How to scout a website
Basic scout
Section titled “Basic scout”curl -X POST https://your-unsurf-url.workers.dev/tools/scout \ -H "Content-Type: application/json" \ -d '{ "url": "https://example.com", "task": "find the contact form and map how it submits" }'The task field guides the scout’s exploration. Be specific about what you want to find.
Writing effective tasks
Section titled “Writing effective tasks”Good tasks are specific and action-oriented:
| ✅ Good | ❌ Bad |
|---|---|
| ”find the contact form and map how it submits" | "explore the site" |
| "navigate to the dashboard and capture all data-loading endpoints" | "find APIs" |
| "add an item to cart and capture the checkout flow" | "test the store” |
Scouting authenticated sites
Section titled “Scouting authenticated sites”If the target site requires authentication, pass cookies or headers:
{ "url": "https://app.example.com/dashboard", "task": "capture all data-loading endpoints on the dashboard", "auth": { "cookies": "session=abc123; token=xyz", "headers": { "Authorization": "Bearer your-token" } }}Reading scout results
Section titled “Reading scout results”The response includes:
siteId— use this to query endpoints laterendpointCount— total unique endpoints foundpathId— the navigation path taken, replayable by the workeropenApiSpec— complete OpenAPI 3.1 JSON
Retrieving the OpenAPI spec
Section titled “Retrieving the OpenAPI spec”curl https://your-unsurf-url.workers.dev/sites/{siteId}/openapiThis returns a valid OpenAPI 3.1 specification you can import into any tool that consumes OpenAPI — Postman, Swagger UI, openapi-typescript, etc.
Listing captured endpoints
Section titled “Listing captured endpoints”curl https://your-unsurf-url.workers.dev/sites/{siteId}/endpointsEach endpoint includes:
methodandpathPattern— e.g.,GET /users/:idrequestSchema— inferred JSON Schema for request bodyresponseSchema— inferred JSON Schema for response bodysampleCount— how many times this endpoint was observed