Register for a SAM.gov system account and request an API key with entity information scope at sam.gov; entity registration takes about 10 business days and raises your rate limit to 1,000 requests per day.
Send a GET request to https://api.sam.gov/entity-information/v4/exclusions with your api_key query parameter and filter parameters such as ueiSAM or legalBusinessName to identify the vendor.
Parse the JSON response; a non-empty entityData array indicates an active exclusion — inspect the exclusionType, excludingAgencyName, and activeDate fields for details.
For bulk screening, use the format=CSV or format=JSON parameter with a download token to request an extraction file; poll the extraction status endpoint until the file is ready, then download and compare against your vendor list.
Log each check with a timestamp and the raw API response so you can demonstrate due diligence in procurement audits.
Schedule automated daily re-checks for any vendor with an active contract, since exclusion status can change between award and performance.
Known gotchas
The v4 exclusions endpoint is the current production endpoint — earlier versions are deprecated; using a v1 or v2 URL will return a 404.
Passing sensitive identifiers such as SSNs as query parameters is a known security concern with GET-only endpoints; use HTTPS and do not log full URLs that contain these values.
Public API keys (no registration) are rate-limited to 10 requests per day — insufficient for vendor screening at scale; register and request a higher-tier key before going to production.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp