This document provides a comprehensive list of all API endpoints available in the Cloud Access Visualizer application, including HTTP methods, descriptions, sample curl queries, and expected responses.
Base URL: http://localhost:8001
API Prefix: All endpoints use /api prefix unless specified otherwise
- Health & System
- Authentication & User Management
- Cloud Provider Integrations
- Risk Analysis
- Compliance Frameworks
- Attack Surface Analysis
- DNS Security
- Group Management
- Analytics & Dashboard
- Data Export & Import
- Notifications
- Debug & Development
Description: Check API health status and CORS configuration.
Sample curl:
curl -X GET "http://localhost:8001/api/health"Expected Response:
{
"status": "healthy",
"message": "Cloud Access Visualizer API is running",
"cors": "enabled",
"timestamp": "2024-06-01T15:00:00Z"
}Description: Swagger UI documentation interface.
Sample curl:
curl -X GET "http://localhost:8001/docs"Description: Register a new user account.
Sample curl:
curl -X POST "http://localhost:8001/api/auth/signup" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "SecurePass123!",
"full_name": "John Doe"
}'Expected Response:
{
"message": "User created successfully",
"user_id": "user_123",
"email": "user@example.com"
}Description: Authenticate user and receive JWT token.
Sample curl:
curl -X POST "http://localhost:8001/api/auth/login" \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "SecurePass123!"
}'Expected Response:
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"token_type": "bearer",
"expires_in": 86400,
"user": {
"id": "user123",
"email": "user@example.com",
"role": "user"
}
}Description: Get current authenticated user information.
Sample curl:
curl -X GET "http://localhost:8001/api/auth/me" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Logout and invalidate current session.
Sample curl:
curl -X POST "http://localhost:8001/api/auth/logout" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get all active user sessions.
Sample curl:
curl -X GET "http://localhost:8001/api/auth/sessions" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Terminate a specific session.
Sample curl:
curl -X DELETE "http://localhost:8001/api/auth/sessions/session_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Terminate all user sessions.
Sample curl:
curl -X DELETE "http://localhost:8001/api/auth/sessions" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get user security events and audit logs.
Sample curl:
curl -X GET "http://localhost:8001/api/auth/security-events" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get security statistics for the current user.
Sample curl:
curl -X GET "http://localhost:8001/api/auth/security-stats" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Log a security event.
Sample curl:
curl -X POST "http://localhost:8001/api/auth/security-events" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"event_type": "login_attempt",
"severity": "medium",
"description": "Failed login attempt from unusual location"
}'Description: Update user profile information.
Sample curl:
curl -X PUT "http://localhost:8001/api/auth/update-profile" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"full_name": "John Smith",
"department": "Security"
}'Description: Create a new user (Admin only).
Sample curl:
curl -X POST "http://localhost:8001/api/users" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "newuser@company.com",
"password": "SecurePass123!",
"full_name": "New User",
"role": "user"
}'Description: Get all users with pagination.
Sample curl:
curl -X GET "http://localhost:8001/api/users/all?skip=0&limit=50" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Update user information.
Sample curl:
curl -X PUT "http://localhost:8001/api/users/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"full_name": "Updated Name",
"department": "Engineering"
}'Description: Delete a user account.
Sample curl:
curl -X DELETE "http://localhost:8001/api/users/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Create a new cloud provider integration.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/create" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"provider": "aws",
"name": "Production AWS",
"credentials": {
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}
}'Description: List all configured integrations.
Sample curl:
curl -X GET "http://localhost:8001/api/integrations/list" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Delete an integration.
Sample curl:
curl -X DELETE "http://localhost:8001/api/integrations/integration_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Discover AWS accounts and resources.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/discover/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}'Description: Discover GCP projects and resources.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/discover/gcp" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"service_account_key": "base64_encoded_key",
"project_id": "my-gcp-project"
}'Description: Discover Azure resources and subscriptions.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/discover/azure" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"client_id": "azure_client_id",
"client_secret": "azure_client_secret",
"tenant_id": "azure_tenant_id",
"subscription_id": "azure_subscription_id"
}'Description: Get required permissions for a provider integration.
