> ## Documentation Index
> Fetch the complete documentation index at: https://docs.passlet.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Scan statistics

> Aggregated counts for a scope in one call: issued passes valid in the scope (`totalPasses`), how many are redeemed — have an unreversed accepted scan (`redeemed`) — and how many do not (`open`), plus scan totals, denied totals and the latest scan time. Scope with `projectId`/`templateId`, one `scanContextKey`, a context-key range (`scanContextFrom`/`scanContextUntil`), or a capture-time window (`scannedSince`/`scannedUntil`). Pass `groupBy=project` for a per-project breakdown in `groups[]`. This endpoint replaces polling the list endpoints with `limit=1` count queries.

Requires the `scans:read` scope on the access token.



## OpenAPI

````yaml /api-reference/openapi.json get /v1/scans/stats
openapi: 3.1.0
info:
  title: Passlet API (Public)
  version: 0.1.0
  description: >-
    Public integration API for Passlet — every route callable with a `plt_*`
    access token. Each operation lists the required access-token scope.
  license:
    name: UNLICENSED
    identifier: UNLICENSED
servers:
  - url: https://api.passlet.io
    description: Production
security: []
paths:
  /v1/scans/stats:
    get:
      tags:
        - scans
      summary: Scan statistics
      description: >-
        Aggregated counts for a scope in one call: issued passes valid in the
        scope (`totalPasses`), how many are redeemed — have an unreversed
        accepted scan (`redeemed`) — and how many do not (`open`), plus scan
        totals, denied totals and the latest scan time. Scope with
        `projectId`/`templateId`, one `scanContextKey`, a context-key range
        (`scanContextFrom`/`scanContextUntil`), or a capture-time window
        (`scannedSince`/`scannedUntil`). Pass `groupBy=project` for a
        per-project breakdown in `groups[]`. This endpoint replaces polling the
        list endpoints with `limit=1` count queries.


        Requires the `scans:read` scope on the access token.
      operationId: getV1ScansStats
      parameters:
        - name: projectId
          in: query
          required: false
          schema:
            type: string
            format: uuid
            pattern: >-
              ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
          description: Scope all counts to one project.
        - name: templateId
          in: query
          required: false
          schema:
            type: string
            format: uuid
            pattern: >-
              ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
          description: Scope all counts to one template.
        - name: scanContextKey
          in: query
          required: false
          schema:
            type: string
            maxLength: 128
        - name: scanContextFrom
          in: query
          required: false
          schema:
            type: string
            pattern: ^\d{4}-\d{2}-\d{2}$
        - name: scanContextUntil
          in: query
          required: false
          schema:
            type: string
            pattern: ^\d{4}-\d{2}-\d{2}$
        - name: scannedSince
          in: query
          required: false
          schema:
            type: string
            format: date-time
            pattern: >-
              ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
          description: ISO 8601 timestamp
        - name: scannedUntil
          in: query
          required: false
          schema:
            type: string
            format: date-time
            pattern: >-
              ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
          description: ISO 8601 timestamp
        - name: groupBy
          in: query
          required: false
          schema:
            type: string
            enum:
              - project
          description: Add a per-project breakdown (`groups[]`) alongside the totals.
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanStatsResponse'
        '400':
          description: Bad request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '404':
          description: Not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '409':
          description: Conflict
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '429':
          description: Rate limited
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '500':
          description: Internal server error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '503':
          description: Service unavailable
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
      security:
        - bearerAuth: []
components:
  schemas:
    ScanStatsResponse:
      $schema: https://json-schema.org/draft/2020-12/schema
      type: object
      properties:
        projectId:
          anyOf:
            - type: string
              format: uuid
              pattern: >-
                ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
            - type: 'null'
        templateId:
          anyOf:
            - type: string
              format: uuid
