Subspace
Sign in
checking…index fresh —
The Subspace dossier

Deterministic checks across public records — government filings (H-1B, WARN, SEC EDGAR), DNS, HTTP headers, CSP, app stores, careers pages, ATS fingerprints. No LinkedIn scraping. No AI guesses. If a fact isn't there, it's blank.

Methodology
What we read →
API docs →
Field notes →
Legal
Privacy
Terms
dev@thesubspace.io
© 2026
Subspace, Inc.
On-demand intelligence
Docs/API Reference/v1

API Reference

Flat JSON, one endpoint per use case. Base URL https://www.thesubspace.io/api/v1

Getting StartedIntroductionAuthenticationRate limits
CoreEnrichList CompaniesSearchTrace (full audit)Cost Centers
SchemaPer-signal ConfidenceResponse Fields
ErrorsError codes

Introduction

The Subspace API runs deterministic checks per domain against 36 public sources. Every response is a flat JSON object you can map directly to columns in Clay, Airtable, or your CRM. No nested arrays to flatten, no score magic numbers you can't back out.

You can authenticate, query /v1/enrich?domain=stripe.com, and have usable data in 30 seconds. The rest of this reference covers the surface area.

ActiveAll active API keys have full access to every field — no tier restrictions. Generate a key from your Settings page and start enriching immediately. Rate limit: 60 requests/minute.

Authentication

Authenticate by passing your API key in the x-api-key header. All endpoints support CORS for browser-based requests.

CURL
curl "https://www.thesubspace.io/api/v1/enrich?domain=stripe.com" \
  -H "x-api-key: YOUR_API_KEY"

Rate limits

Rate limits are per-IP and reset every minute. Every response includes x-ratelimit-remaining. Cached responses do not count against your monthly allotment.

PlanRPMMonthly calls
Open Access60Unlimited

Enrich a company

Flat enrichment endpoint optimized for Clay and other enrichment platforms. Returns cost-center tiers, boolean feature flags, and per-signal evidence as top-level fields for direct column mapping — no nested objects.

If the domain is not in the database, it is automatically processed on-demand (first request may take 10–15 seconds).

GET/api/v1/enrichOpen Access
curl "https://www.thesubspace.io/api/v1/enrich?domain=stripe.com" \
  -H "x-api-key: YOUR_API_KEY"

Query parameters

NameTypeRequiredDescription
domainstringYesCompany domain (e.g. stripe.com). Accepts full URLs.
includestringNoSet to jobs to attach the company's job listings (title, location, URL). Adds jobs array, pagination metadata (jobs_returned, jobs_total, jobs_has_more, jobs_next_offset), and jobs_confidence + jobs_source. Costs 2 credits for verified ATS sources.
jobs_limitintegerNoPage size when include=jobs. Default 50, max 500.
jobs_offsetintegerNoPage offset when include=jobs. Default 0. Pass jobs_next_offset from the prior response to walk pages.
jobs_seen_afterstringNoISO timestamp; only return jobs Subspace first observed at or after this time. Filters on first_seen_at — monotonic and never null, unlike upstream posted_at. Use for incremental syncs (e.g. n8n recurring polls).
career_urlstringNoOverride career page URL when using include=jobs.

Pagination example

Walk all listings for a company, then poll for new ones:

GET
# page 1
/api/v1/enrich?domain=stripe.com&include=jobs&jobs_limit=50

# follow jobs_next_offset until jobs_has_more is false
/api/v1/enrich?domain=stripe.com&include=jobs&jobs_limit=50&jobs_offset=50

# next sync — only what's new since your last poll
/api/v1/enrich?domain=stripe.com&include=jobs&jobs_seen_after=2026-04-30T00:00:00Z

Response · 200 OK

Example response for stripe.com. Field list may extend over time in additive fashion — existing field names and types are stable.

