API Reference
Complete documentation for all Wildbox microservices and their endpoints.
Identity Service
Authentication, users, tokens
Guardian Service
Integrations, queue management
Agents Service
AI analysis, threat intelligence
Data Service
Data aggregation, analysis
Tools Service
Security tool execution
Responder Service
Incident response, playbooks
Identity & Authentication Service
Manage user authentication, create and validate JWT tokens, handle user accounts and permissions.
Base URL: http://localhost:8000/api/v1
/auth/login
User login with email and password. Returns JWT token for authenticated requests.
View Request/Response
Request Body
{
"email": "user@example.com",
"password": "password123"
}
200 OK
{
"data": {
"token": "eyJhbGciOiJIUzI1NiIs...",
"user_id": "usr-123",
"expires_in": 3600
},
"status": "success"
}
/auth/refresh
Refresh an existing JWT token to extend the session duration.
/auth/logout
Logout user and revoke the current JWT token.
/users
List all users with pagination and filtering support.
/users
Create a new user account with specified permissions.
/users/{id}
Retrieve detailed information about a specific user.
/users/{id}
Update user profile, permissions, and settings.
/users/{id}
Delete a user account and revoke all associated tokens.
Guardian Service API
Asset management, vulnerability tracking, scanner orchestration, and remediation workflows
Assets Management
List Assets
GET /api/v1/assets/
List all security assets with filtering and pagination support.
View Details
Query Parameters:
- limit: Number of results (default: 20)
- offset: Pagination offset (default: 0)
- status: Filter by status (active, inactive, vulnerable)
- severity: Highest vulnerability (critical, high, medium, low)
Example:
curl "http://localhost:8001/api/v1/assets/?status=active&severity=critical" \
-H "X-API-Key: your-api-key"Create Asset
POST /api/v1/assets/
Create a new security asset in the system.
View Details
Request Body Fields:
- name: Asset name (required)
- asset_type: Type like server, database (required)
- ip_address: IPv4 or IPv6 address
- hostname: FQDN or hostname
- tags: Array of tags for organization
Example:
curl -X POST "http://localhost:8001/api/v1/assets/" \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"name":"Web Server","asset_type":"server","ip_address":"192.168.1.100"}'Scan Asset
POST /api/v1/assets/{id}/scan/
Initiate a security scan on an asset.
View Details
Request Parameters:
- scanner_id: Scanner to use (required)
- scan_profile: full, quick, vulnerability-only
- schedule: immediate, daily, weekly
Example:
curl -X POST "http://localhost:8001/api/v1/assets/asset-001/scan/" \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"scanner_id":"scanner-nessus-01","scan_profile":"full"}'Vulnerabilities Management
List Vulnerabilities
GET /api/v1/vulnerabilities/
List all vulnerabilities with advanced filtering capabilities.
View Details
Query Parameters:
- severity: critical, high, medium, low, info
- status: open, in_progress, resolved, false_positive
- asset_id: Filter by specific asset
- has_exploit: Filter by known exploits
Example:
curl "http://localhost:8001/api/v1/vulnerabilities/?severity=critical&status=open" \
-H "X-API-Key: your-api-key"Update Vulnerability
PATCH /api/v1/vulnerabilities/{id}/
Update vulnerability status or assignment.
View Details
Request Fields:
- status: open, in_progress, resolved, false_positive
- assigned_to: Team or user assignment
- priority: immediate, high, medium, low
- remediation_notes: Remediation details
Example:
curl -X PATCH "http://localhost:8001/api/v1/vulnerabilities/vuln-001/" \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"status":"in_progress","assigned_to":"security-team"}'Integration Management
List Integrations
GET /api/v1/integrations/
List all configured integrations with external systems.
View Details
Query Parameters:
- status: active, inactive, error
- integration_type: ticketing, siem, notification, vulnerability
Example:
curl "http://localhost:8001/api/v1/integrations/?status=active" \
-H "X-API-Key: your-api-key"Test Integration
POST /api/v1/integrations/{id}/test/
Test connectivity and authentication with an integration.
View Details
Response:
{"status":"connected","platform":"JIRA","message":"Successfully connected"}Authentication
Guardian Service supports two authentication methods:
- API Key: Use X-API-Key header with your API key
- Bearer Token: Use Authorization: Bearer header with JWT token
Rate Limiting
Anonymous: 100 requests/hour | API Key: 5,000 requests/hour | Bearer Token: 1,000 requests/hour
For complete Guardian Service API documentation including all endpoints, error codes, and advanced examples:
View Full Documentation →Agents Service API
AI-powered threat analysis and intelligent enrichment endpoints
Data Service API
Security data aggregation, analysis, and reporting endpoints
Tools Service API
Security tool execution, resource management, and orchestration endpoints
Responder Service API
Incident response, playbook execution, and remediation endpoints
Authentication
All API endpoints require authentication using Bearer tokens in the Authorization header:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Obtain a token by logging in via the /auth/login endpoint with your credentials.
Error Handling
The API returns standard HTTP status codes. Errors include detailed JSON responses:
{
"error": "Unauthorized",
"message": "Invalid or expired token",
"status": "error",
"request_id": "req-12345"
}
See individual endpoint documentation for specific error codes and handling.
Need Help?
Check out our resources for more information: