Getting Started¶
Get SPOT running and analyze your first email.
Install the platform¶
The supported install path is the operator deployment guide, which uses the deploy repository (Traefik + Let's Encrypt + pre-built images):
Deployment guide ; the single source of truth for prerequisites, DNS, environment variables, admin bootstrap, and plugin installation.
Don't clone the core repository to install SPOT
The core repo is for platform contributors only. Production and staging deployments must use the deploy repo as documented above. See the Developer guide if you intend to work on the platform itself.
Once the stack is up and you have created an admin user, the rest of this page walks you through your first email analysis via the HTTP API.
Your first analysis¶
Get an authentication token¶
TOKEN=$(curl -s -X POST https://api.${DOMAIN}/auth/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=admin&password=${SPOT_ADMIN_PASSWORD}" \
| jq -r '.access_token')
Submit an email¶
curl -X POST https://api.${DOMAIN}/api/v1/analyze \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": {
"headers": {
"message_id": "<test@example.com>",
"subject": "URGENT: Verify Your Account",
"sender": "security@paypaI.com",
"recipients": ["user@company.com"],
"date": "2026-01-15T10:00:00Z"
},
"body_text": "Click here to verify: http://suspicious-site.com"
},
"workflow_id": "default-workflow"
}'
Response:
{
"job_id": "550e8400-e29b-41d4-a716-446655440000",
"status": "queued",
"message": "Email analysis job queued successfully"
}
Check the verdict¶
curl -H "Authorization: Bearer $TOKEN" \
https://api.${DOMAIN}/api/v1/analyze/550e8400-e29b-41d4-a716-446655440000
Next steps¶
- First analysis tutorial ; understanding the results in detail.
- API reference ; HTTP endpoint reference.
- Operator guide ; the dashboard playbook.
- Configuration reference ; every configuration option.