Dokven
Loading Dokven.Developer Workflow
Every recipe on this page runs against the live API today — copy, paste, done. Create a key on the API keys page; scans authenticated with it use your token balance and save to your run history.
One POST per tool. Responses include the score, grade, every check, and the AI summary — the same data the web reports render. The full schema lives in the OpenAPI spec.
# Full Stack Scan — SEO, security, performance, accessibility, and copy
# in one call. Authenticate with your dk_… key (the full scan costs more
# tokens than the guest tier holds; single-module endpoints work as guest).
curl -X POST "http://localhost:3000/api/scan/all" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer dk_YOUR_API_KEY" \
-d '{"url": "https://example.com"}'POST /api/scan/allPOST /api/test-apiPOST /api/seo-auditPOST /api/securityPOST /api/performancePOST /api/accessibilityPOST /api/copy-testingPOST /api/responsive-testingPOST /api/tag-audit/scanRun a Full Stack Scan against your staging URL on every pull request and fail the build when the score drops below your gate. No SDK, no package install — each recipe is self-contained.
name: Dokven QA gate
on: [pull_request]
jobs:
dokven:
runs-on: ubuntu-latest
steps:
- name: Dokven Full Stack Scan
env:
DOKVEN_API_KEY: ${{ secrets.DOKVEN_API_KEY }}
run: |
curl -fsS -X POST "http://localhost:3000/api/scan/all" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $DOKVEN_API_KEY" \
-d '{"url": "https://staging.example.com"}' -o result.json
SCORE=$(jq -r '.score // empty' result.json)
GRADE=$(jq -r '.grade // empty' result.json)
echo "Dokven score: ${SCORE:-?}/100 (${GRADE:-?})"
jq -r '.summary // empty' result.json
if [ -n "$SCORE" ] && [ "$SCORE" -lt 80 ]; then
echo "::error::Dokven score $SCORE is below the 80 gate"
exit 1
fiA single-file script for terminal audits and CI jobs: pretty, --json, and --summary output, module selection, and a --fail-below exit-code gate.
# Download once (a single dependency-free script), then run audits
# from any terminal or CI job with node 20+.
curl -fsSL http://localhost:3000/cli/dokven.mjs -o dokven.mjs
# Full Stack Scan with pretty output
node dokven.mjs scan https://example.com
# Single module, machine-readable, CI score gate
DOKVEN_API_KEY=dk_YOUR_API_KEY \
node dokven.mjs scan https://example.com --module=security --json
node dokven.mjs scan https://example.com --fail-below=80Add a webhook under Monitoring and Dokven posts when a watched URL's score regresses past your threshold — formatted natively for Slack and Discord, or raw JSON for anything else. Verify deliveries with the signature header:
// Every delivery is signed: hex HMAC-SHA256 of the raw request body
// using your webhook secret, sent in the X-Dokven-Signature header.
import { createHmac } from "crypto";
export function verifyDokvenSignature(rawBody, signature, secret) {
const expected = createHmac("sha256", secret).update(rawBody).digest("hex");
return expected === signature;
}Create an API key, drop a recipe into your pipeline, and your next deploy ships with a QA gate.