Skip to main content
New

Local Law Tracker is live $59.99/yr add-on

Home / API

Developer API · v2 · 99.95% SLA

The NYC compliance API
that actually covers NYC.

REST endpoints for violations, permits, OATH fines, 311 complaints, and local-law deadlines across 10 agencies. Real-time webhooks. SOC 2-ready infrastructure. No NYC-specific scraping on your side.

Request API access Read the docs

10 agencies

Unified API

SOC 2

Type I audited

Webhooks

Push · not poll

api.violationwatch.nyc
$ curl https://api.violationwatch.nyc/v2/buildings/1086422 \
-H "Authorization: Bearer vw_live_..."
— response · 200 ok
{
  "bin": "1086422",
  "bbl": "1-00754-0022",
  "address": "125 W 22nd St",
  "violations": [
    { "agency": "DOB", "severity": "critical", "id": "35123789K" },
    { "agency": "HPD", "severity": "class_b", "id": "1559321" },
    { "agency": "ECB", "severity": "dismissed", "id": "38881200N" }
  ],
  "last_signal_at": "2026-04-22T14:03:11Z"
}

Monitoring 10 NYC agencies · in real time

DOB HPD ECB OATH FDNY 311 DEP DOH PRM DOT DOB HPD ECB OATH FDNY 311 DEP DOH PRM DOT

— What you can do

Every signal our engine catches — as an endpoint.

Real-time violation stream

Polling endpoints and a streaming /v2/events feed. Receive DOB, HPD, ECB, OATH, FDNY, and 311 signals as our detection engine surfaces them.

Historical record lookup

Full violation and complaint history by BIN, BBL, or address. Paginated, cursor-based, with normalized agency taxonomies.

Compliance deadline calendar

Machine-readable LL11, LL97, LL152, LL87, LL88 deadlines keyed to your building portfolio. ICS export for your own calendars.

Webhook event subscriptions

Subscribe to violation.created, hearing.scheduled, permit.expired, complaint.routed, and 30+ other events. Signed, retried, idempotent.

Bulk portfolio monitoring

Upload 10,000 addresses at once. We resolve BIN/BBL, deduplicate, and start monitoring. Bulk CSV download of current state per-portfolio.

Embed-ready widgets

Drop our compliance widget into any property management tool, listing site, or underwriting portal. Vanilla JS, zero dependencies.

— Example endpoints

RESTful, predictable, boring — on purpose.

GET /v2/buildings/{bin}

Pull the full compliance record for a single building by BIN. Includes violations, complaints, permits, and active deadlines.

GET /v2/violations?bbl=1-00123-0045

Query violations across any filter — BBL, agency, severity, date range, cure status. Cursor-paginated.

POST /v2/webhooks

Register a webhook endpoint with event filters. Signed payloads, exponential backoff retry, idempotency keys.

GET /v2/oath/hearings?docket_prefix=35

Query OATH hearings by docket prefix, hearing date, or respondent. Returns outcomes, fines, and appeals.

Full reference on request

— Client libraries

Four first-party SDKs. Zero wrappers.

Maintained in-house. Typed, tested, published under the violationwatch org on every major package registry.

PHP

composer require violationwatch/violationwatch-php 
$vw = new ViolationWatch($apiKey);
$building = $vw->buildings->get('1086422');

Node.js

npm install @violationwatch/sdk 
import { ViolationWatch } from '@violationwatch/sdk';
const vw = new ViolationWatch(apiKey);

Python

pip install violationwatch 
from violationwatch import Client
vw = Client(api_key=api_key)

Ruby

gem install violationwatch 
require "violationwatch"
vw = ViolationWatch::Client.new(api_key)

— Webhooks

Push instead of poll.

Subscribe a URL to a filtered event stream. Our infrastructure signs every payload, retries failed deliveries with exponential backoff for 72 hours, and dedupes with idempotency keys.

  • violation.created

    New DOB, HPD, ECB, OATH, or FDNY violation on a watched building.

  • hearing.scheduled

    New OATH hearing date published on an active docket.

  • permit.expired

    Active permit has lapsed — stop-work risk for active sites.

  • complaint.routed

    311 complaint routed to HPD or DOB for inspection — early warning.

POST /your-webhook-url 200 OK
— example payload
{
  "event": "violation.created",
  "id": "evt_7c4e19a2",
  "created_at": "2026-04-22T14:03:11Z",
  "data": {
    "bin": "1086422",
    "agency": "HPD",
    "class": "C",
    "condition": "No hot water",
    "issued_at": "2026-04-22T13:51:00Z",
    "cure_deadline": "2026-04-23T13:51:00Z"
  },
  "signature": "t=1713797991,v1=f8e2…"
}

— Rate limits & SLA

Three tiers. Transparent ceilings.

Tier

Development

RPM

60

SLA

99.9%

Support

Community · Discord

Tier

Production

RPM

600

SLA

99.95%

Support

Email · 24h response

Tier

Enterprise

RPM

Custom

SLA

99.99%

Support

Dedicated Slack · 1h response

— Pricing

Development free. Production from $399/mo. Enterprise custom.

Talk to the API team See full pricing

SOC 2 Type I

Annual audit · Type II in progress

AWS us-east-1

Multi-AZ · VPC-isolated

End-to-end TLS

TLS 1.3 minimum · HSTS

PII encrypted at rest

AES-256 · KMS-managed keys

— Build with us

Talk to the API team.

Tell us what you're building. We'll issue credentials, loop you into our developer Slack, and help you prototype against production data inside a week.

Request API access Contact sales