Data Theorem Portal API Programmatic access to Mobile Apps information and scan results

Data Theorem Portal API


There currently are two APIs available:

  • The Results API, which provides access to the list of all mobile Apps registered within your Data Theorem account and the list of scans and security issues found during the scans.
  • The Upload API, which can be used to upload PreProd mobile binaries directly to Data Theorem for scanning. For better integration with your developer teams’ workflow, it is usually better to use existing mobile beta-testing tools such as HockeyApp for sending builds, instead of the Upload API.

General Consideration


You should always access the API over HTTPS from

All data is sent as JSON.


All requests must be authenticated using the corresponding API key; the Results API and the Upload API use a different API key. You must send the API key in the Authorization header as a “Bearer” token: Authorization: Bearer API_KEY.

curl -H "Authorization: Bearer API_KEY"

Unauthenticated responses will return a 401 Unauthorized.


All dates are formatted in UTC.

Rate Limiting

There is no rate limiting enforced at the moment, but we might add a per-day limit later if needed.

Reference Client

A Python client/library for accessing the API is available on GitHub at