API Reference

Integrate Tagstack's martech intelligence directly into your applications and workflows. Scan any website, detect marketing technologies, and generate branded audit reports — all through simple REST endpoints.

First API call in 60 seconds
Go from zero to scanning a website in three steps.
1
Get your API key — Head to your profile page and click Generate API Key. Copy it somewhere safe.
2
Make your first scan — Open a terminal and paste this command, replacing the placeholder with your key:
curl
curl "https://service.tagstack.io/api/scan?url=stripe.com" \ -H "Authorization: Bearer YOUR_API_KEY"
3
Get the results — You'll receive a JSON response with detected containers, technologies, vitals, and more. That's it — you're in.

Authentication

All API requests require a valid API key passed as a Bearer token in the Authorization header. You can generate an API key from your profile page. API access requires an active paid subscription.

Header format
HTTP Header
Authorization: Bearer YOUR_API_KEY

Keep your API key secret. Do not expose it in client-side code, public repositories, or browser requests. If you believe your key has been compromised, regenerate it immediately from your profile.

Base URL

All API endpoints are served from a single base URL. All requests must use HTTPS.

Base URL
https://service.tagstack.io

Errors & Rate Limits

The API uses standard HTTP status codes to indicate success or failure. All error responses return a JSON body with an error field describing what went wrong.

StatusMeaningWhat to do
200SuccessRequest completed successfully.
400Bad RequestMissing or invalid parameters. Check the error message for details.
401UnauthorizedAPI key is missing, invalid, expired, or your subscription is inactive.
404Not FoundThe requested resource doesn't exist or doesn't belong to you.
429Rate LimitedToo many requests. Back off and retry after a short delay.
500Server ErrorSomething went wrong on our end. Retry or contact support.

API scan limits apply. Each scan consumes one credit from your monthly allowance. When your credits are exhausted, scan requests will return a success: false response. Limits reset at the start of each billing cycle. You can check your remaining credits on your profile page.

Scanning

Core scanning endpoints to analyze any website's marketing technology stack, detect GTM containers, assess configuration health, and retrieve Core Web Vitals.

GET /api/scan?url={target}

The primary scanning endpoint. Analyzes a website or GTM container ID and returns a full breakdown of detected containers, their configuration, technologies in use, Core Web Vitals, and Cloudflare DNS status. Responses are cached for 1 hour.

Query parameters
ParameterDescription
url
string
The domain or GTM container ID to scan. Accepts a bare domain (e.g. stripe.com), a full URL, or a GTM ID (e.g. GTM-KL36Q2B).
Required
Example request
curl
curl "https://service.tagstack.io/api/scan?url=ads.google.com" \ -H "Authorization: Bearer YOUR_API_KEY"
Example response
JSON Response
{ "success": true, "message": "{\"G-59LMG6TE58\":{\"entityType\":\"GA4 Stream\"},\"GTM-M2PH3M87\":{\"cmp\":null,\"consentMode\":false,\"entityType\":\"GTM Container\",\"ga4ServerSide\":false,\"tags\":[...],\"triggers\":[...],\"variables\":[...]}}", "vitals": { "lcp": 1.2, "fid": 3, "cls": 0.02 }, "techList": [ { "id": 42, "name": "Google Analytics 4 Event", "min_price_per_year": 30000, "paid_only": 0, "icon": "ga4" }, { "id": 87, "name": "OneTrust", "min_price_per_year": 13200, "paid_only": 1, "icon": "onetrust" } ], "url": "ads.google.com", "cloudflareDNS": false }

The message field contains a stringified JSON of all detected containers and their full configuration (tags, triggers, variables, consent mode settings, enhanced measurement, etc.). Parse it with JSON.parse() for the complete breakdown.

GET /api/vendors?url={domain}

A lightweight, high-speed scan that returns only the list of technology names detected on a domain. Faster than the full /api/scan endpoint — ideal for bulk lookups, enrichment pipelines, or when you just need to know what technologies a site uses without the full container breakdown.

Query parameters
ParameterDescription
url
string
The domain to scan. Must be a domain name (e.g. stripe.com), not a GTM container ID.
Required
Example request
curl
curl "https://service.tagstack.io/api/vendors?url=notion.so" \ -H "Authorization: Bearer YOUR_API_KEY"
Example response
JSON Response
{ "success": true, "domain": "notion.so", "technologies": [ "Google Analytics 4 Event", "Google Tag", "Consent Mode", "GA4 Enhanced Measurement - Page view", "Custom HTML - cdn.segment.com" ] }

Saved Scans

Create persistent, shareable scan reports with optional custom branding. Each saved scan gets a unique URL you can share with clients. Perfect for agencies generating audit reports at scale.

