PeerPanda API Overview

API Overview

Note: No self-service is available at the moment, please get in touch with us support if you would like to get started with the API.

Authentication & Authorization

Authentication Method:
All API requests must be authenticated via a Bearer Token issued per user or service account.
You can issue a token in your PeerPanda settings.

Token Format:
Tokens must be included in the Authorization HTTP header:
Authorization: Bearer <token>

Token Scope:
Tokens inherit the permissions of the associated user or service identity. Tokens are revocable and subject to rotation. Expired tokens are rejected automatically.

Transport Security

TLS Enforcement:
All traffic to the API must occur over HTTPS using TLS 1.3. Requests over plain HTTP are rejected. HSTS headers are enabled to prevent protocol downgrade attacks.


Rate Limiting

Per-Token Throttling:
API usage is rate-limited per token to prevent abuse:

  • 30 requests per minute
  • 10 000 requests per day

Abuse Prevention

  • All API requests are logged, including:
    • Timestamp
    • IP address
    • User ID or service identity
    • Endpoint accessed
    • Status code

  • Logs are stored securely and retained according to internal compliance and incident response policies.

Available APIs

No self-service is available at the moment, please contact our support if you would like to get started with the API.

Currently, the following endpoints are available :

GET /v1/competitors/ Retrieve the full list of competitor profiles
PUT /v1/deals/ Import a deal outcome into the PeerPanda database

Integration Guidelines

Staging Access:
All integrations must be tested in a dedicated staging environment prior to production use.

API Tokens:
Tokens should be stored securely (e.g., environment variables, secret managers). Hardcoding or exposing tokens in client-side code is prohibited.

Timeouts and Retries:
Clients should implement reasonable timeouts and exponential backoff for error responses.

Change Control & Communication

  • Breaking changes are introduced only in new major versions
  • All changes are communicated via email prior to deployment