export job
type: http
http:
method: POST
url: https://public.escape.tech/v3/jobs
body:
type: json
data: '{}'
docs: 'Schedules the same export job as the product UI (SAAS_EXPORT_TEMPLATE): PDF/report blocks, optional scan and issue
scope. Use GET /jobs/{jobId} to read status and artefact download URLs when completed.'
- info:
name: Get a job
type: http
http:
method: GET
url: https://public.escape.tech/v3/jobs/:jobId
params:
- name: jobId
value: ''
type: path
description: The job ID
docs: Returns job status, parameters, and artefacts (including signedUrl download links for completed export outputs).
- info:
name: Events
type: folder
items:
- info:
name: List events
type: http
http:
method: GET
url: https://public.escape.tech/v3/events
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- name: search
value: ''
type: query
description: Search term to filter events by name or description
- name: scanIds
value: ''
type: query
description: Filter by scan IDs
- name: assetIds
value: ''
type: query
description: Filter by asset IDs
- name: issueIds
value: ''
type: query
description: Filter by issue IDs
- name: levels
value: ''
type: query
description: Filter by level
- name: stages
value: ''
type: query
description: Filter by stage
- name: hasAttachments
value: ''
type: query
description: Filter by attachments
- name: attachments
value: ''
type: query
description: Filter by attachments
docs: List and search events of the organization.
- info:
name: Get an event
type: http
http:
method: GET
url: https://public.escape.tech/v3/events/:eventId
params:
- name: eventId
value: ''
type: path
description: The event ID
docs: Get an event by ID (including attachments)
- info:
name: Audit
type: folder
items:
- info:
name: List audit logs
type: http
http:
method: GET
url: https://public.escape.tech/v3/audit/logs
params:
- name: cursor
value: ''
type: query
description: The cursor to start the pagination from. Returned by the previous page response. If not provided, the
first page will be returned.
- name: size
value: ''
type: query
description: The number of items to return per page
- name: sortType
value: ''
type: query
description: The type to sort by
- name: sortDirection
value: ''
type: query
description: The direction to sort by
- nam
# --- truncated at 32 KB (77 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/escape/refs/heads/main/apis.yml