              pattern: >-
                ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
              description: Template identifier
            - type: 'null'
        totalPasses:
          type: integer
          minimum: 0
          maximum: 9007199254740991
        redeemed:
          type: integer
          minimum: 0
          maximum: 9007199254740991
        open:
          type: integer
          minimum: 0
          maximum: 9007199254740991
        totalScans:
          type: integer
          minimum: 0
          maximum: 9007199254740991
        totalDenied:
          type: integer
          minimum: 0
          maximum: 9007199254740991
        scanContextKey:
          anyOf:
            - type: string
            - type: 'null'
        lastScanAt:
          anyOf:
            - type: string
              format: date-time
              pattern: >-
                ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
              description: ISO 8601 timestamp
            - type: 'null'
        groups:
          type: array
          items:
            type: object
            properties:
              projectId:
                type: string
                format: uuid
                pattern: >-
                  ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
              totalPasses:
                type: integer
                minimum: 0
                maximum: 9007199254740991
              redeemed:
                type: integer
                minimum: 0
                maximum: 9007199254740991
              open:
                type: integer
                minimum: 0
                maximum: 9007199254740991
              totalScans:
                type: integer
                minimum: 0
                maximum: 9007199254740991
              totalDenied:
                type: integer
                minimum: 0
                maximum: 9007199254740991
              lastScanAt:
                anyOf:
                  - type: string
                    format: date-time
                    pattern: >-
                      ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
                    description: ISO 8601 timestamp
                  - type: 'null'
            required:
              - projectId
              - totalPasses
              - redeemed
              - open
              - totalScans
              - totalDenied
              - lastScanAt
            additionalProperties: false
      required:
        - projectId
        - templateId
        - totalPasses
        - redeemed
        - open
        - totalScans
        - totalDenied
        - scanContextKey
        - lastScanAt
      additionalProperties: false
    ApiError:
      $schema: https://json-schema.org/draft/2020-12/schema
      type: object
      properties:
        errorCode:
          type: string
          enum:
            - UNAUTHORIZED
            - FORBIDDEN
            - TOKEN_EXPIRED
            - TOKEN_INVALID
            - CSRF_TOKEN_INVALID
            - TENANT_EXPIRED
            - TENANT_NOT_FOUND
            - ORGANIZATION_REQUIRED
            - TENANT_SUSPENDED
            - VALIDATION_ERROR
            - INVALID_INPUT
            - MISSING_REQUIRED_FIELD
            - INVALID_FORMAT
            - NOT_FOUND
            - PASS_NOT_FOUND
            - TEMPLATE_NOT_FOUND
            - WEBHOOK_NOT_FOUND
            - NOTIFICATION_NOT_FOUND
            - CONFLICT
            - VERSION_CONFLICT
            - DUPLICATE_PASS
            - IDEMPOTENCY_CONFLICT
            - TEMPLATE_VERSION_NOT_NEWER
            - SCAN_REVERSAL_WINDOW_EXPIRED
            - WEBHOOK_MANAGED_EXTERNALLY
            - PASS_ALREADY_ISSUED
            - PASS_ALREADY_VOIDED
            - PASS_NOT_ISSUED
            - PASS_ISSUING_FAILED
            - APPLE_SIGNING_FAILED
            - APPLE_APNS_FAILED
            - GOOGLE_API_FAILED
            - GOOGLE_JWT_FAILED
            - PROVIDER_UNAVAILABLE
            - LINK_EXPIRED
            - LINK_REVOKED
            - LINK_INVALID
            - TOKEN_SIGNATURE_INVALID
            - TOKEN_CLOCK_SKEW
            - RATE_LIMITED
            - TOO_MANY_REQUESTS
            - INTERNAL_ERROR
            - SERVICE_UNAVAILABLE
            - JOB_FAILED
          description: Machine-readable error code
        message:
          type: string
          description: Human-readable error message
        correlationId:
          type: string
          description: Request correlation ID for debugging
        details:
          description: Additional error details
          type: object
          propertyNames:
            type: string
          additionalProperties: {}
      required:
        - errorCode
        - message
        - correlationId
      additionalProperties: false
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: plt_<secret>
      description: >-
        Passlet access token (`plt_*`) sent as `Authorization: Bearer <token>`
        or `X-API-Key`. Authorized scopes are listed per operation under
        `x-required-scopes`.

````