GET /api/save-scan?url={target}&...

Creates a saved scan report via query parameters. The scan runs asynchronously and returns a unique scan ID with a shareable URL. Useful for simple integrations and browser-based workflows.

Query parameters
ParameterDescription
url
string
Domain or full URL to scan.
Required
containerId
string
GTM container ID to scan (alternative to url).
Required
brandName
string
Custom brand name displayed on the saved report.
Optional
brandLogo
string
URL to a logo image for the saved report.
Optional
brandVideoLink
string
URL to a video embedded in the report.
Optional

* Either url or containerId is required — you must provide at least one.

Example request
curl
curl "https://service.tagstack.io/api/save-scan?url=stripe.com&brandName=My%20Agency" \ -H "Authorization: Bearer YOUR_API_KEY"
Example response
JSON Response
{ "success": true, "scanId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890", "scanUrl": "https://tagstack.io/scan/?ssid=a1b2c3d4-e5f6-7890-abcd-ef1234567890" }
POST /api/save-scan

Same as the GET variant, but accepts a JSON body — cleaner for programmatic use, automation pipelines, and when passing multiple optional parameters.

Request body (JSON)
curl
curl -X POST "https://service.tagstack.io/api/save-scan" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "url": "stripe.com", "brandName": "My Agency", "brandLogo": "https://myagency.com/logo.png" }'

Pro tip for agencies: Use the POST endpoint to generate branded audit reports at scale. Combine with a CRM integration to auto-send reports to prospects after enrichment.

DELETE /api/save-scan/{id}

Permanently deletes a saved scan report and its associated storage. The scan URL will no longer be accessible after deletion.

Path parameters
ParameterDescription
id
string (UUID)
The scan ID returned when the saved scan was created.
Required
Example request
curl
curl -X DELETE "https://service.tagstack.io/api/save-scan/a1b2c3d4-e5f6-7890-abcd-ef1234567890" \ -H "Authorization: Bearer YOUR_API_KEY"
Example response
JSON Response
{ "success": true }

Use Cases

Here's what teams are building with the Tagstack API.

Competitive Intelligence
Enrich your CRM with martech stack data. Know what analytics, ads, and consent tools your prospects use before the first call.
Automated Audit Reports
Generate white-labeled scan reports for prospects at scale. Pair with your scheduling tool for a seamless sales pipeline.
Bulk Enrichment Pipelines
Feed a list of domains through the /api/vendors endpoint to build a technology adoption database for market research.
AI Agent Workflows
Connect Tagstack via MCP to Claude, ChatGPT, or custom AI agents. Let your AI research prospects' tech stacks autonomously.

Postman Setup

Import this collection into Postman to start testing all Tagstack API endpoints immediately. You'll just need to set your API key as a variable.

1
Copy the JSON below and save it as tagstack-api.postman_collection.json
2
Import in Postman — Go to File → Import → select the file
3
Set your API key — Go to the collection's Variables tab and set api_key to your key
tagstack-api.postman_collection.json
{ "info": { "name": "Tagstack API", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" }, "variable": [ { "key": "base_url", "value": "https://service.tagstack.io" }, { "key": "api_key", "value": "YOUR_API_KEY" } ], "auth": { "type": "bearer", "bearer": [{ "key": "token", "value": "{{api_key}}" }] }, "item": [ { "name": "Scanning", "item": [ { "name": "Scan a URL", "request": { "method": "GET", "url": "{{base_url}}/api/scan?url=stripe.com" } }, { "name": "Quick Vendor Lookup", "request": { "method": "GET", "url": "{{base_url}}/api/vendors?url=notion.so" } } ] }, { "name": "Saved Scans", "item": [ { "name": "Save Scan (GET)", "request": { "method": "GET", "url": "{{base_url}}/api/save-scan?url=stripe.com&brandName=My%20Agency" } }, { "name": "Save Scan (POST)", "request": { "method": "POST", "url": "{{base_url}}/api/save-scan", "header": [{ "key": "Content-Type", "value": "application/json" }], "body": { "mode": "raw", "raw": "{\"url\":\"stripe.com\",\"brandName\":\"My Agency\"}" } } }, { "name": "Delete Saved Scan", "request": { "method": "DELETE", "url": "{{base_url}}/api/save-scan/YOUR_SCAN_ID" } } ] } ] }
MCP Integration — Connect to AI Agents
Tagstack supports the Model Context Protocol (MCP), enabling Claude, ChatGPT, and other AI agents to scan websites and retrieve martech data directly. Connect your Tagstack account to AI tools and let them research prospects' tech stacks autonomously.
Learn more →
Need help? Reach out at lucas@tagstack.io Last updated: February 2026