API Reference Overview

The AgentCop REST API. All endpoints return JSON. Base URL: https://api.agentcop.live

Authentication

All API requests require an API key. Pass it in the request header:

X-AgentCop-Key: your_api_key_here

You can also set it as an environment variable and use the AgentCop SDK — the client will pick it up automatically:

export AGENTCOP_API_KEY=your_api_key_here

API keys are scoped to your account and can be rotated from the dashboard. Keep your key secret — it grants full access to all API modules on your account.

Base URL & Versioning

The API is available at two URL prefixes:

• /api/ — always points to the latest stable version
• /api/v1/ — pinned to v1 (current stable), safe for production use

v1 is the only version currently available. Breaking changes will always be introduced under a new version prefix with a deprecation window of at least 6 months.

Rate Limits

Rate limits are applied per API key, per rolling 24-hour window.

When a rate limit is exceeded, the API responds with HTTP 429 Too Many Requests. The response will include a Retry-After header indicating when the limit resets.

Error Format

All errors share a consistent JSON envelope:

{
  "error": "scan_failed",
  "message": "Code too large to scan (max 100KB)",
  "code": 413,
  "docs": "https://docs.agentcop.live/api-reference/"
}

API Modules

The AgentCop API is organized into five modules, each covering a distinct part of the security platform.