Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.secapi.ai/llms.txt

Use this file to discover all available pages before exploring further.

Enterprise Features

SEC API ships enterprise-grade infrastructure from the first request. Audit logging, entitlement reporting, key rotation, and multi-seat organizations are built into the platform today. Enterprise SSO is handled through the enterprise rollout path.

Authentication

API keys are the primary authentication method for all plans. Org-scoped credentials are issued through POST /v1/api_keys and used via the x-api-key header. See Auth, Billing, and First Utility for the full model. Hosted MCP clients use WorkOS OAuth discovery through api.secapi.ai. OAuth discovery endpoints are published at /.well-known/oauth-protected-resource and /.well-known/oauth-authorization-server. This is the only WorkOS integration today.

Enterprise SSO

OAuth/SSO via WorkOS supports enterprise rollout planning for customers who require corporate-IdP-backed human login. Contact the SEC API team to discuss SAML or OIDC federation requirements for Okta, Microsoft Entra ID, Google Workspace, or another identity provider.

Audit Logs

Every API request generates a traceable event chain. SEC API provides multiple APIs for inspecting activity after the fact.

Request Diagnostics

Drill into a single request by its Request-Id: 
curl "$SECAPI_BASE_URL/v1/diagnostics/requests/req_abc123" \
  -H "x-api-key: $SECAPI_API_KEY"
Returns usage events, canonical events, webhook deliveries, stream events, artifacts, and grouped meter-class counts for that request. See Request Diagnostics for the full reference.

Delivery summary

Aggregate webhook and stream delivery activity over a time window: 
curl "$SECAPI_BASE_URL/v1/diagnostics/deliveries/summary?since=2026-01-01T00:00:00Z&limit=200" \
  -H "x-api-key: $SECAPI_API_KEY"

Event Export

Export the full event log in JSON or NDJSON for ingestion into external SIEM, log aggregation, or compliance tooling: 
curl "$SECAPI_BASE_URL/v1/events/export?kind=event&format=ndjson&limit=100" \
  -H "x-api-key: $SECAPI_API_KEY"
Filters: kind, type, requestId, since, limit, format (json or ndjson). See Event Export for details.

Entitlement Reporting

Billing state, usage, and plan limits are always available through the API. Use these endpoints to build organization dashboards or enforce organizational spend policies.

Billing snapshot

curl "$SECAPI_BASE_URL/v1/billing" \
  -H "x-api-key: $SECAPI_API_KEY"
Returns the current plan key, billing state, spend caps, budget alerts, and Stripe subscription status.

Usage summary

curl "$SECAPI_BASE_URL/v1/usage" \
  -H "x-api-key: $SECAPI_API_KEY"
Returns metered usage events grouped by meter class for the current billing period.

Plan limits

curl "$SECAPI_BASE_URL/v1/limits" \
  -H "x-api-key: $SECAPI_API_KEY"
Returns the rate limits, API key limits, and throughput ceilings for the current plan.

Budget controls

Set spend caps and alert thresholds to prevent runaway costs: 
curl -X PUT "$SECAPI_BASE_URL/v1/billing/budget" \
  -H "x-api-key: $SECAPI_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"spendCapCents": 50000, "softCapCents": 30000, "approvalThresholdCents": 40000}'
Budget events are recorded with the acting principal, previous values, and request ID for audit purposes.

Key Rotation

Webhook signing secrets can be rotated without downtime. The old secret is invalidated immediately and a new secret is returned in the response. 
curl -X POST "$SECAPI_BASE_URL/v1/webhook_endpoints/whe_abc123/rotate_secret" \
  -H "x-api-key: $SECAPI_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{}'
The response includes the full webhook endpoint object with the new signingSecret. Update your verification logic before the next delivery arrives. API keys can be revoked and re-created through DELETE /v1/api_keys/:keyId and POST /v1/api_keys.

Multi-Seat Organizations

The Team plan ($239/mo or $2,388/yr) supports up to five seats within a shared organization. All seats share:
  • org-scoped API keys with configurable read and write scopes
  • a unified billing context with shared spend caps and budget alerts
  • shared webhook endpoints, stream subscriptions, and event history
  • a single billing relationship through Stripe
The Commercial plan extends multi-seat support with custom seat counts, dedicated infrastructure options, and contract-based invoicing.

API key management

Each plan tier has a key limit. Team plans include more keys than Personal or PAYG: 
# List existing keys
curl "$SECAPI_BASE_URL/v1/api_keys" \
  -H "x-api-key: $SECAPI_API_KEY"

# Create a new key with specific scopes
curl -X POST "$SECAPI_BASE_URL/v1/api_keys" \
  -H "x-api-key: $SECAPI_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"label": "CI pipeline", "scopes": ["read:sec"], "livemode": true}'

SLA Guarantees

SEC API provides a 99.9% webhook delivery guarantee with HMAC-SHA256 signed payloads, exponential-backoff retries over a 72-hour window, and manual replay support. See Webhook Delivery SLA for the full SLA terms, retry schedule, and monitoring guidance.

Commercial Licensing

The Commercial plan (from $18,000/yr) is required for redistribution, embedding, white-label, and resale use cases. It includes:
  • redistribution and external commercial rights
  • contract-based invoicing
  • dedicated onboarding support
  • custom throughput and rate limit configuration
See Plans and Pricing for the full plan comparison and commercial-use requirements.

Enterprise endpoints summary

CategoryEndpoints
AuthGET /v1/me, GET /v1/org, POST /v1/api_keys, DELETE /v1/api_keys/:keyId
AuditGET /v1/diagnostics/requests/:requestId, GET /v1/diagnostics/deliveries/summary, GET /v1/events, GET /v1/events/export
EntitlementsGET /v1/billing, GET /v1/usage, GET /v1/limits, GET /v1/billing/rates
BudgetPUT /v1/billing/budget, POST /v1/billing/quote
Key rotationPOST /v1/webhook_endpoints/:webhookId/rotate_secret
CheckoutPOST /v1/billing/checkout, POST /v1/billing/portal

Webhook Delivery SLA

99.9% delivery guarantee, retry policy, and replay support.

Plans and Pricing

Full plan comparison including Commercial licensing.