API Overview
API Overview
Section titled “API Overview”The NEURO API provides programmatic access to your security assessment data. Build integrations, automate workflows, and connect NEURO with your existing tools.
Base URL
Section titled “Base URL”All API requests use your tenant-specific domain:
https://{tenant}.nforged.com/api/v1Replace {tenant} with your organization’s subdomain (e.g., acme.nforged.com).
Authentication
Section titled “Authentication”All API requests require authentication using Bearer tokens:
curl -X GET "https://{tenant}.nforged.com/api/v1/projects" \ -H "Authorization: Bearer YOUR_API_TOKEN"See Authentication for details on obtaining tokens.
Request Format
Section titled “Request Format”Headers
Section titled “Headers”Required headers:
Authorization: Bearer YOUR_TOKENContent-Type: application/jsonRequest Body
Section titled “Request Body”POST and PUT requests use JSON:
{ "name": "Project Name", "client_id": "client_123"}Response Format
Section titled “Response Format”Success Response
Section titled “Success Response”{ "success": true, "data": { "id": "proj_123", "name": "Project Name" }}List Response
Section titled “List Response”{ "success": true, "data": [...], "meta": { "page": 1, "limit": 50, "total": 234, "pages": 5 }}Error Response
Section titled “Error Response”{ "success": false, "error": { "code": "VALIDATION_ERROR", "message": "Invalid input", "details": [ {"field": "name", "message": "Name is required"} ] }}HTTP Status Codes
Section titled “HTTP Status Codes”| Code | Description |
|---|---|
200 | Success |
201 | Created |
400 | Bad Request |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
429 | Rate Limited |
500 | Server Error |
Rate Limiting
Section titled “Rate Limiting”| Limit | Value |
|---|---|
| Requests per minute | 1,000 |
| Requests per hour | 10,000 |
Rate limit headers:
X-RateLimit-Limit: 1000X-RateLimit-Remaining: 999X-RateLimit-Reset: 1640000000Pagination
Section titled “Pagination”List endpoints support pagination:
GET /findings?page=2&limit=50| Parameter | Default | Maximum |
|---|---|---|
page | 1 | - |
limit | 50 | 100 |
Filtering
Section titled “Filtering”Filter results with query parameters:
GET /findings?severity=High&status=Open&project_id=proj_123Common filters:
severity- Critical, High, Medium, Low, Infostatus- Open, Confirmed, Remediatedproject_id- Filter by projectcreated_after- ISO datecreated_before- ISO datesearch- Text search
Sorting
Section titled “Sorting”Sort results:
GET /findings?sort=created_at&order=descAPI Endpoints
Section titled “API Endpoints”Core Resources
Section titled “Core Resources”| Resource | Base Path |
|---|---|
| Projects | /projects |
| Findings | /findings |
| Assets | /assets |
| Reports | /reports |
| Clients | /clients |
| Users | /users |
Operations
Section titled “Operations”| Method | Description |
|---|---|
GET | Retrieve resources |
POST | Create resources |
PUT | Update resources |
DELETE | Delete resources |
SDKs & Libraries
Section titled “SDKs & Libraries”Official SDKs
Section titled “Official SDKs”Coming soon:
- Python SDK
- JavaScript/Node.js SDK
- Go SDK
Community Libraries
Section titled “Community Libraries”Check our GitHub for community-contributed libraries.
Webhooks
Section titled “Webhooks”Receive real-time notifications:
finding.createdfinding.updatedproject.createdreport.generated
Configure in Settings → Webhooks.
Getting Started
Section titled “Getting Started”- Generate an API token
- Make your first request
- Explore the endpoint documentation
- Build your integration
Support
Section titled “Support”- API questions: api-support@nforged.com
- Documentation issues: docs@nforged.com
- Status page: status.nforged.com
Next: Learn about API Authentication