#RugCheck#API#Developer#Security#Solana
RugCheck API Guide: Token Security Analysis for Solana Developers
8 min read
By ScreenerBot Team
RugCheck API Guide: Token Security Analysis for Solana Developers
RugCheck is Solana's leading token security analysis platform. Their API provides programmatic access to comprehensive security reports, helping developers identify potential scams, honeypots, and risky tokens before trading.
This guide covers everything you need to integrate RugCheck's security analysis into your applications.
🎯 What You'll Learn
- RugCheck API overview and capabilities
- How to fetch token security reports
- Understanding risk factors and scores
- Bulk analysis for multiple tokens
- Integration best practices
📡 API Overview
Key Features
- Comprehensive Security Analysis: Mint/freeze authority, holder distribution, liquidity locks
- Risk Scoring: Easy-to-understand risk levels
- Bulk Endpoints: Analyze multiple tokens at once
- Real-time Data: Fresh on-chain analysis
- Free to Use: No API key required for basic endpoints
Base URL
https://api.rugcheck.xyzAPI Documentation
Interactive Swagger documentation is available at:
https://api.rugcheck.xyz/swagger/index.html🔗 Core Endpoints
Get Full Token Report
Fetch comprehensive security analysis for a token.
Endpoint: GET /v1/tokens/{mint}/report
Parameters:
mint: Token's mint address
Example:
GET https://api.rugcheck.xyz/v1/tokens/JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN/reportResponse Structure:
{
"mint": "JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN",
"tokenMeta": {
"name": "Jupiter",
"symbol": "JUP",
"uri": "https://...",
"mutable": false,
"updateAuthority": null
},
"token": {
"mintAuthority": null,
"freezeAuthority": null,
"supply": "10000000000000000",
"decimals": 6,
"isInitialized": true
},
"markets": [...],
"topHolders": [...],
"risks": [...],
"score": 150,
"riskLevel": "Good"
}Get Report Summary
Get a condensed security summary.
Endpoint: GET /v1/tokens/{mint}/report/summary
Example:
GET https://api.rugcheck.xyz/v1/tokens/JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN/report/summaryResponse:
{
"mint": "JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN",
"score": 150,
"riskLevel": "Good",
"mintAuthority": null,
"freezeAuthority": null,
"lpLocked": true,
"lpLockedPct": 95.5,
"topHoldersPct": 15.2,
"risks": [
{
"name": "Mutable metadata",
"level": "warning",
"description": "Token metadata can be changed"
}
]
}📊 Bulk Endpoints
Bulk Token Reports
Analyze multiple tokens in a single request.
Endpoint: POST /v1/bulk/tokens/report
Request Body:
{
"mints": [
"JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN",
"DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263"
]
}Response:
{
"reports": [
{
"mint": "JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN",
"score": 150,
"riskLevel": "Good",
...
},
{
"mint": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263",
"score": 2800,
"riskLevel": "Warning",
...
}
]
}Bulk Summary
Get condensed summaries for multiple tokens.
Endpoint: POST /v1/bulk/tokens/summary
Request Body:
{
"mints": ["ABC...", "DEF...", "GHI..."]
}🛡️ Understanding Security Data
Risk Levels
RugCheck returns a risk score where lower is safer:
| Level | Score Range | Meaning |
|---|---|---|
| Good | 0-999 | Low risk, few or no issues detected |
| Warning | 1000-4999 | Some concerns, proceed with caution |
| Danger | 5000+ | High risk, multiple issues detected |
Authority Status
#### Mint Authority
| Status | Meaning |
|---|---|
null |
✅ Renounced - No new tokens can be minted |
| Address present | ⚠️ Active - Owner can mint more tokens |
#### Freeze Authority
| Status | Meaning |
|---|---|
null |
✅ Renounced - Accounts cannot be frozen |
| Address present | ⚠️ Active - Owner can freeze wallets |
Common Risk Factors
{
"risks": [
{
"name": "Mint authority not renounced",
"level": "danger",
"description": "Owner can mint unlimited tokens"
},
{
"name": "Freeze authority not renounced",
"level": "danger",
"description": "Owner can freeze any wallet"
},
{
"name": "High holder concentration",
"level": "warning",
"description": "Top 10 holders own 45% of supply"
},
{
"name": "Low liquidity",
"level": "warning",
"description": "Less than $10,000 in liquidity pools"
},
{
"name": "Unlocked liquidity",
"level": "warning",
"description": "Liquidity is not locked or burned"
},
{
"name": "Mutable metadata",
"level": "info",
"description": "Token name/symbol can be changed"
}
]
}Holder Analysis
The API returns top holder information:
{
"topHolders": [
{
"address": "wallet_address_1",
"amount": "500000000000",
"percentage": 5.0,
"isInsider": false
},
{
"address": "pool_address",
"amount": "300000000000",
"percentage": 3.0,
"isInsider": false,
"label": "Raydium Pool"
}
]
}🔒 Liquidity Lock Data
Get LP Lockers
Check if liquidity is locked.
Endpoint: GET /v1/tokens/{mint}/lockers
Response:
{
"lockers": [
{
"type": "fluxbeam",
"address": "locker_address...",
"lpMint": "lp_token_mint...",
"lockedAmount": "950000000",
"totalSupply": "1000000000",
"lockedPct": 95.0,
"unlockDate": "2025-06-15T00:00:00Z",
"locked": true
}
]
}Locker Types
| Type | Platform |
|---|---|
fluxbeam |
Fluxbeam Locker |
streamflow |
Streamflow Vesting |
meteora |
Meteora Lock |
burned |
LP tokens burned (permanent) |
📈 Statistics Endpoints
Recently Detected Tokens
Endpoint: GET /v1/stats/new_tokens
Get newly created tokens detected by RugCheck.
