Rudder API (20)

Rudder developers: dev@rudder.io URL: https://www.rudder.io License: CC-BY-SA 2.0

Download OpenAPI specification: openapi.yml

Other documentation sources:

Introduction

Rudder exposes a REST API, enabling the user to interact with Rudder without using the webapp, for example, in scripts or cron jobs.

Authentication

The Rudder REST API uses simple API keys for authentication. All requests must be authenticated (except from a generic status API). The tokens are 32-character strings, passed in a X-API-Token header, like in:

curl --header "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules

The tokens are the API equivalent of a password, and must be secured just like a password would be.

API accounts

The accounts are managed in the Web interface. There are three types of accounts:

  • Global API accounts: they are not linked to a Rudder user, and are managed by Rudder administrators in the Administration -> API accounts page. You should define an expiration date whenever possible.

General API tokens settings

  • User tokens: they are linked to a Rudder user, and give the same rights the user has. There can be only one token by user. This feature is provided by the api-authorizatons plugin.

User API token

  • System token: it is a special token, not visible in the interface. Its value is postfixed with -system and is regenerated at each application restart. It is designed to allow running local calls to the API without having to configure an account. The token is written into /var/rudder/run/api-token and only readable by the root user. When using the token with curl, you should use the alternative form to prevent leaking the token in the process list:
curl --header @/var/rudder/run/api-token-header

When an action produces a change of configuration on the server, the API account that made it will be recorded in the event log, like for a Web interaction.

Authorization

When using Rudder without the api-authorizatons plugin, only global accounts are available, with two possible privilege levels, read-only or write. With the api-authorizatons plugin, you also get access to:

  • User tokens, which have the same permissions as the user, using the Rudder roles and permissions feature.
  • Custom ACLs on global API accounts. They provide fine-grained permissions on every endpoint:

Custom API ACL

As a general principle, you should create dedicated tokens with the least privilege level for each different interaction you have with the API. This limits the risks of exploitation if a token is stolen, and allows tracking the activity of each token separately. Token renewal is also easier when they are only used for a limited purpose.

Versioning

Each time the API is extended with new features (new functions, new parameters, new responses, ...), it will be assigned a new version number. This will allow you to keep your existing scripts (based on previous behavior). Versions will always be integers (no 2.1 or 3.3, just 2, 3, 4, ...) or latest.

You can change the version of the API used by setting it either within the url or in a header:

  • the URL: each URL is prefixed by its version id, like /api/version/function.
# Version 10
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/10/rules
# Latest
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules
# Wrong (not an integer) => 404 not found
curl -X GET -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/3.14/rules
  • the HTTP headers. You can add the X-API-Version header to your request. The value needs to be an integer or latest.
# Version 10
curl -X GET -H "X-API-Token: yourToken" -H "X-API-Version: 10" https://rudder.example.com/rudder/api/rules
# Wrong => Error response indicating which versions are available
curl -X GET -H "X-API-Token: yourToken" -H "X-API-Version: 3.14" https://rudder.example.com/rudder/api/rules

In the future, we may declare some versions as deprecated, in order to remove them in a later version of Rudder, but we will never remove any versions without warning, or without a safe period of time to allow migration from previous versions.

Existing versions

Version Rudder versions it appeared in Description
1 Never released (for internal use only) Experimental version
2 to 10 (deprecated) 4.3 and before These versions provided the core set of API features for rules, directives, nodes global parameters, change requests and compliance, rudder settings, and system API
11 5.0 New system API (replacing old localhost v1 api): status, maintenance operations and server behavior
12 6.0 and 6.1 Node key management
13 6.2
  • Node status endpoint
  • System health check
  • System maintenance job to purge software [that endpoint was back-ported in 6.1]
14 7.0
  • Secret management
  • Directive tree
  • Improve techniques management
  • Demote a relay
15 7.1
  • Package updates in nodes
16 7.2
  • Create node API included from plugin
  • Configuration archive import/export
17 7.3
  • Compliance by directive
  • Path campaigns API included
18 8.0
  • Allowed network
  • Improve the structure of `/settings/allowed_networks` output
19 8.1
  • Multi-tenants
  • Scores list
20 8.2
  • More standard format for node details fields

Response format

All responses from the API are in the JSON format.