Sample curl:
curl -X GET "http://localhost:8001/api/integrations/permissions/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Test AWS integration connectivity.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/aws/test-connection" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}'Description: Test Azure integration connectivity.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/azure/test-connection" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"client_id": "azure_client_id",
"client_secret": "azure_client_secret",
"tenant_id": "azure_tenant_id"
}'Description: Test GitHub integration connectivity.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/github/test-connection" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"personal_access_token": "github_pat_token"
}'Description: Test GCP integration connectivity.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/gcp/test-connection" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"service_account_key": "base64_encoded_key",
"project_id": "my-gcp-project"
}'Description: Test Okta integration connectivity.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/okta/test-connection" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"domain": "dev-123456.okta.com",
"api_token": "okta_api_token"
}'Description: Trigger AWS data synchronization.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/aws/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}'Description: Trigger GitHub data synchronization.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/github/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"personal_access_token": "github_pat_token"
}'Description: Trigger GCP data synchronization.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/gcp/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"service_account_key": "base64_encoded_key",
"project_id": "my-gcp-project"
}'Description: Trigger Azure data synchronization.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/azure/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"client_id": "azure_client_id",
"client_secret": "azure_client_secret",
"tenant_id": "azure_tenant_id",
"subscription_id": "azure_subscription_id"
}'Description: Trigger Okta data synchronization.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/okta/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"domain": "dev-123456.okta.com",
"api_token": "okta_api_token"
}'Description: Get synchronization status for all providers.
Sample curl:
curl -X GET "http://localhost:8001/api/integrations/sync-status" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Process and analyze synced data.
Sample curl:
curl -X POST "http://localhost:8001/api/integrations/process-synced-data" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get detailed risk analysis for a specific user.
Sample curl:
curl -X GET "http://localhost:8001/api/risk-analysis/john.doe@company.com" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
{
"user_email": "john.doe@company.com",
"overall_risk_score": 75.5,
"risk_category": "High",
"risk_factors": [
"Administrative privileges across multiple cloud providers",
"Access to sensitive production resources",
"Potential privilege escalation paths identified"
],
"recommendations": [
"Implement just-in-time access controls",
"Regular access reviews",
"Enable MFA for all privileged accounts"
],
"detailed_analysis": {
"aws": {"risk_score": 80, "privilege_level": "admin"},
"github": {"risk_score": 70, "privilege_level": "maintainer"}
}
}Description: Test AWS risk analysis algorithm with sample data.
Sample curl:
curl -X POST "http://localhost:8001/api/aws-risk-analysis/test-detailed-algorithm" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "test-user",
"aws_credentials": {
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}
}'Description: Test GitHub risk analysis algorithm.
Sample curl:
curl -X POST "http://localhost:8001/api/github-risk-analysis/test-algorithm" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "test-user",
"organization": "test-org",
"github_token": "github_pat_token"
}'Description: Test Azure risk analysis algorithm.
Sample curl:
curl -X POST "http://localhost:8001/api/azure-risk-analysis/test-algorithm" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"user_principal_name": "user@company.com",
"azure_credentials": {
"client_id": "azure_client_id",
"client_secret": "azure_client_secret",
"tenant_id": "azure_tenant_id"
}
}'Description: Get users with highest risk scores.
Sample curl:
curl -X GET "http://localhost:8001/api/users/risky?limit=10&min_risk_score=50" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Trigger recalculation of risk scores for all users.
Sample curl:
curl -X POST "http://localhost:8001/api/users/recalculate-risk-scores" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get aggregated risk analysis across all providers for a user.
Sample curl:
curl -X GET "http://localhost:8001/api/users/john.doe@company.com/aggregated-risk" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get GitHub risk analysis configuration.
Sample curl:
curl -X GET "http://localhost:8001/api/github-risk-analysis/configuration" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Update GitHub repository criticality tiers.
Sample curl:
curl -X POST "http://localhost:8001/api/github-risk-analysis/configuration/repository-criticality" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"tier_updates": {
"Tier0_Critical": ["production-api", "core-services"],
"Tier1_High": ["user-service", "payment-service"]
}
}'Description: Update GitHub permission risk weights.
Sample curl:
curl -X POST "http://localhost:8001/api/github-risk-analysis/configuration/permission-weights" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"permission_weights": {
"admin": 100,
"maintain": 80,
"write": 60,
"read": 10
}
}'Description: Update GitHub scoring algorithm weights.
Sample curl:
curl -X POST "http://localhost:8001/api/github-risk-analysis/configuration/scoring-weights" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"component_weights": {
"repository_access": 0.6,
"organization_role": 0.3,
"security_hygiene": 0.1
}
}'Description: Get detailed GitHub risk analysis for a specific user.
Sample curl:
curl -X GET "http://localhost:8001/api/github-risk-analysis/users/johndoe/detailed" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get summary of GitHub users risk analysis.
