Skip to main content

Announcing the HackerOne API

  • June 1st , 2016

We’re excited to announce the first version of our API is now available! The API augments the HackerOne interface to empower you to build the best bug bounty programs.

Every organization has specific metrics they rely on to measure the performance of its bug bounty program. The HackerOne API allows for custom metrics, beyond those found in HackerOne, and offers organizations access to raw report data and a powerful query interface to build custom dashboards. We have good news for organizations that run multiple programs: the API allows you to generate credentials that works across all your programs and can be used to combine the data of multiple programs at once.

Here are some of the use cases available now:

  • Dashboards: generate your own custom internal dashboards
  • Analysis: use the raw report information to do your own data analysis, for example to determine who to assign to a submission based on the contents of the report
  • Efficiency: export a single report into your bug tracker to streamline the process for escalating a bug to your engineering team
  • Metrics: use raw report data to calculate internal performance metrics for your bug bounty program
  • Data Portability: unlimited access to all of your submissions and its activities, which allows you to create full backups of your data

The API documentation can be found at The code examples in the documentation all work, so we encourage you to play around with it and see if the API is right for you. To get started today, please contact your customer success manager or email us at

We are just getting started and have additional features in the works for the API to help make your programs even more effective. The next iteration will focus on assigning one or multiple people to a report, closing a submission, and sending more frequent updates to our hackers.

If you have an API use case that you think we should know about or a feature request, please shoot us a message at We’re eager to get you started and hear about the cool integrations you build!

Oh, and to all hackers out there: the API is now included in the scope of our own bug bounty program. Do your best and let us know about the vulnerabilities you find!

Jobert Abma
HackerOne co-founder

Recent articles

Zero Daily Newsletter: Fun, yet informative, AppSec, bug bounty, and hacker news

Read the news every day, and check the usual websites? Want to get your industry news and have a little humor…

More Hardware, More Problems

Bounties are for hardware, too. Microwaves notwithstanding, there is an increasing amount of connected…

Bug fixes just got a little easier; HackerOne introduces bi-directional JIRA integration

It’s now possible to view updates on JIRA issues right inside your HackerOne Reports. The two-way integration…