{
  "action": "The name of the called function",
  "id": "The ID of the element you want, if relevant",
  "result": "The result of your action: success or error",
  "data": "Only present if this is a success and depends on the function, it's usually a JSON object",
  "errorDetails": "Only present if this is an error, it contains the error message"
}
  • Success responses are sent with the 200 HTTP (Success) code

  • Error responses are sent with a HTTP error code (mostly 5xx...)

HTTP method

Rudder's REST API is based on the usage of HTTP methods. We use them to indicate what action will be done by the request. Currently, we use four of them:

  • GET: search or retrieve information (get rule details, get a group, ...)

  • PUT: add new objects (create a directive, clone a Rule, ...)

  • DELETE: remove objects (delete a node, delete a parameter, ...)

  • POST: update existing objects (update a directive, reload a group, ...)

Parameters

General parameters

Some parameters are available for almost all API functions. They will be described in this section. They must be part of the query and can't be submitted in a JSON form.

Available for all requests

Field Type Description
prettify boolean
optional
Determine if the answer should be prettified (human friendly) or not. We recommend using this for debugging purposes, but not for general script usage as this does add some unnecessary load on the server side.

Default value: false

Available for modification requests (PUT/POST/DELETE)

Field Type Description
reason string
optional or required
Set a message to explain the change. If you set the reason messages to be mandatory in the web interface, failing to supply this value will lead to an error.

Default value: ""

changeRequestName string
optional
Set the change request name, is used only if workflows are enabled. The default value depends on the function called

Default value: A default string for each function

changeRequestDescription string
optional
Set the change request description, is used only if workflows are enabled.

Default value: ""

Passing parameters

Parameters to the API can be sent:

  • As part of the URL for resource identification

  • As data for POST/PUT requests

    • Directly in JSON format

    • As request arguments

As part of the URL for resource identification

Parameters in URLs are used to indicate which resource you want to interact with. The function will not work if this resource is missing.

# Get the Rule of ID "id"
curl -H "X-API-Token: yourToken" https://rudder.example.com/rudder/api/latest/rules/id

CAUTION: To avoid surprising behavior, do not put a '/' at the end of a URL: it would be interpreted as '/[empty string parameter]' and redirected to '/index', likely not what you wanted to do.

Sending data for POST/PUT requests

Directly in JSON format

JSON format is the preferred way to interact with Rudder API for creating or updating resources. You'll also have to set the Content-Type header to application/json (without it the JSON content would be ignored). In a curl POST request, that header can be provided with the -H parameter:

curl -X POST -H "Content-Type: application/json" ...

The supplied file must contain a valid JSON: strings need quotes, booleans and integers don't, etc.

The (human-readable) format is:

{
  "key1": "value1",
  "key2": false,
  "key3": 42
}

Here is an example with inlined data:

# Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" -H  "Content-Type: application/json"
https://rudder.example.com/rudder/api/rules/latest/{id}
  -d '{ "displayName": "new name", "enabled": false, "directives": "directiveId"}'

You can also pass a supply the JSON in a file:

# Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json" https://rudder.example.com/rudder/api/rules/latest/{id} -d @jsonParam

Note that the general parameters view in the previous chapter cannot be passed in a JSON, and you will need to pass them a URL parameters if you want them to be taken into account (you can't mix JSON and request parameters):

# Update the Rule 'id' with a new name, disabled, and setting it one directive with reason message "Reason used"
curl -X POST -H "X-API-Token: yourToken" -H "Content-Type: application/json" "https://rudder.example.com/rudder/api/rules/latest/{id}?reason=Reason used" -d @jsonParam -d "reason=Reason ignored"
Request parameters

In some cases, when you have little, simple data to update, JSON can feel bloated. In such cases, you can use request parameters. You will need to pass one parameter for each data you want to change.

