> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Scan Job Status

> Get the status of a scan job including progress information and per-tool scan results. Works for both source and hosted scans.

**Enterprise data-license feature:** requires MCP Hub API access enabled for your organization, otherwise returns `403`. Contact support@enkryptai.com.



## OpenAPI

````yaml GET /mcp-hub/scan/{job_id}/status
openapi: 3.0.0
info:
  title: Enkrypt AI APIs
  version: 2.0.0
servers:
  - url: https://api.enkryptai.com
security:
  - apiKeyAuth: []
tags:
  - name: Guardrails
  - name: Code of Conduct
  - name: Endpoints
  - name: Datasets
  - name: Redteam
  - name: Deployments
  - name: AI Proxy
  - name: Leaderboard
  - name: Archived
  - name: MCP Hub
    description: >-
      MCP Hub vulnerability scanning APIs. Submitting scans (the POST endpoints)
      is open to all authenticated callers. The scan **retrieval** APIs — Get
      Scan Job Status, Get Complete Scan Results, List Scans, and Get MCP Hub
      Scan Statistics (the GET endpoints) — are an **enterprise data-license
      feature**: they require your organization to have MCP Hub API access
      enabled by Enkrypt, otherwise they return `403`. Contact us at
      support@enkryptai.com to enable access.
  - name: MCP Registry Servers
  - name: MCP Gateways
  - name: MCP Playground
paths:
  /mcp-hub/scan/{job_id}/status:
    get:
      tags:
        - MCP Hub
      summary: Get Scan Job Status
      description: >-
        Get the status of a scan job including progress information and per-tool
        scan results. Works for both source and hosted scans.


        **Enterprise data-license feature:** requires MCP Hub API access enabled
        for your organization, otherwise returns `403`. Contact
        support@enkryptai.com.
      operationId: mcp_hub_get_scan_status
      parameters:
        - $ref: '#/components/parameters/MCPHubJobIdPath'
      responses:
        '200':
          description: Job status retrieved
          headers:
            x-enkrypt-is-private:
              description: Always present; "true" for private jobs, "false" for public.
              schema:
                type: string
                enum:
                  - 'true'
                  - 'false'
            x-enkrypt-job-status:
              description: >-
                Current job status (e.g., initializing, scanning_tools,
                completed, failed). Always present.
              schema:
                type: string
            x-enkrypt-scan-type:
              description: Scan type. Always present.
              schema:
                type: string
                enum:
                  - source
                  - hosted
            x-enkrypt-repo-name:
              description: Repository / server identifier. Present when known.
              schema:
                type: string
            x-enkrypt-endpoint-url:
              description: Hosted MCP server endpoint URL. Hosted scans only.
              schema:
                type: string
            x-enkrypt-auth-type:
              description: Authentication type used for the hosted scan. Hosted scans only.
              schema:
                type: string
                enum:
                  - none
                  - api_key
                  - bearer
                  - oauth2_client_credentials
                  - oauth2_authorization_code
                  - custom_headers
                  - mtls
            x-enkrypt-org-id:
              description: >-
                Organization ID of the scan row. Sent only when the job is
                private.
              schema:
                type: string
                format: uuid
            x-enkrypt-user-id:
              description: User ID of the scan row. Sent only when the job is private.
              schema:
                type: string
                format: uuid
            x-enkrypt-project-name:
              description: Project name. Sent only when the job is private.
              schema:
                type: string
            x-enkrypt-registry-name:
              description: Registry name. Sent only when the job is private.
              schema:
                type: string
            x-enkrypt-is-official:
              description: '''true'' or ''false''. Sent only when the job is private.'
              schema:
                type: string
                enum:
                  - 'true'
                  - 'false'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MCPHubJobStatusResponse'
        '403':
          $ref: '#/components/responses/MCPHubForbiddenPrivate'
        '422':
          $ref: '#/components/responses/MCPHubValidationError'
components:
  parameters:
    MCPHubJobIdPath:
      name: job_id
      in: path
      required: true
      description: Unique scan job UUID
      schema:
        type: string
        format: uuid
        example: 123e4567-e89b-12d3-a456-426614174000
  schemas:
    MCPHubJobStatusResponse:
      title: MCPHubJobStatusResponse
      type: object
      required:
        - job_id
        - source_url
        - user_email
        - version_or_commit
        - scan_version
        - job_status
        - created_at
        - started_at
        - completed_at
        - error_message
      description: >-
        Status of a scan job with progress information. Ownership/registry
        fields (`org_id`, `user_id`, `project_name`, `registry_name`) are only
        populated for private jobs; for public jobs they are returned as `null`.
        These fields mirror the `x-enkrypt-*` response headers.
