API Reference

Integrate Implera into any tool or workflow.

Authentication

All API requests require Bearer token authentication. Generate a key in Settings > API Keys and include it in the Authorization header of every request.

Authorization: Bearer implera_abc123...

Keys are shown once when generated. Store the key securely; if lost, revoke the old key and generate a new one.

POST /api/v1/analyze

Trigger a deterministic codebase analysis and receive the results in a single request.

URL	`https://app.implera.ai/api/v1/analyze`
Method	`POST`
Headers	`Authorization: Bearer <key>` `Content-Type: application/json`

Request body

Field	Type	Required	Description
`owner`	string	Yes	GitHub repository owner (user or organisation).
`repo`	string	Yes	GitHub repository name.
`branch`	string	No	Branch to analyse. Defaults to the repository's default branch.

Example request

curl -X POST https://app.implera.ai/api/v1/analyze \
  -H "Authorization: Bearer implera_abc123..." \
  -H "Content-Type: application/json" \
  -d '{
    "owner": "acme",
    "repo": "web-app",
    "branch": "main"
  }'

Example response

{
  "score": 72,
  "passed": true,
  "breakdown": {
    "security": 85,
    "test_coverage": 25,
    "structure": 78,
    "maintainability": 82
  },
  "quality_gate": {
    "passed": true,
    "failed_domains": [],
    "domains": [
      { "domain": "Security", "score": 85, "threshold": 70, "passed": true },
      { "domain": "Architecture", "score": 78, "threshold": 60, "passed": true }
    ]
  },
  "insights": [
    {
      "severity": "warning",
      "title": "3 sequential await patterns that could be parallelised",
      "description": "..."
    }
  ],
  "findings": {
    "security": 2,
    "accessibility": 1,
    "total": 3
  },
  "stats": {
    "files": 142,
    "lines": 45000,
    "languages": ["TypeScript", "Svelte"]
  }
}

Quality gate evaluation

The response includes a quality_gate object with per-domain pass/fail results based on your project's configured thresholds. Each domain entry shows the current score, the required threshold and whether it passed.

If no thresholds are configured in your project settings, the following defaults are used: Security 70, Architecture 60, Maintainability 60. All other domains are disabled (threshold 0) by default.

Error responses

Status	Description
`401`	Invalid or missing API key.
`400`	Missing required field (`owner` or `repo`).
`404`	Repository not found or not connected to Implera.
`422`	Repository exceeds the 10,000 file limit.
`429`	Monthly analysis limit reached.
`500`	Unexpected server error. Retry or contact support.

All error responses return a JSON body with a message field describing the problem.

Rate limits

The Free plan includes 10 analyses per month per project. The Pro plan includes unlimited analyses. When the monthly limit is reached, the API returns a 429 status with a retry_after field indicating when the limit resets.

Rate limit information is included in the response headers:

X-RateLimit-Limit: 10
X-RateLimit-Remaining: 7
X-RateLimit-Reset: 2026-05-01T00:00:00Z