Recipes

Consultant bulk onboarding

You've signed a batch of clients and want a baseline on every site this week. Rather than clicking through the console, script the onboarding: register each site, capture its verification token, and queue a first scan.

Authorization first

Only onboard sites you’re engaged to assess. The first scan of a domain is passive and rate-limited, but recurring monitoring requires domain verification — which is also your client’s explicit sign-off that you’re authorized.

Register sites and queue baselines

The script below reads a list of display_name,url pairs, registers each as a site, prints the verification token to hand back to the client, and queues a baseline scan. Run it once per client batch.

import os, csv, requests

BASE = "https://api.sifthealth.app"
H = {"Authorization": f"Bearer {os.environ['SIFT_API_KEY']}"}

# clients.csv:  display_name,url
with open("clients.csv") as f:
    for row in csv.DictReader(f):
        site = requests.post(f"{BASE}/v1/sites", headers=H, json={
            "root_url": row["url"],
            "display_name": row["display_name"],
        }).json()

        # Hand this token to the client to add as a DNS TXT or meta tag
        print(f"{row['display_name']}: verify with "
              f"sift-site-verification={site['verification_token']}")

        # Queue a baseline scan now (works before verification)
        requests.post(f"{BASE}/v1/scans", headers=H,
                      json={"url": row["url"]})

After the baseline

Once clients add their verification records, flip each site to verified (POST /v1/sites/{id}/verify) and enable monitoring. Add each client contact as a read-only member of their own site so they can watch progress, and turn on white-label PDFs so deliverables carry your brand.

For consultants

The Agency tier overview.

Register a site (API)

POST /v1/sites in detail.

Domain verification

What clients need to add.

White-label reports

Branded client deliverables.