Sample curl:
curl -X GET "http://localhost:8001/api/github-risk-analysis/users/summary" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Trigger bulk risk analysis for multiple GitHub users.
Sample curl:
curl -X POST "http://localhost:8001/api/github-risk-analysis/users/bulk-analyze" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"user_logins": ["user1", "user2", "user3"],
"organization": "my-org"
}'Description: Test GitHub token validity.
Sample curl:
curl -X GET "http://localhost:8001/api/github/test-token" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get authenticated GitHub user information.
Sample curl:
curl -X GET "http://localhost:8001/api/github/user" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get GitHub organizations for authenticated user.
Sample curl:
curl -X GET "http://localhost:8001/api/github/organizations" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get GitHub repositories for authenticated user.
Sample curl:
curl -X GET "http://localhost:8001/api/github/repositories?per_page=50" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get members of a specific GitHub organization.
Sample curl:
curl -X GET "http://localhost:8001/api/github/organizations/my-org/members" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get all synchronized users from cloud providers.
Sample curl:
curl -X GET "http://localhost:8001/api/synced-users?provider=aws&skip=0&limit=100" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get users with filtering and pagination.
Sample curl:
curl -X GET "http://localhost:8001/api/users?provider=aws&risk_level=high&skip=0&limit=50" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
{
"users": [
{
"user_email": "john.doe@company.com",
"user_name": "John Doe",
"department": "Engineering",
"overall_risk_score": 75.5,
"provider": "aws",
"access_type": "admin",
"last_updated": "2024-06-01T10:00:00Z"
}
],
"total": 1250,
"skip": 0,
"limit": 50,
"has_more": true
}Description: Get paginated users with enhanced filtering.
Sample curl:
curl -X GET "http://localhost:8001/api/users/paginated?page=1&page_size=25&search=john" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Search for a specific user by email.
Sample curl:
curl -X GET "http://localhost:8001/api/search/john.doe@company.com" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get all cloud resources accessible by a specific user.
Sample curl:
curl -X GET "http://localhost:8001/api/users/john.doe@company.com/resources" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
[
{
"id": "resource_123",
"provider": "aws",
"service": "S3",
"resource_name": "production-data-bucket",
"access_type": "read-write",
"risk_level": "high",
"last_accessed": "2024-06-01T08:30:00Z"
}
]Description: Remove all access for a specific user (emergency access revocation).
Sample curl:
curl -X DELETE "http://localhost:8001/api/users/access/john.doe@company.com" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Search for resources by name.
Sample curl:
curl -X GET "http://localhost:8001/api/search/resource/production-database" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get comprehensive analytics overview.
Sample curl:
curl -X GET "http://localhost:8001/api/analytics/overview" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
{
"summary": {
"total_users": 1250,
"total_resources": 15600,
"high_risk_users": 45,
"cross_provider_admins": 12
},
"risk_distribution": {
"low": 850,
"medium": 300,
"high": 80,
"critical": 20
},
"provider_stats": {
"aws": {"total_users": 800, "admin_users": 25},
"github": {"total_users": 450, "admin_users": 8}
}
}Description: Get detailed analytics with time-based insights.
Sample curl:
curl -X GET "http://localhost:8001/api/analytics?time_range=30d" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get provider-specific dashboard analytics.
Sample curl:
curl -X GET "http://localhost:8001/api/analytics/dashboard/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get comprehensive analytics for a specific provider.
Sample curl:
curl -X GET "http://localhost:8001/api/analytics/provider/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get unified dashboard data across all providers.
Sample curl:
curl -X GET "http://localhost:8001/api/dashboard/unified" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Export user and resource data in various formats.
Sample curl:
curl -X GET "http://localhost:8001/api/export/csv?provider=aws&risk_level=high" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
--output export.csvAvailable formats: csv, xlsx, json
Description: Generate comprehensive security reports.
Sample curl:
curl -X POST "http://localhost:8001/api/reports/generate?format=pdf&company_name=Acme%20Corp" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
--output security_report.pdfAvailable formats: pdf, html, pptx
Description: Get preview data for report generation.
Sample curl:
curl -X GET "http://localhost:8001/api/reports/preview?provider=aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Import user and resource data from JSON file.
Sample curl:
curl -X POST "http://localhost:8001/api/import/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-F "file=@data.json" \
-F "provider=aws" \
-F "overwrite=false"Description: Get summary of groups across all providers.