      properties:
        job_id:
          type: string
        source_url:
          type: string
        user_email:
          type: string
        version_or_commit:
          type: string
          nullable: true
        scan_version:
          type: string
        job_status:
          type: string
        created_at:
          type: string
        started_at:
          type: string
          nullable: true
        completed_at:
          type: string
          nullable: true
        error_message:
          type: string
          nullable: true
        source_version:
          type: string
          nullable: true
        total_scan_time:
          type: string
          nullable: true
        total_tools_scanned:
          type: integer
          nullable: true
        tools_scanned_successfully:
          type: integer
          nullable: true
        tools_with_errors:
          type: integer
          nullable: true
        total_vulnerabilities:
          type: integer
          nullable: true
        overall_severity:
          type: string
          nullable: true
        overall_severity_score:
          type: number
          nullable: true
        is_official:
          type: boolean
          nullable: true
          description: >-
            Whether the scanned server is an official registry entry. Mirrors
            `x-enkrypt-is-official` header.
        is_private:
          type: boolean
          nullable: true
          description: >-
            Whether the scan is private (scoped to the calling account). Mirrors
            `x-enkrypt-is-private` header.
        scan_type:
          type: string
          nullable: true
          enum:
            - source
            - hosted
            - null
          description: Scan type. Mirrors `x-enkrypt-scan-type` header.
        repo_name:
          type: string
          nullable: true
          description: >-
            Repository / server identifier. Mirrors `x-enkrypt-repo-name`
            header.
        endpoint_url:
          type: string
          nullable: true
          description: >-
            Hosted MCP server endpoint URL (hosted scans only). Mirrors
            `x-enkrypt-endpoint-url` header.
        auth_type:
          type: string
          nullable: true
          description: >-
            Authentication type used for the hosted scan (hosted scans only).
            Mirrors `x-enkrypt-auth-type` header.
        org_id:
          type: string
          format: uuid
          nullable: true
          description: Organization ID. Only populated when the job is private.
        user_id:
          type: string
          format: uuid
          nullable: true
          description: User ID. Only populated when the job is private.
        project_name:
          type: string
          nullable: true
          description: Project name. Only populated when the job is private.
        registry_name:
          type: string
          nullable: true
          description: Registry name. Only populated when the job is private.
        scanned_tools:
          type: array
          nullable: true
          items:
            type: object
            additionalProperties: true
          description: Per-tool scan results (present once tool scanning has started)
      example:
        job_id: 123e4567-e89b-12d3-a456-426614174000
        source_url: https://github.com/user/mcp-server
        user_email: user@example.com
        version_or_commit: main
        scan_version: 1.0.0-20251006
        job_status: scanning_tools
        created_at: '2025-10-06T10:00:00'
        started_at: '2025-10-06T10:00:05'
        completed_at: null
        error_message: null
        is_official: false
        is_private: false
        scan_type: source
        repo_name: user/mcp-server
        endpoint_url: null
        auth_type: null
        org_id: null
        user_id: null
        project_name: null
        registry_name: null
        total_tools_scanned: 5
        tools_scanned_successfully: 3
        scanned_tools:
          - tool_name: tool1
            scan_status: success
          - tool_name: tool2
            scan_status: success
    MCPHubAuthErrorResponse:
      title: MCPHubAuthErrorResponse
      type: object
      description: Error envelope returned by the MCP Hub auth/permission failures.
      properties:
        detail:
          type: string
    MCPHubValidationError:
      title: MCPHubValidationError
      type: object
      description: FastAPI-style validation error response.
      properties:
        detail:
          type: array
          items:
            type: object
            required:
              - loc
              - msg
              - type
            properties:
              loc:
                type: array
                items:
                  oneOf:
                    - type: string
                    - type: integer
              msg:
                type: string
              type:
                type: string
  responses:
    MCPHubForbiddenPrivate:
      description: >-
        Forbidden — either your organization does not have MCP Hub API access
        (an enterprise data-license feature; contact support@enkryptai.com to
        enable it), or the requested job is private and the caller is not
        authorized to view it.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/MCPHubAuthErrorResponse'
    MCPHubValidationError:
      description: Validation error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/MCPHubValidationError'
  securitySchemes:
    apiKeyAuth:
      type: apiKey
      in: header
      name: apikey

````