Developer Docs

ADAWCAG REST API

Integrate accessibility scanning into your CI/CD pipeline, generate VPAT reports, and monitor compliance — all via API.

Authentication

All API requests require authentication via the x-api-key header. Admin endpoints (key creation) use the x-admin-token header instead.

curl -X POST https://adawcag.org/api/v1/scans \
  -H "x-api-key: adawcag_s_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com", "pages": [...]}'

Endpoints

GET/api/v1API info and available endpointsNone

POST/api/v1/keysCreate a new API keyx-admin-token

GET/api/v1/keys/meGet current API key infox-api-key

POST/api/v1/scansSubmit scan results (pages + issues)x-api-key

GET/api/v1/scans/:idRetrieve scan with all issuesx-api-key

POST/api/v1/vpat/generateGenerate evidence-driven VPAT reportx-api-key

GET/api/v1/vpat/:idRetrieve VPAT report with overridesx-api-key

POST/api/v1/deploy/triggerCI/CD deploy gate checkx-api-key

GET/api/v1/deploy/:idDeploy gate event statusx-api-key

POST/api/v1/webhooksCreate webhook subscriptionx-api-key

DELETE/api/v1/webhooks/:idRemove webhookx-api-key

Deploy Gate (CI/CD)

Block deployments that introduce accessibility regressions. Supports configurable failure thresholds and active waivers.

# In your CI pipeline:
RESULT=$(curl -s -X POST https://adawcag.org/api/v1/deploy/trigger \
  -H "x-api-key: $ADAWCAG_KEY" \
  -H "Content-Type: application/json" \
  -d '{"siteId":"your_site_id","fail_on_critical":true,"sha":"'$GIT_SHA'"}')

PASSED=$(echo $RESULT | jq -r '.passed')
if [ "$PASSED" != "true" ]; then
  echo "Accessibility gate FAILED"
  exit 1
fi