v1: stable · self-serve keys on every plan

Insider Signal API

A read-only HTTP API for the same insider trading and US Congress (STOCK Act) data that powers insidersignal.ai. Designed for server-to-server integration. Bearer authenticated, with per-tier daily limits. Every account can create a key and try it free.

Try it free: every account gets 5 requests/day, no credit card. Plus 500/day · Pro 50,000/day · Max 500,000/day.

11
read-only endpoints
60/min
default rate limit
50k/day
on the Pro plan
v1
stable contract

Architecture

The API is designed for server-to-server integration. Your backend calls the API, caches the response, and serves your frontend. CORS is intentionally not enabled: keys never belong in browser code.

   ┌──────────────┐         ┌────────────────┐         ┌──────────────────┐
   │              │  HTTPS  │                │  HTTPS  │                  │
   │  Your        │ ──────▶ │ Your Backend   │ ──────▶ │  Insider Signal  │
   │  Frontend    │         │  + Cache       │         │  /api/v1/*       │
   │              │ ◀────── │  (Redis/DB)    │ ◀────── │                  │
   └──────────────┘         └────────────────┘         └──────────────────┘

Keys never leak

Server-side keys can't be inspected via DevTools or copied from your bundle.

Lower latency

Your users hit your own server; cached responses arrive in 10–50ms.

Outage resilience

Cached data keeps your site up during brief upstream blips.

Higher effective scale

A 60-second cache typically reduces upstream calls by 90%+.

Quickstart

Once you have a key, every request includes a Bearer token. Here's the smallest possible call:

bash
curl -H "Authorization: Bearer isk_live_xxxxxxxxxxxxxxxx" \
  "https://insidersignal.ai/api/v1/trades?ticker=AAPL&pageSize=5"

Recommended Node.js backend pattern with in-memory caching:

javascript
const API_BASE = "https://insidersignal.ai/api/v1";
const API_KEY  = process.env.INSIDER_SIGNAL_API_KEY;
const TTL_MS   = 60 * 1000;

const cache = new Map();

async function fetchWithCache(path) {
  const hit = cache.get(path);
  if (hit && hit.expiresAt > Date.now()) return hit.data;

  const res = await fetch(API_BASE + path, {
    headers: { Authorization: `Bearer ${API_KEY}` },
  });
  if (!res.ok) throw new Error("Upstream " + res.status);
  const data = await res.json();

  cache.set(path, { data, expiresAt: Date.now() + TTL_MS });
  return data;
}

For production, swap the in-memory Map for Redis so the cache survives restarts and is shared across instances.

Endpoints

All endpoints are read-only and return JSON. Base URL: https://insidersignal.ai/api/v1.

GET/api/v1/trades

List corporate insider trades. Pass include=outcomes to attach forward returns and alpha per trade.

Query params: ticker, valueRanges, priceRanges, sectors, industries, tradeTypes, insiderName, q, include, page, pageSize

GET/api/v1/trades/{id}

Single corporate insider trade detail.

GET/api/v1/politician-trades

List US Congress STOCK Act disclosures.

Query params: ticker, politician, politicianId, party, chamber, tradeType, minValue, maxValue, days, isCommitteeTrade, sort, order, page, pageSize

GET/api/v1/politician-trades/{id}

Single politician trade detail.

GET/api/v1/insider/{cik}

Corporate insider profile + aggregate trade statistics.

GET/api/v1/insider/{cik}/track-record

Insider hit rate: win rate, average return, and alpha vs SPY per holding period, from resolved forward-return outcomes.

GET/api/v1/clusters

Cluster-buy feed: trades where 2+ insiders at the same company bought within a 30-day window.

Query params: minSize, tradeType, ticker, page, pageSize

GET/api/v1/politicians/{bioguideId}

Congress member profile + stats + committees + position + top tickers + paginated trades.

