This is a reference for the Pullminder REST API. The base URL is https://api.pullminder.com. All organization-scoped routes use the path prefix /api/orgs/{orgId}.
| Method | Path | Description |
|---|
GET | /auth/github | Initiate GitHub OAuth login flow |
GET | /auth/github/callback | Handle GitHub OAuth callback |
POST | /auth/logout | End the current session |
GET | /auth/me | Get the authenticated user profile |
| Method | Path | Description |
|---|
GET | /api/orgs | List organizations the user belongs to |
GET | /api/orgs/{orgId}/ | Get organization details |
PATCH | /api/orgs/{orgId}/onboarding | Update onboarding state |
DELETE | /api/orgs/{orgId}/ | Delete the organization |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/repos | List repositories in the organization |
PATCH | /api/orgs/{orgId}/repos/{repoId} | Update repository settings (e.g., toggle active) |
POST | /api/orgs/{orgId}/repos/sync | Sync repository list from GitHub |
POST | /api/orgs/{orgId}/repos/bulk-activate | Activate multiple repositories at once |
GET | /api/orgs/{orgId}/repos/{repoId}/badge | Get the badge configuration for a repository |
POST | /api/orgs/{orgId}/repos/{repoId}/badge | Create a badge for a repository |
DELETE | /api/orgs/{orgId}/repos/{repoId}/badge | Delete a repository badge |
GET | /api/orgs/{orgId}/repos/{repoId}/detected-frameworks | List detected frameworks for a repository |
POST | /api/orgs/{orgId}/repos/{repoId}/rule-packs/{packId}/enable | Enable an auto-detected rule pack |
DELETE | /api/orgs/{orgId}/repos/{repoId}/rule-packs/{packId}/enable | Disable an auto-detected rule pack |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/prs | List analyzed pull requests (supports filters) |
GET | /api/orgs/{orgId}/prs/{prId} | Get pull request detail and risk breakdown |
GET | /api/orgs/{orgId}/prs/{prId}/reviews | Get review analysis for a pull request |
GET | /api/orgs/{orgId}/prs/{prId}/coverage | Get coverage data for a pull request |
GET | /api/orgs/{orgId}/prs/{prId}/reviewer-prompt | Get the AI reviewer brief for a pull request |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/rules | List installed rule packs |
POST | /api/orgs/{orgId}/rules/{slug}/install | Install a rule pack from the registry |
DELETE | /api/orgs/{orgId}/rules/{slug} | Uninstall a rule pack |
PATCH | /api/orgs/{orgId}/rules/{slug} | Update rule pack settings (action, enabled state) |
POST | /api/orgs/{orgId}/rules/{slug}/upgrade | Upgrade a rule pack to the latest version |
GET | /api/orgs/{orgId}/rules/{slug}/detail | Get full detail for an installed rule pack |
GET | /api/orgs/{orgId}/rules/{slug}/overrides | List per-repository overrides for a rule pack |
PUT | /api/orgs/{orgId}/rules/{slug}/overrides/{repoId} | Set a per-repository override for a rule pack |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/policies | List policies |
POST | /api/orgs/{orgId}/policies | Create a policy |
PATCH | /api/orgs/{orgId}/policies/{policyId} | Update a policy |
DELETE | /api/orgs/{orgId}/policies/{policyId} | Delete a policy |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/analytics/summary | Aggregated analytics summary |
GET | /api/orgs/{orgId}/analytics/risk-trend | Risk score trend over time |
GET | /api/orgs/{orgId}/analytics/top-categories | Most common finding categories |
GET | /api/orgs/{orgId}/analytics/repo-breakdown/search | Per-repository risk and finding breakdown |
GET | /api/orgs/{orgId}/analytics/review-time | Review duration statistics |
GET | /api/orgs/{orgId}/analytics/patterns | Recurring finding patterns |
GET | /api/orgs/{orgId}/analytics/reviewer-activity | Per-reviewer activity and response times |
GET | /api/orgs/{orgId}/analytics/coverage-trend | Code coverage trend over time |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/reports/baseline | Get baseline analysis report |
GET | /api/orgs/{orgId}/reports/baseline/repos | Get per-repository baseline data |
| Method | Path | Description |
|---|
POST | /api/orgs/{orgId}/baseline/scan | Trigger a historical baseline scan |
GET | /api/orgs/{orgId}/baseline/status | Check baseline scan progress |
GET | /api/orgs/{orgId}/baseline/summary | Get baseline scan summary |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/alerts | List alerts (high-risk, policy blocks) |
POST | /api/orgs/{orgId}/alerts/read | Mark alerts as read |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/audit | List audit log entries for the organization |
| Method | Path | Description |
|---|
PATCH | /api/orgs/{orgId}/settings | Update organization settings |
POST | /api/orgs/{orgId}/settings/test-webhook | Send a test Slack webhook message |
PUT | /api/orgs/{orgId}/settings/registry | Configure a custom rule registry |
DELETE | /api/orgs/{orgId}/settings/registry | Remove the custom rule registry |
POST | /api/orgs/{orgId}/settings/registry/sync | Sync rule packs from the custom registry |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/retention | Get data retention policies |
PATCH | /api/orgs/{orgId}/retention | Update retention policy for a resource type |
| Method | Path | Description |
|---|
POST | /api/orgs/{orgId}/checkout | Create a checkout session |
GET | /api/orgs/{orgId}/subscription | Get current subscription details |
POST | /api/orgs/{orgId}/subscription/cancel | Cancel the subscription |
GET | /api/orgs/{orgId}/billing/history | List payment history |
POST | /api/orgs/{orgId}/subscription/upgrade | Upgrade to a higher plan |
POST | /api/orgs/{orgId}/subscription/downgrade | Downgrade to a lower plan |
POST | /api/orgs/{orgId}/subscription/upgrade/preview | Preview prorated cost of an upgrade |
| Method | Path | Description |
|---|
GET | /api/me/data-export | Export all personal data |
DELETE | /api/me/account | Delete the user account |
| Method | Path | Description |
|---|
GET | /api/orgs/{orgId}/usage | Get usage statistics |
GET | /api/orgs/{orgId}/stats | Get organization stats (stat cards) |
GET | /api/orgs/{orgId}/search | Search across PRs, repos, and findings |
GET | /api/orgs/{orgId}/category-meta | Get metadata for finding categories |
| Method | Path | Description |
|---|
GET | /api/v1/registry/rules | List all available rule packs in the registry |
These endpoints do not require authentication:
| Method | Path | Description |
|---|
GET | /health | Health check |
GET | /badge/{token} | Render a risk score badge image |
POST | /webhooks/github | Receive GitHub webhook events |
GET | /api/checkout/confirm | Billing checkout confirmation callback |
GET | /api/checkout/failure | Billing checkout failure callback |
POST | /api/leads | Submit a lead (rate limited) |
GET | /badges/score | Score badge image |
GET | /badges/findings | Findings badge image |
GET | /badges/policies | Policies badge image |
GET | /badges/coverage | Coverage badge image |
These endpoints use GITHUB_TOKEN authentication instead of session cookies.
| Method | Path | Description |
|---|
GET | /api/v1/cli/score | Get risk score for a PR |
GET | /api/v1/cli/brief | Get reviewer brief for a PR |
GET | /api/v1/cli/config | Get CLI configuration |
GET | /api/v1/cli/config/org | Get organization-level CLI configuration |