Sample curl:
curl -X GET "http://localhost:8001/api/groups/providers/summary" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get unified group analytics across providers.
Sample curl:
curl -X GET "http://localhost:8001/api/groups/unified/analytics" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Search for groups across providers.
Sample curl:
curl -X GET "http://localhost:8001/api/groups/search?q=admin&provider=aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Export group data.
Sample curl:
curl -X GET "http://localhost:8001/api/groups/export?format=csv&provider=aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
--output groups.csvDescription: Get groups for a specific provider.
Sample curl:
curl -X GET "http://localhost:8001/api/groups/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get detailed information about a specific group.
Sample curl:
curl -X GET "http://localhost:8001/api/groups/aws/group_123/details" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get all synchronized groups.
Sample curl:
curl -X GET "http://localhost:8001/api/synced-groups" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get synchronized groups for a specific provider.
Sample curl:
curl -X GET "http://localhost:8001/api/synced-groups/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Trigger group synchronization.
Sample curl:
curl -X POST "http://localhost:8001/api/groups/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"provider": "aws",
"force_refresh": true
}'Description: Get AWS IAM groups.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/aws/groups" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get Azure AD groups.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/azure/groups" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get GCP groups.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/gcp/groups" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get GitHub teams and organizations.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/github/groups" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get Okta groups.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/okta/groups" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get all available compliance frameworks.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/frameworks" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
{
"frameworks": [
{
"id": "cis_2.0_aws",
"name": "CIS Controls v2.0 for AWS",
"description": "Center for Internet Security AWS benchmark",
"total_checks": 245,
"supported_providers": ["aws"]
}
]
}Description: Get all checks for a specific compliance framework.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/frameworks/cis_2.0_aws/checks" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get detailed information about a compliance framework.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/frameworks/cis_2.0_aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Run compliance assessment for a specific framework.
Sample curl:
curl -X POST "http://localhost:8001/api/compliance/assess/cis_2.0_aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"aws_credentials": {
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}
}'Description: Get all compliance assessments.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/assessments?limit=20" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get specific compliance assessment results.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/assessments/assessment_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get compliance dashboard summary.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/dashboard" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Export compliance assessment results.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/export/cis_2.0_aws?format=pdf" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
--output compliance_report.pdfDescription: Run unified compliance assessment across multiple frameworks.
Sample curl:
curl -X POST "http://localhost:8001/api/compliance/unified/assess" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"frameworks": ["cis_2.0_aws", "nist_csf_1.1_aws"],
"aws_credentials": {
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
}
}'Description: Get supported compliance providers.
Sample curl:
curl -X GET "http://localhost:8001/api/compliance/providers" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Run compliance assessment for a specific provider.
Sample curl:
curl -X POST "http://localhost:8001/api/compliance/assess/provider/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"framework_types": ["cis_2.0_aws", "iso27001_2022_aws"],
"credentials": {
"access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
}
}'Description: Get AWS attack surface analysis.
Sample curl:
curl -X GET "http://localhost:8001/api/attack-surface/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
{
"account_id": "123456789012",
"assessment_date": "2024-06-01T10:00:00Z",
"risk_score": 75.5,
"total_findings": 25,
"summary": {
"critical_findings": 2,
"high_findings": 8,
"medium_findings": 10,
"low_findings": 5
},
"escalation_paths": [
{
"technique": "IAM_POLICY_PRIVILEGE_ESCALATION",
"source_principal": "user:john-doe",
"target_principal": "role:AdminRole",
"risk_level": "high"
}
]
}Description: Get historical AWS attack surface analysis data.
Sample curl:
curl -X GET "http://localhost:8001/api/attack-surface/aws/history?days=30" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get enhanced AWS attack surface analysis.
Sample curl:
curl -X GET "http://localhost:8001/api/attack-surface/aws/enhanced" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get GCP attack surface analysis.
Sample curl:
curl -X GET "http://localhost:8001/api/attack-surface/gcp" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get historical GCP attack surface analysis data.
Sample curl:
curl -X GET "http://localhost:8001/api/attack-surface/gcp/history?days=30" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get enhanced GCP attack surface analysis.
Sample curl:
curl -X GET "http://localhost:8001/api/attack-surface/gcp/enhanced" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get DNS security monitoring status.
Sample curl:
curl -X GET "http://localhost:8001/api/dns-security/status" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get AWS DNS security scan results.