JSON
{
  "domain": "stripe.com",
  "company_name": "Stripe",
  "operating_status": "active",
  "ats_provider": "greenhouse",
  "company_size": "enterprise",
  "company_location": "us",
  "company_type": "saas_product",

  "hiring_actively": true,
  "total_jobs": 285,
  "fresh_jobs_30d": 241,
  "ghost_job_rate": 12,
  "confidence": "high",
  "job_quality": "excellent",
  "job_board_growing": true,
  "salary_transparent": true,

  "it_infrastructure_tier": "Enterprise",
  "it_infrastructure_budget": "Active",
  "engineering_product_tier": "Enterprise",
  "sales_marketing_tier": "Growth",
  "hr_hiring_tier": "Growth",
  "legal_compliance_tier": "Enterprise",
  "finance_revops_tier": "Growth",
  "telecom_remote_tier": "Growth",
  "corporate_dev_tier": "Growth",

  "cdn_enterprise": true,
  "waf_active": true,
  "security_posture_mature": true,
  "dmarc_enforcing": true,
  "email_security_gateway": true,
  "has_changelog": true,
  "shipping_actively": true,
  "has_status_page": true,
  "is_spending_on_ads": true,
  "ad_spend_heavy": true,
  "international_presence": true,
  "has_trust_center": true,
  "has_soc2": true,
  "has_compliance_program": true,
  "h1b_filer": true,
  "billing_model": "saas_payments",
  "has_enterprise_sso": true,
  "has_enterprise_uc": true,
  "possible_acquisition": false,
  "recent_funding": true,
  "sec_public_filer": false,
  "github_active": true,
  "saas_stack_premium": true,
  "credits_consumed": 1
}

List Companies

GET /api/v1/companies — filter + paginate across all tracked companies. Backs index and rollup views. Cursor-paginated; pass meta.next_cursor from the prior response to fetch the next page.

GET
/api/v1/companies?verdict=actively_hiring&min_jobs=20&order_by=last_activity_at&order_dir=desc&limit=50

Filters: sector, verdict, min_jobs, max_jobs, has_hiring. Order by total_jobs, ghost_index, or last_activity_at.

Search

GET /api/v1/search?q=… — full-text search across companies and job listings. Use type=companies, type=jobs, or type=both (default).

GET
/api/v1/search?q=platform%20engineer&type=jobs&limit=25

Trace (full audit)

GET /api/v1/companies/{domain}/trace — the complete trace payload in one call: cost centers, every signal with its confidence envelope, coverage summary, hiring rollup, and the aggregate confidence_summary (High/Medium/Low counts). A consumer can build their own trace UI from this single endpoint — no direct DB access required.

GET
/api/v1/companies/stripe.com/trace

Reads the most recent stored trace. To refresh, POST /api/trace and poll the returned job id.

Per-signal Confidence

Every signal we emit carries an evidence-strength envelope — the audit trail that makes each observation independently verifiable. Three tiers: High, Medium, Low. Rendering one of these next to a claim is what separates our output from black-box competitors. See docs/ARCHITECTURE-CONFIDENCE-LAYER.md.

JSON
{
  "id": "analytics-cdn-unobservable",
  "name": "Analytics stack not observable from the CDN edge",
  "sentiment": "neutral",
  "confidence": {
    "tier": "high",
    "reasons": [
      "direct_http_200",
      "multi_path_consistent",
      "fresh_<6h"
    ],
    "sourceUrls": [
      "https://www.example.com/",
      "https://app.example.com/",
      "https://docs.example.com/"
    ],
    "collectionMethod": "direct_http",
    "observedAt": "2026-04-23T14:22:10Z"
  }
}

Tiers are defensible; decimals aren't — we never expose a numeric 0-1 score externally. Reason codes are machine-readable and never encode sentiment. They describe how sure we are, not whether the finding is good or bad news.

8 Cost Centers

Every company is analyzed across 8 cost centers that map to corporate P&L line items. Each center is derived from publicly observable digital infrastructure — DNS, HTTP headers, HTML, and job data — and surfaced as a categorical tier (Enterprise / Growth / Startup / Inactive) plus the raw signals that drove it. Evidence confidence lives on the individual signals, not on the aggregate.

it_infrastructureIT & Infrastructure

CDN, WAF, email security, MX records, SaaS packages

engineering_productEngineering & Product

CSP headers, changelogs, subdomains, SSO, schema.org

sales_marketingSales & Marketing

Ad pixels, hreflang, tag manager, redirects

hr_hiringHR & Hiring

Job board activity, ATS provider, ghost job rate, posting velocity

legal_complianceLegal & Compliance

Trust center, H-1B filings, WARN Act, vendor wallet

finance_revopsFinance & RevOps

Billing/payment vendor detection from CSP + HTML

telecom_remoteTelecom & Remote Work

DNS SRV records for enterprise UC providers

corporate_devCorporate Development

M&A detection via MX/NS parent matching

Response fields

All 105 fields returned by the /enrich endpoint. Boolean fields are ideal for Clay filters and outreach personalization.