Parameters follow the following schema:

key=value

You can pass parameters by two means:

# Update the Rule 'id' with a new name, disabled, and setting it one directive
curl -X POST -H "X-API-Token: yourToken"  https://rudder.example.com/rudder/api/rules/latest/{id}?"displayName=my new name"&"enabled=false"&"directives=aDirectiveId"
  • As request data: You can pass those parameters in the request data, they won't figure in the URL, making it lighter to read, You can pass a file that contains data.
# Update the Rule 'id' with a new name, disabled, and setting it one directive (in file directive-info.json)
curl -X POST -H "X-API-Token: yourToken"
https://rudder.example.com/rudder/api/rules/latest/{id} -d "displayName=my new name" -d "enabled=false" -d @directive-info.json

API Info

Information about API endpoints and versions

List all endpoints

List all endpoints and their version

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "apiGeneralInformations"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/info

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "apiGeneralInformations",
  • "data": {
    }
}

Get information about one API endpoint

Get the description and the list of supported version for one API endpoint

Authorizations:
API-Tokens
path Parameters
endpointName
required
string
Example: listAcceptedNodes

Name of the endpoint for which one wants information

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "apiInformations"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/info/details/listAcceptedNodes

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "apiInformations",
  • "data": {
    }
}

Get information on endpoint in a section

Get all endpoints in the given section with their supported version.

Authorizations:
API-Tokens
path Parameters
sectionId
required
string
Example: nodes

Id of the API section

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "apiSubInformations"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/info/nodes

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "apiSubInformations",
  • "data": {
    }
}

Status

Is alive check

Check if Rudder is alive

An unauthenticated API to check if Rudder web application is up and running. Be careful: this API does not follow other Rudder's API convention:

  • it is not versioned, so the path is just /api/status;
  • it returns a plain text message.

Responses

Response Schema: text/plain
string

Request samples

curl --request GET https://rudder.example.com/rudder/api/status

Compliance

Access compliance data

Global compliance

Get current global compliance of a Rudder server

Authorizations:
API-Tokens
query Parameters
precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getGlobalCompliance"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance?prettify=true'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getGlobalCompliance",
  • "data": {
    }
}

Compliance details for all directives

Get current compliance of all the nodes of a Rudder server

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getDirectiveComplianceId"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance/directives'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getDirectiveComplianceId",
  • "data": {
    }
}

Compliance details by directive

Get current compliance of a directive of a Rudder server

Authorizations:
API-Tokens
path Parameters
directiveId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the directive

query Parameters
format
string
Examples:
  • format=csv - CSV format for the export

format of export

Responses

Response Schema: application/json
One of
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getDirectiveComplianceId"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance/directives/704afe7b-1a65-4d2e-b4c9-54f4f548c316'

Response samples

Content type
application/json
Example
{
  • "result": "success",
  • "action": "getDirectiveComplianceId",
  • "data": {
    }
}

Compliance details by group (global)

Get compliance of a group with all rules that apply to a node within the group.

Authorizations:
API-Tokens
path Parameters
required
string or rule-target (string)

Id of the node group or rule target

query Parameters
level
integer
Default: 10
Example: level=4

Number of depth level of compliance objects to display (1:rules, 2:directives, 3:components, 4:nodes, 5:values, 6:reports)

precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getNodeGroupComplianceId"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance/groups/704afe7b-1a65-4d2e-b4c9-54f4f548c316'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getNodeGroupComplianceId",
  • "data": {
    }
}

Compliance details by group (targeted)

Get compliance of a group with only rules that explicitly include the group.

Authorizations:
API-Tokens
path Parameters
required
string or rule-target (string)

Id of the node group or rule target

query Parameters
level
integer
Default: 10
Example: level=4

Number of depth level of compliance objects to display (1:rules, 2:directives, 3:components, 4:nodes, 5:values, 6:reports)

precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getNodeGroupComplianceTargetId"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance/groups/704afe7b-1a65-4d2e-b4c9-54f4f548c316/target'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getNodeGroupComplianceTargetId",
  • "data": {
    }
}

Compliance details for all nodes

Get current compliance of all the nodes of a Rudder server

Authorizations:
API-Tokens
query Parameters
level
integer
Default: 10
Example: level=4

Number of depth level of compliance objects to display (1:rules, 2:directives, 3:components, 4:nodes, 5:values, 6:reports)

precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getNodesCompliance"

