Ratelimiting and Client Errors
The StackHawk API is available for users and organizations with the access to use it. Nonetheless, SpiderMan rules apply, and errors may occur.
Rate Limiting
API requests are rate-limited, with at most 360 requests per minute.
Some routes (such as the Login with API Key endpoint) may have lower limits. Users that exceed those limits will be served a 429
http response code.
don't be a jabroni
StackHawk would like to remind users and ethical hackers that denial of service attacks are not cool, and access to the API or platform will be rescinded for violations of the terms of service.
Client Errors
API Calls that fail due to client input will return 4xx status code.
400 Bad Request
400 Bad Request
The server could not process this request, although it may have tried.
The JSON response body message
will include details on what input was invalid.
401 Unauthorized
401 Unauthorized
The server doesn't think you should be making this request.
This error is intentionally vague for security purposes, but any of the following could cause it:
- no authorization was provided
- authorization has expired
- authorization is insufficient for the requested resource
404 Not Found
404 Not Found
The route or resource does not exist.
429 Too Many Requests
429 Too Many Requests
The server thinks you've made enough requests for now.
Users can retry the requests again later.
Updated 27 days ago