AttachmentScanner API — AI Integration Guide
You are integrating AttachmentScanner, a REST API that scans files and URLs for viruses and malware. This document gives you everything you need.
Authentication
Every request requires a Bearer token in the Authorization header:
Authorization: Bearer YOUR_API_TOKEN
Read credentials from environment variables:
| Variable | Purpose |
|---|---|
ATTACHMENT_SCANNER_URL |
Base URL for API requests (includes region) |
ATTACHMENT_SCANNER_API_TOKEN |
Bearer token for authentication |
Regions
AttachmentScanner runs in three regions. The user's base URL determines the region:
| Region | Base URL |
|---|---|
| US | https://api.attachmentscanner.com |
| EU | https://eu.api.attachmentscanner.com |
| Australia | https://aus.api.attachmentscanner.com |
Core Endpoint
POST /v1.0/scans
Scan a URL
{
"url": "https://example.com/file.pdf"
}
Scan a File (multipart upload)
Send the file as a multipart form field named file:
POST /v1.0/scans
Content-Type: multipart/form-data
Authorization: Bearer YOUR_API_TOKEN
file=@document.pdf
Response
{
"id": "scan-id",
"status": "found",
"matches": ["Eicar-Test-File-Signature"],
"url": "https://example.com/file.pdf",
"filename": "file.pdf",
"content_length": 68,
"md5": "...",
"sha256": "..."
}
Status Values
| Status | Meaning |
|---|---|
ok |
File is clean — no threats detected |
found |
Malware detected — matches contains threat names |
pending |
Scan is still running (async mode) |
failed |
Scan could not complete |
Async Scanning (Recommended)
For production use, always use async mode with a callback URL. Synchronous scans block the request until scanning completes, which can take several seconds for large files.
{
"url": "https://example.com/file.pdf",
"async": true,
"callback": "https://yourapp.com/webhooks/scan-complete"
}
This returns immediately with "status": "pending". When the scan finishes, AttachmentScanner POSTs the full result to your callback URL.
Polling Fallback
If you cannot receive webhooks, poll for the result:
GET /v1.0/scans/{id}
Testing
Use the EICAR test file to verify your integration without real malware:
https://www.attachmentscanner.com/eicar.com
This URL always triggers a "found" result with the match "Eicar-Test-File-Signature".
Before You Start
Ask the user:
- What language/framework are they using?
- What are they scanning — user-uploaded files, URLs, or both?
- Sync or async — can they receive webhooks, or do they need to poll?
Language Examples
Working code examples are available for each language: