Autonomy Docs
API ReferenceArtifacts

Scan uploaded artifact

Scans an uploaded mobile artifact and records the result. A run cannot use an upload-backed mobile target until the scan result is clean. Requires the autonomy:runs:write API key scope.

POST
/api/artifacts/scan

Scans an uploaded mobile artifact and records the result. A run cannot use an upload-backed mobile target until the scan result is clean. Requires the autonomy:runs:write API key scope.

Authorization

bearerAuth
AuthorizationBearer <token>

Send Authorization: Bearer . The token can be an Autonomy organization API key (aut_xxx) or an OAuth access token.

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/api/artifacts/scan" \  -H "Content-Type: application/json" \  -d '{    "storageId": "kg2...",    "platform": "ios",    "fileName": "Example.app.zip",    "contentType": "application/zip"  }'
{
  "storageId": "string",
  "status": "clean",
  "kind": "context",
  "sha256": "string",
  "byteSize": 0,
  "contentType": "string",
  "scanner": "string",
  "findings": [
    {
      "code": "string",
      "severity": "info",
      "message": "string"
    }
  ]
}
{
  "error": "string"
}
{
  "error": "string"
}
{
  "error": "string"
}

Create artifact upload URL POST

Creates a short-lived Convex storage upload URL for a mobile build artifact. Requires the autonomy:runs:write API key scope.

List environments GET

Lists saved target environments for the authenticated team.