Most Viewed Tokens (24h)
Endpoint: GET /v1/stats/recent
Trending Tokens (Voted)
Endpoint: GET /v1/stats/trending
Get tokens with the most community votes.
Recently Verified
Endpoint: GET /v1/stats/verified
Get tokens that have completed RugCheck verification.
🛠️ Integration Examples
Basic Security Check
async function checkTokenSecurity(mintAddress) {
const response = await fetch(
`https://api.rugcheck.xyz/v1/tokens/${mintAddress}/report/summary`
);
if (!response.ok) {
throw new Error(`RugCheck API error: ${response.status}`);
}
const data = await response.json();
return {
isSafe: data.riskLevel === 'Good',
score: data.score,
riskLevel: data.riskLevel,
mintRenounced: data.mintAuthority === null,
freezeRenounced: data.freezeAuthority === null,
lpLocked: data.lpLocked,
risks: data.risks
};
}Bulk Security Analysis
async function analyzeMultipleTokens(mintAddresses) {
const response = await fetch(
'https://api.rugcheck.xyz/v1/bulk/tokens/summary',
{
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ mints: mintAddresses })
}
);
const data = await response.json();
return data.reports.map(report => ({
mint: report.mint,
safe: report.riskLevel === 'Good',
score: report.score,
risks: report.risks?.length || 0
}));
}Pre-Trade Safety Check
async function isTokenSafeToTrade(mintAddress) {
const security = await checkTokenSecurity(mintAddress);
// Define your safety criteria
// Lower scores = fewer risks = safer
const isSafe =
security.mintRenounced &&
security.freezeRenounced &&
security.score <= 1000; // Low score means safer
if (!isSafe) {
console.log('Token failed safety checks:', {
mintRenounced: security.mintRenounced,
freezeRenounced: security.freezeRenounced,
score: security.score, // Higher = riskier
risks: security.risks.map(r => r.name)
});
}
return isSafe;
}Risk Level Classification
function classifyRisk(report) {
// Critical risks = immediate rejection
const criticalRisks = report.risks.filter(r =>
r.level === 'danger' &&
['Mint authority', 'Freeze authority'].some(k => r.name.includes(k))
);
if (criticalRisks.length > 0) {
return { level: 'CRITICAL', reasons: criticalRisks };
}
// High risk factors
const highRisks = report.risks.filter(r => r.level === 'danger');
if (highRisks.length > 0) {
return { level: 'HIGH', reasons: highRisks };
}
// Medium risk factors
const mediumRisks = report.risks.filter(r => r.level === 'warning');
if (mediumRisks.length >= 3) {
return { level: 'MEDIUM', reasons: mediumRisks };
}
return { level: 'LOW', reasons: [] };
}⚠️ Best Practices
1. Cache Security Reports
Security data doesn't change frequently:
const securityCache = new Map();
const CACHE_TTL = 5 * 60 * 1000; // 5 minutes
async function getCachedSecurityReport(mint) {
const cached = securityCache.get(mint);
if (cached && Date.now() - cached.timestamp < CACHE_TTL) {
return cached.data;
}
const data = await checkTokenSecurity(mint);
securityCache.set(mint, { data, timestamp: Date.now() });
return data;
}2. Handle API Errors
async function safeSecurityCheck(mint) {
try {
return await checkTokenSecurity(mint);
} catch (error) {
console.error(`Security check failed for ${mint}:`, error);
// Return unknown/risky state on error
return {
isSafe: false,
score: 0,
riskLevel: 'Unknown',
error: error.message
};
}
}3. Use Bulk Endpoints
For multiple tokens, always use bulk endpoints:
// ❌ Bad: Individual requests
for (const mint of mints) {
await checkTokenSecurity(mint);
}
// ✅ Good: Single bulk request
await analyzeMultipleTokens(mints);4. Implement Retry Logic
async function fetchWithRetry(url, options = {}, retries = 3) {
for (let i = 0; i < retries; i++) {
try {
const response = await fetch(url, options);
if (response.ok) {
return response.json();
}
if (response.status === 429) {
// Rate limited - wait and retry
await sleep(2000 * (i + 1));
continue;
}
throw new Error(`HTTP ${response.status}`);
} catch (error) {
if (i === retries - 1) throw error;
await sleep(1000 * (i + 1));
}
}
}🔗 Integration Partners
RugCheck is integrated with major Solana platforms:
- Jupiter - Swap routing with security warnings
- Raydium - Pool security indicators
- Meteora - Liquidity pool verification
- Fluxbeam - Token tools and verification
- DexScreener - Security badges
- GeckoTerminal - Security integration
📚 Resources
Official Links
Related Security Tools
🎓 Key Takeaways
- Check authorities first - Mint and freeze should be null
- Use summary endpoint for quick checks
- Use bulk endpoints for multiple tokens
- Cache results - Data doesn't change frequently
- Handle errors gracefully - Default to unsafe on failures
- Combine with other checks - Liquidity, holder distribution
RugCheck's API is essential for building safe trading applications. Now you can protect your users from scams! 🚀