Endpoints
Discover the API endpoints a page actually talks to. Webclaw parses the page's inline JavaScript and its linked script bundles, then returns every request target it finds — relative paths, absolute URLs, GraphQL operations, and WebSocket endpoints. This is the request surface /v1/map can never see, because it lives in JavaScript, not in sitemaps or <a> links.
POST
/v1/endpointsExtract API endpoints embedded in a page's inline JS and script bundles.
Request body
json
{
"url": "https://app.example.com",
"include_third_party": false,
"max_bundles": 20
}Parameters
| Field | Type | Required | Description |
|---|---|---|---|
url | string | Yes | The page to analyze. Its inline scripts and linked bundles are fetched and scanned. |
include_third_party | boolean | No | When true, also return endpoints that point at other hosts (analytics, CDNs, third-party APIs). Defaults to false — first-party only. |
max_bundles | number | No | Maximum number of <script src> bundles to download and scan. Defaults to 20, which is also the hard maximum. |
Response
json
{
"url": "https://app.example.com",
"bundles_scanned": 7,
"endpoint_count": 23,
"endpoints": [
{
"value": "/api/v2/user/profile",
"kind": "relative_path",
"first_party": true,
"source": "main.4f1a.js"
},
{
"value": "https://api.example.com/billing/subscriptions",
"kind": "absolute_url",
"first_party": true,
"source": "inline"
},
{
"value": "https://api.example.com/graphql",
"kind": "graph_ql",
"first_party": true,
"source": "vendor.9c2b.js"
},
{
"value": "wss://realtime.example.com/socket",
"kind": "web_socket",
"first_party": true,
"source": "main.4f1a.js"
}
],
"hosts": ["api.example.com", "realtime.example.com"],
"truncated": false
}| Field | Type | Description |
|---|---|---|
url | string | The page that was analyzed. |
bundles_scanned | number | How many script bundles were downloaded and scanned (inline JS is always included on top of this). |
endpoint_count | number | Total number of endpoints discovered. |
endpoints | object[] | The discovered endpoints. See the fields below. |
hosts | string[] | Distinct hostnames referenced by the discovered endpoints. |
truncated | boolean | true if scanning stopped at max_bundles and more bundles were available. Raise max_bundles for full coverage. |
Endpoint object
| Field | Type | Description |
|---|---|---|
value | string | The endpoint itself — a path, a full URL, a GraphQL URL, or a WebSocket URL. |
kind | string | One of relative_path, absolute_url, graph_ql, or web_socket. |
first_party | boolean | true when the endpoint targets the same registrable domain as the analyzed page. |
source | string | Where the value was found — a script bundle filename, or inline for inline page JavaScript. |
Note
Use
/v1/map to find pages and /v1/endpoints to find the API those pages call. They're complementary: the first walks the site graph, the second reads the JavaScript.Examples
First-party endpoints
curl
curl -X POST https://api.webclaw.io/v1/endpoints \
-H "Authorization: Bearer wc_your_api_key" \
-H "Content-Type: application/json" \
-d '{"url": "https://app.example.com"}'Include third-party hosts, scan more bundles
curl
curl -X POST https://api.webclaw.io/v1/endpoints \
-H "Authorization: Bearer wc_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"url": "https://app.example.com",
"include_third_party": true,
"max_bundles": 20
}'Tip
Endpoint discovery costs 2 credits per call. The result is a clean, deduplicated list — feed first-party paths straight into
/v1/scrape or your own API client to map an app's backend without reading its source by hand.Error responses
400 Bad Request
{
"error": "Missing required field: url"
}401 Unauthorized
{
"error": "Invalid or missing API key"
}