Identity
FieldTypeDescription
domainstringNormalized company domain (e.g. stripe.com).
company_namestringCompany display name resolved from DNS, career page, or enrichment.
operating_statusstringactive, slow, or inactive — derived from job posting recency and infrastructure signals.
ats_providerstringDetected ATS platform (greenhouse, lever, workday, icims, etc.). Null if no ATS found.
Company Profile
FieldTypeDescription
company_sizestringenterprise, mid, small, or micro — inferred from infrastructure footprint, job count, and vendor stack.
company_locationstringus, international, or unknown — based on hreflang tags, H-1B filings, and domain TLD.
company_typestringsaas_product, services, or unknown — inferred from billing infra, app store presence, and CSP vendors.
Hiring & Job Intelligence
FieldTypeDescription
hiring_activelybooleanTrue if 5+ jobs and activity within the last 30 days.
total_jobsintegerTotal number of active job listings currently tracked.
fresh_jobs_30dintegerJobs posted or updated in the last 30 days. High ratio to total_jobs = genuine hiring.
ghost_job_rateinteger0-100 ghost-job rate for hiring listings only. Lower = fewer ghost jobs. Based on posting age, repost patterns, and description staleness. Not a composite company score.
confidencestringhigh, moderate, or low — reflects data coverage depth (number of signals detected).
job_qualitystringexcellent, good, poor, or critical — based on description quality, salary transparency, and role specificity.
job_board_growingbooleanTrue if job listing count is increasing month-over-month. Signals headcount expansion.
job_board_shrinkingbooleanTrue if job listing count is declining. Early warning for hiring slowdown.
repost_rate_elevatedbooleanTrue if jobs are being reposted frequently — may indicate difficulty filling roles or ghost listings.
ghost_score_risingbooleanTrue if ghost job rate is trending upward. Temporal signal from snapshot comparisons.
descriptions_going_darkbooleanTrue if job descriptions are being removed or shortened — signals reduced hiring investment.
salary_transparentbooleanTrue if salary ranges are included in job postings. Indicates compensation transparency.
hr_legal_hiring_spikebooleanTrue if HR/legal role postings spike vs. other departments — early restructuring signal.
IT & Infrastructure
FieldTypeDescription
cdn_enterprisebooleanEnterprise CDN detected (Cloudflare Enterprise, Fastly, Akamai). Indicates significant IT spend.
cdn_detectedbooleanAny CDN detected including modern/commodity tiers (Cloudflare Free, Vercel, Netlify).
waf_activebooleanWeb Application Firewall actively protecting the site. Enterprise security investment.
waf_removedbooleanWAF was previously detected but is now gone — potential cost-cutting signal.
ttfb_fastbooleanTime to First Byte under 200ms. Indicates optimized infrastructure.
ttfb_slowbooleanTTFB over 800ms. May indicate under-invested infrastructure.
ttfb_degradingbooleanTTFB has worsened compared to previous checks. Infrastructure degradation signal.
hsts_activebooleanHTTP Strict Transport Security header present. Security best practice.
security_posture_maturebooleanMultiple security headers present (HSTS, CSP, X-Frame-Options). Mature security team.
Email Security
FieldTypeDescription
dmarc_enforcingbooleanDMARC policy set to reject or quarantine. Full email authentication enforced.
dmarc_quarantinebooleanDMARC in quarantine mode — partially enforced, not yet fully locked down.
email_provider_enterprisebooleanEnterprise email platform detected (Google Workspace, Microsoft 365 with gateway).
email_security_gatewaybooleanDedicated email security gateway (Proofpoint, Mimecast, Barracuda). Enterprise-grade.
has_mx_recordsbooleanMX records present. False may indicate parked domain or pre-launch company.
Engineering & Product
FieldTypeDescription
has_changelogbooleanChangelog or release notes page detected. Indicates active product development.
shipping_activelybooleanChangelog has recent entries — team is actively shipping product updates.
shipping_stalledbooleanChangelog exists but hasn't been updated recently. Development may have slowed.
subdomain_footprintstringrich, moderate, minimal, or bare — number of active subdomains indicates engineering complexity.
