API access

The is-it.io platform offers a wide range of API endpoints. The endpoints are documented in detail here. To access the endpoints, a bearer token is required for authorization, which is described in more details below. By using the API, you can easily integrate our automated check into your existing publishing workflow.

Authentication with Bearer Tokens

Bearer tokens are a common way to authenticate API requests and are essential for the is-it.io platform. A bearer token is a unique string issued by the platform after a user successfully authenticates. Once obtained, the token must be included in every request to the protected endpoints. With such a token, it is possible to get access to the protected API endpoints on behalf of the user, without exposing email address and password.

What is a Bearer Token?

  • A bearer token is essentially an access key. Whoever "bears" the token can use it to access the API.
  • Tokens are usually issued by an authentication server and often expire after a certain period of time.
  • They should be kept confidential — never hard-code them in public code repositories or expose them in client-side code.

How to get a Bearer Token

Tokens can be managed in the platform itself in the tokens menu item. How to get access to it is described here.

The invoices list

How to user a Bearer Token

When calling an API endpoint that requires authentication, the bearer token must be included in the Authorization header of the request. The general format is:

Authorization: Bearer <your_token_here>

Example with curl

Here’s how to call a secured is-it.io API endpoint using curl:

curl -X GET https://api.is-it.io/api/v1/sites -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

Explanation

  • -X GET → specifies the HTTP method (GET in this case).
  • https://api.is-it.io/api/v1/sites → the API endpoint.
  • -H "Authorization: Bearer YOUR_ACCESS_TOKEN" → adds the authorization header with your token.

If your API expects JSON responses, you may also want to include a Content-Type and Accept header:

curl -X POST https://api.is-it.io/api/v1/site \
	-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
	-H "Content-Type: application/json" \
	-d '{"name": "My site", "url": "https://mysite.example.com"}'

curl -X POST https://api.is-it.io/api/v1/check \
	-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
	-H "Content-Type: application/json" \
	-d '{"site_id": "the site uuid"}'

Error codes

When doing API requests, errors can happen. We list here some common errors with their HTTP status code and a string identifier. Basically every response which has a status above 400 gets an error.

  • 401: Unauthorized
  • 404: Not found
    • ISITIO_SITE_NOT_FOUND
    • ISITIO_PAGE_NOT_FOUND
    • ISITIO_CHECK_NOT_FOUND
  • 422: Unprocessable Content
    • A general error message from input validation
    • Site: ISITIO_SITE_INVALID_URL
    • Site: ISITIO_SITE_EXISTS
    • Site: ISITIO_COULD_NOT_PARSE_SITE
    • Site: ISITIO_SITE_LIMIT_MAXIMUM
    • Page: ISITIO_PAGE_EXISTS
    • Page: ISITIO_PAGE_COULD_NOT_PARSE
    • Page: ISITIO_PAGE_LIMIT_REACHED
    • Check: ISITIO_CHECK_LIMIT_REACHED