Sample curl:
curl -X GET "http://localhost:8001/api/dns-security/results/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Expected Response:
{
"scan_id": "dns_scan_123",
"provider": "aws",
"scan_date": "2024-06-01T10:00:00Z",
"total_domains": 150,
"vulnerabilities_found": 8,
"high_risk_domains": 2,
"findings": [
{
"domain": "api.company.com",
"vulnerability_type": "DNS_HIJACKING_RISK",
"severity": "high",
"description": "Domain uses weak DNS configuration"
}
]
}Description: Get GCP DNS security scan results.
Sample curl:
curl -X GET "http://localhost:8001/api/dns-security/results/gcp" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get specific DNS security scan results.
Sample curl:
curl -X GET "http://localhost:8001/api/dns-security/scan/dns_scan_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get detailed information about a specific DNS vulnerability.
Sample curl:
curl -X GET "http://localhost:8001/api/dns-security/vulnerability/vuln_456" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get DNS security analytics dashboard.
Sample curl:
curl -X GET "http://localhost:8001/api/dns-security/analytics/dashboard" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Trigger automated security analysis.
Sample curl:
curl -X POST "http://localhost:8001/api/auto-analysis/trigger" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"provider": "aws",
"analysis_types": ["risk_assessment", "compliance_check", "attack_surface"],
"priority": "high"
}'Description: Get all auto-analysis jobs and their status.
Sample curl:
curl -X GET "http://localhost:8001/api/auto-analysis/jobs" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get auto-analysis results for a specific provider and type.
Sample curl:
curl -X GET "http://localhost:8001/api/auto-analysis/results/aws/risk_assessment" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get overall auto-analysis system status.
Sample curl:
curl -X GET "http://localhost:8001/api/auto-analysis/status" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get security recommendations for a specific provider.
Sample curl:
curl -X GET "http://localhost:8001/api/security/recommendations/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Set up secure credential storage.
Sample curl:
curl -X POST "http://localhost:8001/api/security/credentials/setup" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"encryption_method": "aes_256",
"key_rotation_enabled": true
}'Description: Get security best practices for a provider.
Sample curl:
curl -X GET "http://localhost:8001/api/security/best-practices/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get comprehensive security dashboard.
Sample curl:
curl -X GET "http://localhost:8001/api/security/dashboard" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: List all configured cloud provider credentials.
Sample curl:
curl -X GET "http://localhost:8001/api/credentials" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Add new cloud provider credentials.
Sample curl:
curl -X POST "http://localhost:8001/api/credentials" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"provider": "aws",
"description": "Production AWS Account",
"credentials": {
"access_key_id": "AKIA...",
"secret_access_key": "xxx...",
"region": "us-east-1"
}
}'Description: Update existing credentials.
Sample curl:
curl -X PUT "http://localhost:8001/api/credentials/cred_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"description": "Updated Production AWS Account",
"credentials": {
"region": "us-west-2"
}
}'Description: Remove credentials.
Sample curl:
curl -X DELETE "http://localhost:8001/api/credentials/cred_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Test credential connectivity.
Sample curl:
curl -X POST "http://localhost:8001/api/credentials/cred_123/test" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Trigger data synchronization using specific credentials.
Sample curl:
curl -X POST "http://localhost:8001/api/credentials/cred_123/sync" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get sample data for all providers.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/samples" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get sample data for a specific provider.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/samples/aws" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Download unified sample data file.
Sample curl:
curl -X GET "http://localhost:8001/api/providers/samples/unified/download" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
--output sample_data.jsonDescription: Get information about all supported cloud providers.
Sample curl:
curl -X GET "http://localhost:8001/api/providers" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Initialize application with sample data.
Sample curl:
curl -X POST "http://localhost:8001/api/init-sample-data" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Create administrative user account.
Sample curl:
curl -X POST "http://localhost:8001/api/create-admin" \
-H "Content-Type: application/json" \
-d '{
"email": "admin@company.com",
"password": "SecureAdminPass123!",
"full_name": "System Administrator"
}'Description: Clear all provider data (destructive operation).
Sample curl:
curl -X DELETE "http://localhost:8001/api/admin/clear-providers-data" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get audit logs for system activities.
Sample curl:
curl -X GET "http://localhost:8001/api/audit-logs?limit=100&user_id=user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"The notification system is available under the /api/notifications prefix. Here are the main endpoints:
Description: Get user notification settings.
Sample curl:
curl -X GET "http://localhost:8001/api/notifications/settings/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Update user notification settings.