has_status_pagebooleanPublic status page detected (Statuspage, Instatus). Signals operational maturity.
has_sso_infrabooleanSSO infrastructure detected via .well-known or DNS. Enterprise identity management.
app_store_presencebooleanMobile app recently updated in App Store or Google Play.
app_abandonedbooleanMobile app exists but hasn't been updated in 12+ months.
npm_high_velocitybooleannpm packages published at high velocity — active open-source or SDK investment.
Sales & Marketing
FieldTypeDescription
is_spending_on_adsbooleanGoogle, Meta, or LinkedIn ad pixels detected. Active paid acquisition.
ad_spend_heavybooleanMultiple ad networks or heavy tracking infrastructure. Significant marketing budget.
has_tag_managerbooleanGoogle Tag Manager or equivalent detected. Organized marketing ops.
has_tracking_pixelsbooleanConversion tracking pixels active (Facebook Pixel, LinkedIn Insight, etc.).
first_party_trackingbooleanSelf-hosted analytics (Plausible, Matomo) instead of third-party. Privacy-conscious.
international_presencebooleanHreflang tags indicate multi-language or multi-region website. Global market presence.
hreflang_marketsstringglobal, eu, apac, moderate, or null — geographic expansion pattern from hreflang tags.
website_stablebooleanNo major redirect changes detected. Stable website structure.
redirect_cascade_highbooleanMajor URL restructuring detected. Could indicate rebrand, pivot, or site overhaul.
Legal & Compliance
FieldTypeDescription
has_trust_centerbooleanTrust center or security page detected. Signals enterprise sales readiness.
has_soc2booleanSOC 2 certification mentioned on trust center or security page.
has_hipaabooleanHIPAA compliance mentioned. Relevant for healthcare-adjacent companies.
has_compliance_programbooleanAny compliance framework detected (SOC 2, HIPAA, ISO 27001). Enterprise buyer signal.
legal_docs_recentbooleanTerms of service or privacy policy recently updated. Active legal team.
vendor_spend_verifiedbooleanThird-party vendor spend detected via CSP headers or HTML includes.
h1b_filerbooleanActive H-1B visa sponsor based on DOL LCA filings. Indicates US hiring activity.
h1b_decliningbooleanH-1B filing volume declining year-over-year. Possible US hiring contraction.
warn_noticesstringcritical (active WARN filing), historical (past filing), clear (filed but still hiring), or none.
Finance & RevOps
FieldTypeDescription
billing_modelstringenterprise_billing (Zuora/Adyen), saas_payments (Stripe/Paddle), checkout_detected, proprietary, or none_detected.
has_pricing_pagebooleanDynamic pricing page with checkout or payment JavaScript detected.
has_banking_apibooleanDirect banking API integration detected (Plaid, MX, Yodlee). FinTech signal.
SSO & Telecom
FieldTypeDescription
has_enterprise_ssobooleanOpenID Connect or SAML SSO configured (Okta, Azure AD, OneLogin). Enterprise identity.
has_enterprise_ucbooleanEnterprise unified communications detected via DNS SRV (Teams, Zoom Phone, RingCentral).
has_conferencingbooleanVanity conferencing URL detected (e.g. company.zoom.us). Remote-first indicator.
Corporate Development
FieldTypeDescription
possible_acquisitionbooleanMX/NS records point to a parent company, or M&A news detected via enrichment.
infrastructure_independentbooleanCompany runs its own DNS, email, and CDN — no parent company infrastructure detected.
defensive_domains_activebooleanDefensive domain registrations detected (typo-squatting protection). Brand investment.
Enrichment Intelligence
FieldTypeDescription
recent_fundingbooleanFunding round detected via SEC Form D, Crunchbase, or news sources.
sec_public_filerbooleanCompany files with the SEC — publicly traded or reporting entity.
github_activebooleanActive GitHub organization with recent commits. Open-source or developer-focused.
gov_contractorbooleanGovernment contract detected via USASpending or SAM.gov. Public sector revenue.
hiring_freeze_reportedbooleanHiring freeze mentioned in news or press releases. Enrichment-sourced signal.
shutdown_reportedbooleanCompany shutdown or wind-down reported in news sources.
restructuring_reportedbooleanRestructuring or layoffs reported in news, SEC filings, or WARN notices.
SaaS Maturity
FieldTypeDescription
