Guides

Run your first scan

This guide goes one level deeper than the getting-started version: it covers the dashboard flow, the equivalent API calls, and how to turn the first report into a prioritized plan.

From the dashboard

  1. Submit the URL

    Paste the home-page URL into the free scan form. Sift Health resolves redirects and crawls a bounded set of pages (15–20), prioritizing the patient-facing paths it probes: /privacy-policy, /appointments, /book, /patient-forms, /portal, and more.

  2. Let the analyzers run

    Each page is classified and routed to the analyzers that apply: TLS and header checks everywhere, the tracker inventory everywhere (weighted by page type), the form analyzer on intake/appointment pages, and the privacy-policy analyzer on the policy page.

  3. Review and act

    Sort findings by severity. Fix the highest-severity, patient-facing items first, then rescan to confirm the score moved.

From the API

Queue a scan, then poll for completion. The scan id is returned immediately with a queued status.

# 1. Queue the scan
curl -s https://api.sifthealth.app/v1/scans \
  -H "Authorization: Bearer $SIFT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://www.example-clinic.com"}'

# 2. Poll until status == "completed"
curl -s https://api.sifthealth.app/v1/scans/SCAN_ID \
  -H "Authorization: Bearer $SIFT_API_KEY"

Build a remediation plan from the first scan

Export the findings (or the PDF on a paid plan) and group them by owner: trackers and tag-manager changes usually go to marketing; headers, TLS, and form handling go to whoever runs the web infrastructure. Re-run after each batch of fixes.

Set up monitoring

Keep watching after the first fix.

Triage findings

The status workflow in depth.

Create a scan (API)

Full endpoint reference.

How scoring works

Understand why the score moved.