When does the Crawlux API ship?

The Crawlux API is planned for Q4 2026. Currently audits run via the Crawlux web dashboard with JSON output downloadable per audit. The API will allow programmatic audit triggering, status polling, webhook callbacks and result retrieval. Subscribe via the docs early-access waitlist to be notified when API access opens.

Can I get audit JSON output today?

Yes. Every Crawlux audit produces a JSON output downloadable from the audit dashboard. The JSON structure is documented on this page. Pro and Team tier audits also produce a white-label PDF report. Free tier audits produce a JSON output and a summary HTML report.

What authentication will the API use?

The API will use API key authentication via Bearer tokens. API keys will be generated from the Crawlux dashboard. Each API key gets scoped to a workspace and has configurable rate limits. Webhook callbacks will be authenticated via HMAC-SHA256 signatures using a shared secret.

Will SDKs be available?

Two SDKs are planned for the Q4 2026 launch. A Node.js SDK published to npm under the package name crawlux-sdk. A Python SDK published to PyPI under the package name crawlux. Both SDKs will provide typed wrappers around the REST API plus helpers for common patterns like polling for audit completion.

What rate limits will the API have?

Rate limits will scale with tier. Free tier: 5 audits per month. Pro tier: 50 audits per month. Team tier: 200 audits per month. Enterprise tier (custom pricing): unlimited audits with dedicated infrastructure. All tiers include unlimited result retrieval calls. Webhook callbacks count separately and are not rate-limited.

How can I get notified when the API ships?

Three ways. First, email developers@crawlux.com with subject API Waitlist to join the early access list. Second, follow the changelog page for product updates. Third, run a free audit and reply to any of the email follow-ups confirming developer interest. Early access opens approximately 2 weeks before public API launch.

Docs · SDKs · Q4 2026

Official SDKs for Node and Python.

Two officially supported SDKs ship with the Q4 2026 API launch. Node.js via npm and Python via pip. Both provide typed wrappers around the REST API plus helpers for common patterns: polling for audit completion, signature verification on incoming webhooks, batch audit triggers across multiple domains. Community SDKs in other languages welcome.

// Section 01 · Node.js

crawlux-sdk on npm.

The Node SDK targets Node 18+ and ships as ESM with CommonJS fallback. TypeScript types are bundled. The package is crawlux-sdk on npm.

install

npm install crawlux-sdk
# or
yarn add crawlux-sdk
pnpm add crawlux-sdk

Trigger an audit and wait for completion.

trigger-audit.js

import { Crawlux } from "crawlux-sdk";

const crawlux = new Crawlux({ apiKey: process.env.CRAWLUX_API_KEY });

// Trigger an audit and wait for completion (max 10 minutes)
const audit = await crawlux.audits.run({
  domain: "example-protocol.io",
  tier: "team",
  waitForCompletion: true
});

console.log(audit.score.overall);  // 67
console.log(audit.findings.length); // 23

Trigger and poll separately.

poll-manually.js

const { audit_id } = await crawlux.audits.trigger({
  domain: "example-protocol.io"
});

let audit = await crawlux.audits.get(audit_id);
while (audit.status === "running") {
  await new Promise(r => setTimeout(r, 5000));
  audit = await crawlux.audits.get(audit_id);
}

Verify webhook signatures.

verify-webhook.js

import { verifyWebhookSignature } from "crawlux-sdk";

app.post("/webhooks/crawlux", (req, res) => {
  const valid = verifyWebhookSignature({
    rawBody: req.rawBody,
    signature: req.headers["x-crawlux-signature"],
    secret: process.env.CRAWLUX_WEBHOOK_SECRET
  });
  if (!valid) return res.status(401).send("invalid signature");
  queue.add("process", req.body);
  res.status(200).send("ok");
});

// Section 02 · Python

crawlux on PyPI.

The Python SDK targets Python 3.10+ and ships with full type hints (compatible with mypy and pyright). Async variant available via crawlux.aio. Package name: crawlux on PyPI.

install

pip install crawlux
# or
poetry add crawlux
uv add crawlux

Trigger an audit and wait for completion.

trigger_audit.py

import os
from crawlux import Crawlux

client = Crawlux(api_key=os.environ["CRAWLUX_API_KEY"])

# Trigger an audit and wait for completion
audit = client.audits.run(
    domain="example-protocol.io",
    tier="team",
    wait_for_completion=True
)

print(audit.score.overall)  # 67
print(len(audit.findings))  # 23

Async variant.

async_example.py

import asyncio
from crawlux.aio import Crawlux

async def main():
    client = Crawlux(api_key=os.environ["CRAWLUX_API_KEY"])
    domains = ["a.io", "b.io", "c.io"]
    audits = await asyncio.gather(*[
        client.audits.run(domain=d, wait_for_completion=True)
        for d in domains
    ])
    return audits

asyncio.run(main())

// Section 03 · Common patterns shipped with both SDKs

Helpers beyond the raw REST surface.

Polling helpers. waitForCompletion / wait_for_completion abstracts the poll-until-done pattern with built-in exponential backoff and timeout.
Webhook signature verification. verifyWebhookSignature / verify_webhook_signature handles the HMAC-SHA256 check with constant-time comparison to prevent timing attacks.
Batch triggers. audits.runBatch / audits.run_batch triggers up to 50 audits in parallel with built-in rate-limit-aware throttling.
Typed findings. The SDKs expose typed enums for analyzer codes, severity levels, group IDs and site categories. IDE autocomplete works for finding.analyzer == AnalyzerCode.B01 rather than string magic.
Automatic retries. 5xx responses are retried up to 3 times with exponential backoff. 429 responses respect the X-RateLimit-Reset header.

// Section 04 · Community SDKs

Other languages.

Community SDKs in other languages (Go, Rust, Ruby, PHP, Java, C#) are welcome and will be linked from this page once they reach stable release. Crawlux does not officially maintain community SDKs but provides API stability commitments documented in the REST API reference that make third-party SDK development tractable.

If you build a community SDK, email [email protected] with the repository URL and we will list it here.

// Related docs

Where to go from here.

REST API reference — the underlying endpoint surface
Authentication — Bearer token format
Webhooks reference — signature verification context
Error reference — error response shapes

Run a free audit and download the JSON

The fastest way to evaluate the audit JSON for integration: run a real audit on your own domain and inspect the output. Free first audit per domain.

Join API waitlist

JSON output live · Webhooks live · API Q4 2026 · 2-week early access window