@secapi/sdk-js is the JavaScript and TypeScript client for retrieving source-backed SEC filings, filing sections, financial statements, and ownership data.
npm install @secapi/sdk-js
export SECAPI_API_KEY="secapi_..."Create first-request.mjs:
import { SecApiClient } from "@secapi/sdk-js"
const client = new SecApiClient()
const filing = await client.agentLatestFiling({ ticker: "AAPL", form: "10-K" })
console.log({
accessionNumber: filing.accessionNumber,
filingDate: filing.filingDate,
filingUrl: filing.filingUrl,
requestId: filing.requestId,
})Run node first-request.mjs. It prints the current filing identity and request ID for Apple's latest matching 10-K. Those live values can change when a newer filing is available.
SecApiClient sends SECAPI_API_KEY as x-api-key to https://api.secapi.ai. It wraps public REST endpoints; use the hosted MCP server separately when your client supports MCP. Keep API keys in server-side configuration and do not use a machine key as an Authorization: Bearer token.
Node.js 18 or newer is required. streamFilings() needs a global WebSocket (Node.js 21+, Bun, Deno, or browsers); Node.js 18 callers need a polyfill or newer runtime. See the JavaScript SDK guide and API reference, check status, or open an SDK issue.
const company = await client.resolveEntity({ ticker: "AAPL", view: "agent" })
const filings = await client.searchFilings({
ticker: "AAPL",
forms: ["10-K", "10-Q"],
limit: 20,
})
const riskFactors = await client.agentSection({
ticker: "AAPL",
form: "10-K",
sectionKey: "item_1a",
})
const incomeStatements = await client.agentStatement("income_statement", {
ticker: "AAPL",
period: "annual",
limit: 3,
})Use latestFiling() for the default endpoint response and agentLatestFiling() for the endpoint-supported agent view. Preserve returned filing identifiers and request IDs with derived output.
Pass values directly when environment variables are not appropriate:
const client = new SecApiClient({
apiKey: process.env.SECAPI_API_KEY,
baseUrl: "https://api.secapi.ai",
})SECAPI_BASE_URL and SECAPI_API_BASE_URL can override the default origin. API failures throw SecApiError, including status, code, and requestId when supplied. Cursor-backed endpoints can be consumed as async iterators; see the SDK reliability guide for retry and streaming behavior.
MIT