/api/v1/investor-documents/doclist/
Find exact CUSIP, EMMA issuer, and accepted reporting-entity documents for one CUSIP9.
API Center
Simple access to BondGov issuer and disclosure data.
Use public endpoints for issuer discovery. Investor document access uses self-service API keys, exact CUSIP9 lookup, signed document links, and MuniPro as the cache and download intermediary.
Authenticate In One Minute
Start here: sign in to create a lookup key. The raw key appears once, with copy buttons, starter kit snippets, a browser playground, activity history, and a downloadable zip.
Use one header everywhere: Authorization: Bearer bgv1_...
Start with the auth check endpoint. It requires no CUSIP and returns your client, key prefix, scopes, quota state, reset time, and request id.
Then call doclist with a 9-character CUSIP. Use only the status, prepare, download, and text URLs returned by doclist.
# Bash / Linux export BONDGOV_API_KEY="bgv1_your_key_here" curl -s "https://bondgov.com/api/v1/investor-documents/auth/" \ -H "Authorization: Bearer $BONDGOV_API_KEY"
# PowerShell $env:BONDGOV_API_KEY="bgv1_your_key_here" curl.exe -s "https://bondgov.com/api/v1/investor-documents/auth/" ` -H "Authorization: Bearer $env:BONDGOV_API_KEY"
# Python
import os, requests
base = "https://bondgov.com/api/v1/investor-documents"
headers = {"Authorization": f"Bearer {os.environ['BONDGOV_API_KEY']}"}
auth = requests.get(f"{base}/auth/", headers=headers, timeout=30)
auth.raise_for_status()
docs = requests.get(
f"{base}/doclist/",
params={"cusip": "123456AB7", "scope": "all"},
headers=headers,
timeout=30,
)
docs.raise_for_status()
document = docs.json()["documents"][0]
prepare = requests.post(
document["links"]["prepare"],
params={"include": "download,text", "background": "true"},
headers=headers,
timeout=30,
)
prepare.raise_for_status()
status = requests.get(document["links"]["status"], headers=headers, timeout=30)
status.raise_for_status()
# JavaScript
const base = "https://bondgov.com/api/v1/investor-documents";
const headers = { Authorization: `Bearer ${process.env.BONDGOV_API_KEY}` };
const auth = await fetch(`${base}/auth/`, { headers });
if (!auth.ok) throw new Error(await auth.text());
const docs = await fetch(`${base}/doclist/?cusip=123456AB7&scope=all`, { headers });
if (!docs.ok) throw new Error(await docs.text());
const document = (await docs.json()).documents[0];
const prepare = await fetch(`${document.links.prepare}?include=download,text&background=true`, {
method: "POST",
headers
});
if (!prepare.ok) throw new Error(await prepare.text());
const status = await fetch(document.links.status, { headers });
if (!status.ok) throw new Error(await status.text());
Investor Document API
/api/v1/investor-documents/{document_id}/prepare/
Warms a signed document into the cache and can queue extraction before the client downloads it.
/api/v1/investor-documents/{document_id}/status/
Returns cache, extraction, and client-safe storage readiness without fetching upstream bytes.
/api/v1/investor-documents/{document_id}/download/
Streams a PDF through the BondGov cache. Cache misses fetch upstream, persist, audit, and serve.
/api/v1/investor-documents/{document_id}/text/
Returns extracted text, sections, tables, and image metadata. Pending extraction returns HTTP 202.
curl -s "https://bondgov.com/api/v1/investor-documents/doclist/?cusip=123456AB7&scope=all&limit=100" \ -H "Authorization: Bearer $BONDGOV_API_KEY"
curl -X POST "https://bondgov.com/api/v1/investor-documents/{document_id}/prepare/?include=download,text&background=true" \
-H "Authorization: Bearer $BONDGOV_API_KEY"
curl -I "https://bondgov.com/api/v1/investor-documents/{document_id}/download/" \
-H "Authorization: Bearer $BONDGOV_API_KEY"
curl -L "https://bondgov.com/api/v1/investor-documents/{document_id}/download/" \
-H "Authorization: Bearer $BONDGOV_API_KEY" \
-o disclosure.pdf
curl -s "https://bondgov.com/api/v1/investor-documents/{document_id}/text/?include=sections,tables" \
-H "Authorization: Bearer $BONDGOV_API_KEY"
Document Lifecycle
| Step | Request | Client Behavior |
|---|---|---|
| 1 | GET /auth/ | Confirm the key, scopes, quota, and support request id. |
| 2 | GET /doclist/?cusip=<CUSIP9> | Read grouped and flattened document records. Save the returned signed document_id or links. |
| 3 | POST /{document_id}/prepare/?include=download,text&background=true | Queue cache warming and extraction when a document is not ready yet. Use Retry-After before polling. |
| 4 | GET /{document_id}/status/ | Check ready.download, ready.text, cache status, and extraction status without downloading the file. |
| 5 | HEAD /{document_id}/download/ | Check PDF metadata and cache readiness before a bulk download job. |
| 6 | GET /{document_id}/download/ or GET /{document_id}/text/ | Download the PDF or extracted content only through BondGov URLs returned by doclist. |
Doclist supports safe filters: scope, limit, cursor, category, source, date_from, date_to, cache_status, and text_status. CUSIP6 searches are intentionally rejected in v1; send a full CUSIP9.
