Skip to content
PDFlys

Reports & Sharing

Overview

When you run an accessibility check while authenticated, the result is persisted as a report. You can then list, retrieve, export, share, and delete reports via these endpoints.

Auth required: All report endpoints require authentication.

List Reports

Retrieve a paginated list of your accessibility reports.

GET /api/v2/accessibility/reports

Query Parameters

Parameter Type Default Description
page number 1 Page number (min 1)
limit number 20 Items per page (1–100)
scoreBand string Filter by grade: A, B, C, D, or F

Example

curl https://api.pdflys.com/api/v2/accessibility/reports?page=1&limit=10&scoreBand=B \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "success": true,
  "data": {
    "reports": [
      {
        "id": "550e8400-e29b-41d4-a716-446655440000",
        "fileName": "annual-report.pdf",
        "overallScore": 72,
        "scoreBand": "B",
        "totalChecks": 30,
        "passed": 22,
        "failed": 6,
        "warnings": 2,
        "engineVersion": "1.0.0",
        "createdAt": "2026-02-25T10:00:00.000Z"
      }
    ],
    "pagination": {
      "page": 1,
      "limit": 10,
      "total": 23,
      "totalPages": 3
    }
  }
}

Get Report Detail

Retrieve the full report with all check results and standards evaluation.

GET /api/v2/accessibility/reports/:id

Example

curl https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000 \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "success": true,
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "fileName": "annual-report.pdf",
    "result": {
      "score": 72,
      "band": { "grade": "B", "label": "Good" },
      "categories": [...],
      "violations": [...]
    },
    "standards": {
      "wcag21aa": { "conformance": "partial", "passed": 28, "failed": 4 },
      "pdfua1": { "conformance": "fail", "passed": 12, "failed": 3 }
    },
    "createdAt": "2026-02-25T10:00:00.000Z"
  }
}

Delete Report

Permanently delete an accessibility report.

DELETE /api/v2/accessibility/reports/:id

Example

curl -X DELETE https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000 \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "success": true,
  "data": { "deleted": true }
}

Export

Export as CSV

Download the report as a CSV file.

GET /api/v2/accessibility/reports/:id/export/csv

curl https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000/export/csv \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -o report.csv

Returns text/csv with Content-Disposition: attachment header.

Export as PDF

Generate a formatted PDF report with compliance details.

GET /api/v2/accessibility/reports/:id/export/pdf

curl https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000/export/pdf \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "success": true,
  "data": {
    "fileId": "reports/abc123.pdf",
    "downloadUrl": "https://storage.pdflys.com/reports/..."
  }
}

Note

PDF exports are rate-limited to 10 per minute per user.

Sharing

Create shareable links to reports that can be accessed without authentication.

POST /api/v2/accessibility/reports/:id/share
Content-Type: application/json
Parameter Type Required Description
password string No Password to protect the share (4–128 chars)
expiresAt string No ISO 8601 datetime when the share expires
maxViews number No Maximum views allowed (1–10,000)

Example

curl -X POST https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000/share \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"expiresAt":"2026-03-25T00:00:00Z","maxViews":100}'

Response

{
  "success": true,
  "data": {
    "shareToken": "abc123def456..."
  }
}

HTTP status: 201 Created

The public URL for the shared report is:

GET /api/v2/accessibility/r/{shareToken}

List Shares for a Report

GET /api/v2/accessibility/reports/:id/shares

curl https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000/shares \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "success": true,
  "data": {
    "shares": [
      {
        "shareToken": "abc123def456...",
        "hasPassword": true,
        "expiresAt": "2026-03-25T00:00:00.000Z",
        "maxViews": 100,
        "viewCount": 12,
        "createdAt": "2026-02-25T10:00:00.000Z"
      }
    ]
  }
}

Revoke a Share

Use the shareToken from the list above to revoke a specific share link.

DELETE /api/v2/accessibility/reports/:id/shares/:shareToken

curl -X DELETE https://api.pdflys.com/api/v2/accessibility/reports/550e8400-e29b-41d4-a716-446655440000/shares/abc123def456 \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "success": true,
  "data": { "revoked": true }
}

Access a Public Share

Retrieve a shared report without authentication.

GET /api/v2/accessibility/r/:shareToken

If the share is password-protected, include the password in the request header:

X-Share-Password: your-password

# Public share (no password)
curl https://api.pdflys.com/api/v2/accessibility/r/abc123def456

# Password-protected share
curl https://api.pdflys.com/api/v2/accessibility/r/abc123def456 \
  -H "X-Share-Password: s3cret"

Warning

Passwords are only accepted via the X-Share-Password header — never in query strings, which leak in server logs.