Security API

Base URL: https://api.theonesecurity.app

Authentication

Most endpoints require a valid session cookie or integration key. Endpoints marked Public require no authentication.

27 endpoints discovered across 5 function app(s).

Method	Route	Auth
`POST`	`/api/agents/{action}`	Public
`GET`	`/api/auth/github`	Public
`GET`	`/api/auth/github/callback`	Public
`GET`	`/api/auth/microsoft`	Public
`GET`	`/api/auth/microsoft/callback`	Public
`GET`	`/api/bridge/alerts`	Integration Key
`GET`	`/api/bridge/alerts/{id}`	Integration Key
`PATCH`	`/api/bridge/alerts/{id}`	Integration Key
`GET`	`/api/bridge/compliance`	Integration Key
`GET`	`/api/bridge/findings`	Integration Key
`GET`	`/api/bridge/scans`	Integration Key
`POST`	`/api/entity-sync/company`	Integration Key
`PATCH`	`/api/entity-sync/company/{hubCompanyId}`	Integration Key
`GET`	`/api/entity-sync/company/{hubCompanyId}/summary`	Integration Key
`POST`	`/api/entity-sync/contact`	Integration Key
`PATCH`	`/api/entity-sync/contact/{hubContactId}`	Integration Key
`GET`	`/api/integration/activity?client_id=X`	Integration Key
`GET`	`/api/integration/darkweb?client_id=X`	Integration Key
`GET`	`/api/integration/health?client_id=X`	Integration Key
`GET`	`/api/integration/sat?user_id=X`	Integration Key
`GET`	`/api/integration/status?client_id=X`	Integration Key
`POST`	`/api/permissions/register`	Integration Key
`GET`	`/api/search?q=...&tenant_id=...`	Integration Key
`POST`	`/api/sso/exchange`	Public
`POST`	`/api/sso/initiate`	Public
`POST`	`/api/stripe/webhook`	Public
`POST`	`/api/webhook/scan-results`	Public

POST/api/agents/{action}
Create agents
Auth: Public

GET/api/auth/github
List or retrieve github
Auth: Public

GET/api/auth/github/callback
List or retrieve callback
Auth: Public

GET/api/auth/microsoft
List or retrieve microsoft
Auth: Public

GET/api/auth/microsoft/callback
List or retrieve callback
Auth: Public

GET/api/bridge/alerts
List or retrieve alerts
Auth: Integration Key

GET/api/bridge/alerts/{id}
List or retrieve alerts
Auth: Integration Key

PATCH/api/bridge/alerts/{id}
Update alerts
Auth: Integration Key

GET/api/bridge/compliance
List or retrieve compliance
Auth: Integration Key

GET/api/bridge/findings
List or retrieve findings
Auth: Integration Key

GET/api/bridge/scans
List or retrieve scans
Auth: Integration Key

POST/api/entity-sync/company
Create company
Auth: Integration Key

PATCH/api/entity-sync/company/{hubCompanyId}
Update company
Auth: Integration Key

GET/api/entity-sync/company/{hubCompanyId}/summary
List or retrieve summary
Auth: Integration Key

POST/api/entity-sync/contact
Create contact
Auth: Integration Key

PATCH/api/entity-sync/contact/{hubContactId}
Update contact
Auth: Integration Key

GET/api/integration/activity?client_id=X
List or retrieve activity?client_id=X
Auth: Integration Key

GET/api/integration/darkweb?client_id=X
List or retrieve darkweb?client_id=X
Auth: Integration Key

GET/api/integration/health?client_id=X
List or retrieve health?client_id=X
Auth: Integration Key

GET/api/integration/sat?user_id=X
List or retrieve sat?user_id=X
Auth: Integration Key

GET/api/integration/status?client_id=X
List or retrieve status?client_id=X
Auth: Integration Key

POST/api/permissions/register
Create register
Auth: Integration Key

GET/api/search?q=...&tenant_id=...
List or retrieve search?q=...&tenant_id=...
Auth: Integration Key

POST/api/sso/exchange
Create exchange
Auth: Public

POST/api/sso/initiate
Create initiate
Auth: Public

POST/api/stripe/webhook
Create webhook
Auth: Public

POST/api/webhook/scan-results
Create scan results
Auth: Public

note

This reference is auto-generated from source code. Run npx tsx scripts/generate-api-docs.ts from the ops-center repo to refresh.