Skip to main content

API Overview

Use SEC API when you need source-backed SEC data that is easy to automate: resolve an entity, find a filing, extract a section, retrieve structured statements or ownership data, and keep the metadata needed for debugging and auditability.

Authentication

API keys are the primary authentication method for all plans. Use the x-api-key header on every REST request; the same credential works across SDK and CLI clients. See Auth, Billing, and First Utility for the full model. Hosted MCP clients use OAuth discovery through the documented .well-known endpoints.

Common API Workflows

Find the right issuer

Resolve tickers, CIKs, and company names before making filing, statement, or ownership requests.

Retrieve filing context

Search filings, fetch the latest filing, and extract specific sections without downloading full filings.

Use structured datasets

Pull statements, facts, ownership, governance, funds, market utilities, and signals through documented endpoints.

Keep the audit trail

Preserve request IDs, freshness, provenance, and trace metadata so results can be verified later.

Core design rules

1

Version requests

Use secapi-version so production behavior does not shift underneath you.
2

Correlate requests

Keep Request-Id in logs and downstream artifacts.
3

Use cursor pagination

List endpoints paginate with cursors instead of offset math.
4

Keep metadata with the payload

Provenance, freshness, materialization, and trace references belong with the data.
5

Prefer structured contracts

SEC API favors useful structured workflows over raw passthroughs.
6

Respect explicit partial states

Treat values like supported, degraded, unavailable, and rights-scoped coverage flags as part of the contract, not edge-case trivia.

Source and Freshness Fields

  • provenance: where the data came from
  • freshness: how current the data is
  • materialization: how the current output was produced
  • trace: how to get from a filing-derived value back to the source filing and page when available
Keep these fields with the response when you store, display, or pass data to an agent. They make it easier to explain where a value came from, how current it is, and how to inspect it later.

Event delivery rules

  • webhook delivery uses signed POST requests with x-secapi-signature
  • delivery headers include x-secapi-event-id, x-secapi-event-type, and x-request-id
  • current event families include artifacts, webhooks, and stream subscriptions
Use raw filing downloads when you need the original document. Use structured endpoints when you need repeatable workflows, compact payloads, and metadata your application can verify.

API conventions

Read the wire-level defaults and shared rules.

API Reference

Jump to the exact call you need.

Freshness and trust

See how the source trail and freshness metrics stay visible.