AIRiskDB API Documentation
AIRiskDB API Overview
Read access to AI asset intelligence, enrichment findings, AI-BOM data, and threat intelligence via the AIRiskDB API.
What is AIRiskDB API?
The AIRiskDB API provides read access to AI asset intelligence, enrichment findings, AI-BOM data, and threat intelligence. Use these endpoints to retrieve normalized asset records, look up assets by fingerprint or model and package metadata, inspect risk findings, and list matching threats.
Base URL
Production API root:
https://api.airiskdb.comVersioned API root:
https://api.airiskdb.com/v1Authentication
All /v1/* endpoints require a bearer API key:
Authorization: Bearer <API_KEY>API keys are scoped:
| Scope | Allows |
|---|---|
assets:read | Read assets, findings, AI-BOMs, and threats matched to an asset |
Common Conventions
Every response includes a request ID header:
X-Request-Id: req_1234567890abcdef12345678Use this value when debugging or contacting support.
Cursor Pagination
List endpoints use cursor pagination:
| Parameter | Type | Description |
|---|---|---|
limit | integer | Optional. Defaults to 20. Minimum 1, maximum 100. |
starting_after | string | Optional forward cursor. Set to the previous response's next_cursor. |
ending_before | string | Optional reverse cursor where supported. |
List response shape:
{
"object": "list",
"data": [],
"has_more": false,
"url": "/v1/assets",
"next_cursor": null
}Endpoints
| Method | Endpoint | Purpose |
|---|---|---|
GET | /v1/assets/lookup | Look up assets by fingerprint, exact name, fuzzy name, version, ecosystem, or fallback fingerprint |
GET | /v1/assets/{fingerprint} | Retrieve the resolved asset record |
GET | /v1/assets/{fingerprint}/findings | Retrieve findings for the resolved asset |
GET | /v1/assets/{fingerprint}/aibom | Retrieve the AI-BOM for the resolved asset |
GET | /v1/assets/{fingerprint}/threats | Retrieve threats matched to the resolved asset |