Skip to main content

API Reference

Compliance API

API reference for running compliance scans and retrieving results.

Compliance API#

Trigger Compliance Scan#

POST /v1/projects/:id/complianceRequires authentication

Starts an asynchronous compliance scan for a project. The scan checks 40+ rules across privacy, security, metadata, functionality, accessibility, and monetization.

Path Parameters#

| Name | Type | Required | Description | |------|------|----------|-------------| | id | string | Yes | The project ID. |

Response#

json
{
  "scanId": "scan_def456",
  "status": "scanning"
}

Example#

bash
curl -X POST \
  -H "Authorization: Bearer sk_stora_..." \
  https://stora.sh/api/v1/projects/proj_abc123/compliance

Note: Compliance scans typically complete in under 60 seconds. For projects with source code connected, the scan performs deeper analysis including dependency auditing and code-level checks.

Get Compliance Results#

GET /v1/projects/:id/compliance/:scanIdRequires authentication

Returns the results of a completed compliance scan.

Path Parameters#

| Name | Type | Required | Description | |------|------|----------|-------------| | id | string | Yes | The project ID. | | scanId | string | Yes | The scan ID returned by the trigger endpoint. |

Response#

json
{
  "scanId": "scan_def456",
  "status": "completed",
  "overallScore": 87,
  "issues": [
    {
      "severity": "error",
      "category": "privacy",
      "title": "Missing privacy policy URL",
      "description": "No privacy policy link was found in the app or store listing.",
      "recommendation": "Add a privacy policy URL in your app's settings screen and in the App Store metadata."
    },
    {
      "severity": "warning",
      "category": "metadata",
      "title": "Description too short",
      "description": "The app description is 120 characters. Apple recommends at least 300 characters.",
      "recommendation": "Expand the description to highlight key features, use cases, and differentiators."
    },
    {
      "severity": "info",
      "category": "accessibility",
      "title": "VoiceOver labels missing on 3 screens",
      "description": "Some interactive elements lack accessibility labels.",
      "recommendation": "Add accessibility labels to all buttons, images, and interactive controls."
    }
  ],
  "submissionReadiness": "needs_review"
}

Status Values#

| Status | Description | |---|---| | scanning | The scan is in progress. | | completed | The scan finished. Results are available. | | failed | The scan encountered an error. |

Issue Severity Levels#

| Severity | Meaning | |---|---| | error | Likely to cause rejection. Must fix before submission. | | warning | May cause rejection or negatively impact listing. Should fix. | | info | Best practice recommendation. Optional but beneficial. |

Submission Readiness#

| Value | Meaning | |---|---| | ready | No blocking issues found. Safe to submit. | | needs_review | Warnings exist. Review them before submitting. | | not_ready | Critical errors found. Fix them before submitting. |

Example#

bash
curl -H "Authorization: Bearer sk_stora_..." \
  https://stora.sh/api/v1/projects/proj_abc123/compliance/scan_def456