What Is It?

The BaseFortify REST API is a secure, HTTP-based service that exposes your infrastructure and security data as JSON. Automate node provisioning, component inventory, or threat tracking directly from scripts or third-party integrations.

Who Can Use It?

Every registered BaseFortify customer has access. All private endpoints require a valid session or OAuth2 token. Only public “health” endpoints are open without credentials.

Key Resources

• Nodes — create, list, and manage compute instances
• Components — register and track software or hardware items
• Threats — view, update, and archive vulnerability findings
• Health — check service availability for each API group

Base URL & Versioning

All calls use this prefix:

        https://api.basefortify.eu/api/v1/

For instance, GET /api/v1/nodes/health returns metadata about node endpoints.

Authentication

Include your token in every protected request:

        Authorization: Bearer <your-access-token>

Tokens are available in your account settings or via OAuth2. Public health checks do not require a token.

Getting Started

1. Log in to your BaseFortify account (or sign up).
2. Generate an API token under “User Settings → API Tokens.”
3. Browse the interactive docs (link in the sidebar) for endpoint details and examples.
4. Use cURL, Postman, or your favorite HTTP library to start making requests.

Best Practices

• Always use HTTPS.
• Store tokens securely—never commit them to public repositories.
• Leverage pagination for large list requests to reduce payload size.
• Ping the health endpoints before executing bulk operations.