Skip to main content
You’ll need a Tumban account with an active organization.
1

Sign in to the dashboard

Open platform.tumban.com and sign in. If your account belongs to multiple organizations, select the active organization from the switcher in the bottom-left of the sidebar. See Dashboard overview.
2

Create an API key

From the dashboard, generate an API key. The raw key (sk_…) is shown exactly once — copy it now and store it in your secret manager.Keys are 67 characters: the prefix sk_ followed by 64 hex characters. Size your secret store and any DB columns accordingly; the sk_xxx shown in the request snippets below is a placeholder.See Create API key for the equivalent API call, and Rotating an API key when you need to retire one without downtime.
3

Submit a scan

Send the profile URL and a callback_url you control. The response returns immediately with a scan_id. This example runs a deep scan; for a faster, cheaper profile-only scan, call /api/v2/scan/quick with the same body. See Scan modes.
curl -X POST https://api-v2.tumban.com/api/v2/scan/deep \
  -H "Authorization: Bearer sk_xxx" \
  -H "Content-Type: application/json" \
  -d '{
    "profile_url": "https://creator.example/username",
    "callback_url": "https://your-app.example/webhooks/tumban",
    "metadata": {"reviewer_id": "rv_42"}
  }'
Response:
{
  "scan_id": "550e8400-e29b-41d4-a716-446655440000",
  "status": "processing",
  "submitted_at": "2026-04-29T12:00:00.123456+00:00",
  "estimated_completion": "2026-04-29T12:02:00.123456+00:00",
  "scan_mode": "deep"
}
4

Receive the result

A scan typically completes in under two minutes. You can either:
  • Wait for the webhook at your callback_url — see Webhook payload.
  • Poll GET /api/v2/scans/{scan_id} until status is one of completed or failed.
The triage report includes recommendation, risk_score, confidence, reason_codes, and evidence_index. See Recommendations for how to act on each tier.

Next steps

Configure a default callback

Avoid sending callback_url on every request.

Verify webhook signatures

Confirm every payload was sent by Tumban.

Submit a batch

Submit multiple profiles in a single request.

Read scan results

The full triage report shape.