saas_stack_premiumbooleanPremium SaaS tools detected (Salesforce, HubSpot Enterprise, Datadog). High vendor spend.
enterprise_sales_toolingbooleanSales tooling detected in CSP headers (Gong, Outreach, Salesloft). B2B sales motion.
apple_pay_merchantbooleanApple Pay merchant verified via .well-known/apple-developer-merchantid-domain-association.
mobile_deep_linkingbooleanApp deep linking configured (apple-app-site-association or assetlinks.json).
has_security_txtbooleanSecurity.txt file present. Indicates mature security disclosure process.
Cost Center Breakdown
FieldTypeDescription
{cost_center}_tierstringEnterprise, Growth, Startup, or Inactive — categorical bucket for each of the 8 cost centers (e.g. it_infrastructure_tier). Derived from signal sentiment across the center.
{cost_center}_budgetstringActive, Moderate, Low, or Frozen — categorical budget_status for each cost center.
Job Listings (include=jobs)
FieldTypeDescription
jobsarrayArray of job objects, each with title, location, and url. Page size controlled by jobs_limit (default 50, max 500). Only present when include=jobs.
jobs_returnedintegerCount of jobs in this page (0 to jobs_limit).
jobs_totalintegerTotal jobs in our DB for this company across all pages (post jobs_posted_after filter).
jobs_offsetintegerEcho of the jobs_offset query param used for this page.
jobs_limitintegerEcho of the jobs_limit query param used for this page (after clamping to [1, 500]).
jobs_has_morebooleanTrue if more pages remain after this one.
jobs_next_offsetintegerOffset to pass on the next call. null when there are no more pages.
jobs_confidencestringhigh (verified ATS API), medium (HTML scrape), or low (no data). Reflects how the jobs were sourced.
jobs_sourcestringats_api (direct ATS feed), html_scrape (career page parsed), db_cache (previously scraped), or none.
Request Metadata
FieldTypeDescription
credits_consumedintegerNumber of API credits consumed. 1 for standard calls, 2 when include=jobs with verified ATS.
Per-signal Confidence (signals_confidence[] + confidence_summary)
FieldTypeDescription
signals_confidencearrayArray of signals with embedded confidence envelopes. One entry per emitted signal — even ones that didn't flip a boolean field above.
confidence.tierstringhigh | medium | low. High = direct probe + multi-path + fresh. Medium = single-source or indirect. Low = aggregator-only, heuristic, WAF-blocked, or stale >72h.
confidence.reasonsarrayMachine-readable reason codes. Never encode sentiment — describe our certainty in the data, not whether the data is good/bad news. Examples: direct_http_200, multi_path_consistent, fresh_<6h, aggregator_only.
confidence.sourceUrlsarrayClickable URLs to re-verify the claim. Empty when n/a (e.g., DNS lookups).
confidence.collectionMethodstringdirect_http | dns | certificate | third_party_api | aggregator | manual | heuristic.
confidence.observedAtstringISO 8601 timestamp of when the observation was captured. Drives freshness reasons.
confidence_summary.highintegerCount of signals at High confidence.
confidence_summary.mediumintegerCount at Medium.
confidence_summary.lowintegerCount at Low.
confidence_summary.not_yet_classifiedintegerSignals written before the confidence layer shipped. Will become 0 after the next re-crawl of each domain.
confidence_summary.totalintegerTotal signals on this response.

Errors & Rate Limits

Rate limit: 60 requests per minute per IP address. All error responses follow the same shape:

JSON
{ "error": "Description of what went wrong" }
StatusCodeDescription
400missing_paramMissing or invalid domain parameter.
401unauthorizedInvalid or missing API key.
404not_foundDomain not in dataset (enrich endpoint auto-processes unknown domains).
422unprocessableDomain could not be processed (parked, unreachable).
429rate_limitedRate limit exceeded (60 requests/minute per IP).
500server_errorInternal error. Retry with exponential backoff.
Ready to integrate

Get your API key.

Open access enabled. Works with Clay, Make, Zapier, or any HTTP client.

Get API Key →Clay Setup Guide
On this pageIntroductionAuthenticationEnrich endpointList CompaniesSearchTrace (full audit)Cost CentersPer-signal ConfidenceResponse FieldsErrorsResourcesAPI Playground ↗DashboardClay integration