API & webhooks
Build integrations with the DeepSource API and webhooks
DeepSource provides a GraphQL API and webhooks so you can integrate code health data into your existing workflows: CI pipelines, internal dashboards, Slack bots, or custom tooling.
GraphQL API
The API gives you programmatic access to everything in the DeepSource dashboard: repositories, issues, analysis runs, metrics, and more.
- Endpoint:
https://api.deepsource.io/graphql/ - Rate limit: 5,000 requests per hour per user
- Schema exploration: Use Altair or Insomnia to browse the full schema and documentation
curl https://api.deepsource.io/graphql/ \
-H "Authorization: Bearer <YOUR_PAT>" \
-H "Content-Type: application/json" \
-d '{"query": "{ viewer { email } }"}'What you can query:
- Repository activation status, settings, and analysis configuration
- Issues: list, filter, and inspect detected issues with file and line references
- Analysis runs: track status, results, and history
- Metrics: code coverage, code health scores, and trends
- Teams, members, and access control
Authenticate with a Personal Access Token (PAT). To create one, go to your user settings and open the Tokens tab — see Personal Access Tokens for details.
Webhooks
Webhooks send real-time HTTP POST notifications to your endpoint when events occur in DeepSource.
Available events:
| Event | Description |
|---|---|
analysis_run.started | Analysis run begins |
analysis_run.updated | Analyzer returns a result |
autofix_run.started | Autofix™ run created |
autofix_run.updated | Autofix status or PR updated |
repository.analysis.activated | Analysis activated on a repository |
repository.analysis.deactivated | Analysis deactivated |
repository_issue.introduced | New issue detected on default branch |
repository_issue.resolved | Issue resolved on default branch |
team_member.added | Member added to team |
team_member.removed | Member removed |
team_member.updated | Member role changed |
Security: Webhook payloads can be signed with an HMAC secret so you can verify they came from DeepSource.
Use cases
Pull data into your systems — API Query the GraphQL API when you need to read DeepSource data on your own schedule: populate an internal engineering dashboard, generate a weekly code-health digest, enforce a quality gate in CI by checking issue counts before deploying, or bulk-export metrics for trend analysis.
React to events in real time — Webhooks Use webhooks when something in DeepSource should trigger an action elsewhere: post a Slack message when a new vulnerability is detected, create a Jira ticket for critical issues, update a status board when an analysis run completes, or kick off a downstream pipeline.
Getting started
To get started with the API, create a Personal Access Token and explore the API reference. To configure webhooks, see Webhook setup and the event reference.