The Argus REST API consists of a number of API modules, for different parts of the system.
Each module has a name and a version, e.g. /events/v1 or /case/v2.
Compatibility and Deprecation
When an API module is publicly released, the request and response model are guaranteed to stay consistent and backwards compatible. Breaking changes will not be done in a released version, instead we will release a new version of the module, which may have a different structure and contract.
We may add fields and functionality to a published module by adding endpoints or adding input/output fields, but that will always be done in a backwards compatible manner.
Deprecation and changes will be announced on the mailinglist firstname.lastname@example.org. Please contact mnemonic to be added to this mailinglist. In addition, deprecations will be announced on the API documentation page for the relevant API module.
Each operation towards Argus is restricted by Access Control rules. If the requested operation violates an Access Control rule, the user will be rejected with a 403 Access Denied. This may be because the operation is not permitted for the requested object, or because the operation is not permitted for the user at all.
In addition, some operations are not permitted to be used using API-key, because they require a higher Security Level.
To use privileged operations, the user needs to have such permissions enabled, and use a session authentication with a higher Security Level. Contact mnemonic for details.
All published endpoints are documented using Swagger. The documentation can be seen here.
If logged in, the endpoints can be used directly in Swagger without using an API-key, since the request will use the current session.
If entering an API-key in the swagger API-key field, this API-key will be used for all requests. Please note that due to the fact that API-keys have a lower Security Level than two-factor sessions, some operations may be rejected using API-key even though they worked using the logged-in session.
Thus, all testing to create scripts based on API-keys should be done using API-keys also in Swagger.
General endpoint structure
The Argus API uses a REST structure, with a general layout.