GET/api/v1/politicians/{bioguideId}/performance

Per-politician performance: average return, alpha vs SPY, win rate, and P&L at 30/90/180-day horizons.

GET/api/v1/committees

Congressional committee directory with full member rosters (bioguide IDs, party, state, seniority).

Query params: chamber, q, page, pageSize

GET/api/v1/late-filings

STOCK Act discipline feed: trades disclosed past the 45-day deadline, slowest filers first.

Query params: minDelayDays, ticker, politicianId, party, chamber, page, pageSize

Authentication

Every request requires a Bearer token in the Authorization header:

http
Authorization: Bearer isk_live_<your-api-key>

Create and revoke keys from your account page. The full key is shown once, at creation. We store only a hash, so copy it immediately. Any account can create a key; your plan sets the daily request budget (see rate limits).

Hand-issued partner keys can additionally be IP-allowlisted. Requests from IPs outside the allowlist return 403 even with a valid key. Self-serve keys work from any IP.

Rate limits & quotas

Your plan sets a daily request budget, counted per account (across all your keys) on a UTC calendar day. Exceeding it returns 429 with the upgrade path in the body.

PlanRequests / dayRate limit
Free5 (try the API)60/min
Plus50060/min
Pro50,00060/min
Max500,000300/min

Every response (including 429s) carries limit headers so you can self-throttle:

X-RateLimit-Limit:           60
X-RateLimit-Remaining:       47
X-RateLimit-Reset:           1715000060
X-DailyLimit-Limit:          50000
X-DailyLimit-Remaining:      49873
X-MonthlyQuota-Limit:        100000
X-MonthlyQuota-Remaining:    99873
X-Request-Id:                req_xT9k2h...

Response shape

All v1 responses use a consistent envelope: { data, pagination?, requestId }. List endpoints include pagination; detail endpoints don't.

Example: GET /api/v1/trades?ticker=AAPL&pageSize=1

json
{
  "data": [
    {
      "id": 12345,
      "filing_date": "2026-04-22",
      "trade_date": "2026-04-20",
      "ticker": "AAPL",
      "company_name": "Apple Inc.",
      "insider_name": "Cook, Tim",
      "insider_cik": "0001214156",
      "title": "CEO",
      "trade_type": "P - Purchase",
      "shares": "5000",
      "price": 175.42,
      "value": 877100,
      "sector": "Technology",
      "industry": "Consumer Electronics",
      "signal_score": 78,
      "signal_tier": "Strong",
      "signal_direction": "bullish"
    }
  ],
  "pagination": {
    "page": 1,
    "pageSize": 1,
    "total": 142,
    "totalPages": 142
  },
  "requestId": "req_xT9k2h..."
}

Errors

Error response shape: { "error": "<message>", "requestId": "req_..." }.

StatusWhen
200Success.
400Malformed parameters (non-numeric id, invalid days, etc.).
401Missing/malformed Authorization header, invalid key format, unknown key, revoked, or expired.
403Request IP not in the key's allowlist (partner keys only; self-serve keys work from any IP).
404Resource not found (unknown id, CIK, or bioguideId).
429Daily tier limit, per-minute rate limit, or monthly quota exceeded. The body says which, and includes the upgrade path.
500Internal server error.

Retry guidance: 429 responses respect the rate-limit headers: wait until X-RateLimit-Reset. 5xx errors are safe to retry with exponential backoff (1s, 2s, 4s).

Versioning

All v1 API routes live under /api/v1/. The v1 contract is stable: we will not introduce breaking changes inside v1. New fields may be added to response objects (treat unknown fields as forward-compatible). Any breaking change ships as /api/v2/, with v1 supported in parallel for at least 12 months.

Ready to integrate?

Create a key from your account page and test the API free at 5 requests/day. Plus ($19/month) gets 500/day. Pro ($199/month) gets 50,000/day. Max ($500/month) gets 500,000/day plus commercial use. For custom volume, redistribution, or exclusive-territory licensing, email us.