Scopes And Limits
| Scope | Allows | Notes |
|---|---|---|
documents:read | Doclist lookup | Required for CUSIP discovery. |
documents:download | PDF downloads | Subject to request and byte quotas. |
documents:text | Extracted content | May return 202 while extraction is queued. |
documents:debug | Provenance fields | Optional operator/debug scope. Not needed for normal integrations. |
Every investor document response includes X-BondGov-Request-ID for support correlation. Quota headers are returned when limits apply. Request responses include X-BondGov-RateLimit-Limit, X-BondGov-RateLimit-Remaining, and X-BondGov-RateLimit-Reset. Download responses can also include X-BondGov-Download-Limit, X-BondGov-Download-Used, and X-BondGov-Download-Remaining. Pending and temporary-failure responses include retry_after_seconds, Retry-After, and docs_url.
My API Keys Workspace
Fast Path
Create a lookup-only key with one button, then add PDF or text permissions only when the workflow needs them.
Playground
Run auth and doclist checks from the browser using one of your active keys, without pasting the raw token again.
Activity
Review a GitHub-style request frequency grid, recent API calls, request ids, errors, downloaded bytes, and requested-document history.
Defaults
Safety defaults are chosen for the user. Raw keys still appear once and are never stored.
Quota And Team Requests
Save structured requests for larger daily limits or shared team administration from the same account page.
Safe Rotation
Create a replacement key first, update your integration, confirm traffic, then revoke the old key manually.
Errors
| Status | Meaning | Typical Fix |
|---|---|---|
202 | Accepted but not ready yet (cache warming or extraction in progress). | Read retry_after_seconds and Retry-After, then poll status or retry after the delay. |
400 | Invalid CUSIP, scope, limit, include value, cursor, or date filter. | Use a normalized 9-character CUSIP and documented filters. |
401 | Missing, invalid, expired, or revoked key. | Create or test a key in My API Keys, then send it as Authorization: Bearer <key>. |
403 | Key lacks the required scope. | Create a replacement key with the preset that includes PDF download or extracted text access. |
404 | CUSIP or signed document id was not found. | Refresh doclist and retry with a returned link. |
429 | Daily request or download quota exceeded. | Use the quota headers and JSON reset time, then retry or save a higher-limit request from My API Keys. |
500 | Unexpected server error. | Include X-BondGov-Request-ID when contacting support. |
502 | Upstream fetch or cache storage unavailable. | Retry later; persistent failures should be escalated with the request id. |
503 | Background preparation or extraction queue unavailable. | Retry with Retry-After or download normally if the PDF is already ready. |
Integration Best Practices
| Area | Guidance |
|---|---|
| Always log | Save the X-BondGov-Request-ID header from every response. Include it in support requests. Log quota headers (X-BondGov-RateLimit-Remaining, X-BondGov-Download-Remaining) to monitor usage before hitting limits. |
| Always store | Keep your bearer token only in a secret manager or environment variable. Never commit it to source control, logs, or shared documents. |
| Rotate safely | Use Create Replacement in My API Keys, update your environment variable, confirm traffic in recent requests, then revoke the old key manually. |
| Watch usage | My API Keys shows per-key usage, requested documents, request ids, errors, downloaded bytes, and a daily activity grid. Use it before escalating quota or authentication issues. |
| Never construct URLs | Use only the links and document_id values returned by doclist. Do not build download, text, status, or prepare URLs from scratch. Document ids are signed and server-issued. |
| Handle 202 and Retry-After | Cache warming and text extraction are asynchronous. When you receive HTTP 202, read retry_after_seconds and poll /status/ before retrying. Do not spin in a tight loop. |
| Paginate large result sets | Use limit, cursor, and doclist filters (category, source, date_from, date_to, cache_status, text_status) when syncing many documents. Follow the pagination.next_cursor field until pagination.has_more is false. |
| Use HEAD before bulk downloads | HEAD /{document_id}/download/ returns cache readiness and PDF metadata without streaming bytes. Use it to check before starting large download jobs. |
Public Issuer API
Issuer search, CUSIP6 lookup, feeds, and embeddable profile widgets remain public read-only endpoints. These do not use investor document API keys.