Sample curl:
curl -X PUT "http://localhost:8001/api/notifications/settings/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"enabled": true,
"enabled_channels": ["email", "slack"],
"enabled_types": ["risk_alert", "compliance_violation"],
"min_severity": "medium"
}'Description: Get user notification channels.
Sample curl:
curl -X GET "http://localhost:8001/api/notifications/channels/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Create notification channel.
Sample curl:
curl -X POST "http://localhost:8001/api/notifications/channels/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Email Alerts",
"channel_type": "email",
"enabled": true,
"configuration": {
"email_address": "user@company.com"
}
}'Description: Update notification channel.
Sample curl:
curl -X PUT "http://localhost:8001/api/notifications/channels/user_123/channel_456" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Updated Email Alerts",
"enabled": false
}'Description: Delete notification channel.
Sample curl:
curl -X DELETE "http://localhost:8001/api/notifications/channels/user_123/channel_456" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Test notification channel.
Sample curl:
curl -X POST "http://localhost:8001/api/notifications/test/user_123" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"channel_id": "channel_456",
"test_message": "This is a test notification"
}'Description: Send notification to multiple users.
Sample curl:
curl -X POST "http://localhost:8001/api/notifications/send" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"user_ids": ["user_123", "user_456"],
"notification_type": "risk_alert",
"severity": "high",
"title": "High Risk User Detected",
"message": "User john.doe@company.com has been flagged as high risk"
}'Description: Get notification logs for user.
Sample curl:
curl -X GET "http://localhost:8001/api/notifications/logs/user_123?limit=50" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Test email SMTP configuration.
Sample curl:
curl -X POST "http://localhost:8001/api/notifications/test/email" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"smtp_server": "smtp.gmail.com",
"smtp_port": 587,
"smtp_username": "user@gmail.com",
"smtp_password": "app_password",
"use_tls": true
}'Description: Test Slack webhook configuration.
Sample curl:
curl -X POST "http://localhost:8001/api/notifications/test/slack" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"webhook_url": "https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"
}'Description: Test Discord webhook configuration.
Sample curl:
curl -X POST "http://localhost:8001/api/notifications/test/discord" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"webhook_url": "https://discord.com/api/webhooks/123456789/abcdefghijklmnop"
}'Description: Get available notification types and severities.
Sample curl:
curl -X GET "http://localhost:8001/api/notifications/types" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get default notification templates.
Sample curl:
curl -X GET "http://localhost:8001/api/notifications/templates/defaults" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get common SMTP provider configurations.
Sample curl:
curl -X GET "http://localhost:8001/api/notifications/providers/smtp" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: List all available API routes (development only).
Sample curl:
curl -X GET "http://localhost:8001/api/debug/routes" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Check CORS configuration.
Sample curl:
curl -X GET "http://localhost:8001/api/debug/cors" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Get environment configuration (development only).
Sample curl:
curl -X GET "http://localhost:8001/api/debug/env" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Debug IAM bindings and permissions.
Sample curl:
curl -X GET "http://localhost:8001/api/debug/iam-bindings" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"Description: Debug synchronized user data.
Sample curl:
curl -X GET "http://localhost:8001/api/debug/synced-users" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"All endpoints return consistent error responses in the following format:
{
"error": {
"code": "ERROR_CODE",
"message": "Human readable error message",
"details": {},
"timestamp": "2024-06-01T15:00:00Z",
"request_id": "req_12345"
}
}- 200 OK - Request successful
- 201 Created - Resource created successfully
- 204 No Content - Resource deleted successfully
- 400 Bad Request - Invalid request parameters
- 401 Unauthorized - Authentication required
- 403 Forbidden - Insufficient permissions
- 404 Not Found - Resource not found
- 409 Conflict - Resource already exists
- 422 Unprocessable Entity - Validation error
- 429 Too Many Requests - Rate limit exceeded
- 500 Internal Server Error - Server error
The API implements rate limiting:
- Authentication endpoints: 5 requests per 15 minutes per IP
- General API endpoints: 100 requests per minute per user
- Export endpoints: 10 requests per hour per user
- Sync endpoints: 5 requests per hour per provider
Rate limit headers are included in responses:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1623456000
Most endpoints require JWT authentication. Include the token in the Authorization header:
Authorization: Bearer YOUR_JWT_TOKENTo obtain a token, use the /api/auth/login endpoint with valid credentials.
This documentation covers all available API endpoints in the Cloud Access Visualizer application. For interactive documentation, visit the Swagger UI at http://localhost:8001/docs.