The id of the action

required
object

Request samples

# To get the compliance information of a specific node
curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/compliance/nodes?level=2'

# To get the list of nodes which have a compliance <100 for a given directive (c5881268-5612-48f2-8ef4-0ab8387fccd6) 
curl -k -H "X-API-Token: yourToken" -X GET "https://rudder.example.com/rudder/api/latest/compliance/nodes?level=3" \
| jq '[.data.nodes[] 
  | {
      "nodeid":.id, 
      "dirs": [.rules[].directives[]] 
        | map(select(.id == "c5881268-5612-48f2-8ef4-0ab8387fccd6" and .compliance < 100)) 
    }
  ] 
| map(select(.dirs | length != 0)) 
| [.[] |
    {"nodeid":.nodeid, "comp":.dirs[0].complianceDetails}
  ]'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getNodesCompliance",
  • "data": {
    }
}

Compliance details by node

Get current compliance of a node of a Rudder server

Authorizations:
API-Tokens
path Parameters
nodeId
required
string <uuid (or "root")>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the target node

query Parameters
level
integer
Default: 10
Example: level=4

Number of depth level of compliance objects to display (1:rules, 2:directives, 3:components, 4:nodes, 5:values, 6:reports)

precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getNodeCompliance"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/compliance/nodes/root?level=1'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getNodeCompliance",
  • "data": {
    }
}

Compliance details for all rules

Get current compliance of all the rules of a Rudder server

Authorizations:
API-Tokens
query Parameters
level
integer
Default: 10
Example: level=4

Number of depth level of compliance objects to display (1:rules, 2:directives, 3:components, 4:nodes, 5:values, 6:reports)

precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getRulesCompliance"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance/rules?level=2'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getRulesCompliance",
  • "data": {
    }
}

Compliance details by rule

Get current compliance of a rule of a Rudder server

Authorizations:
API-Tokens
path Parameters
ruleId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the target rule

query Parameters
level
integer
Default: 10
Example: level=4

Number of depth level of compliance objects to display (1:rules, 2:directives, 3:components, 4:nodes, 5:values, 6:reports)

precision
integer
Default: 2
Example: precision=0

Number of digits after comma in compliance percent figures

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "getRuleCompliance"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/compliance/rules?level=2'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "getRuleCompliance",
  • "data": {
    }
}

Rules

Rules management

List all rules

List all rules

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listRules"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/rules'

# To get information about the target (included/excluded) groups of the rules
curl -H "X-API-Token: yourToken" -X GET 'https://rudder.example.com/rudder/api/latest/rules' | jq '.data.rules[] | {"d": .displayName, "id":.id, "inc": .targets[].include?.or, "exc":.targets[].exclude?.or}'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listRules",
  • "data": {
    }
}

Create a rule

Create a new rule. You can specify a source rule to clone it.

Authorizations:
API-Tokens
Request Body schema: application/json
source
string <uuid>

The id of the rule the clone will be based onto. If this parameter if provided, the new rule will be a clone of this source. Other value will override values from the source.

id
string <uuid>

Rule id

displayName
string

Rule name

shortDescription
string

One line rule description

longDescription
string

Rule documentation

category
string <uuid>

The parent category id. If provided, the new rule will be in this parent category

directives
Array of strings

Directives linked to the rule

Array of objects (rule-targets)

Node and special groups targeted by that rule

enabled
boolean

Is the rule enabled

system
boolean

If true it is an internal Rudder rule

Array of objects

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "createRule"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "source": "b9f6d98a-28bc-4d80-90f7-d2f14269e215",
  • "id": "0c1713ae-cb9d-4f7b-abda-ca38c5d643ea",
  • "displayName": "Security policy",
  • "shortDescription": "Baseline applying CIS guidelines",
  • "longDescription": "This rules should be applied to all Linux nodes required basic hardening",
  • "category": "38e0c6ea-917f-47b8-82e0-e6a1d3dd62ca",
  • "directives": [
    ],
  • "targets": [
    ],
  • "enabled": true,
  • "system": false,
  • "tags": [
    ]
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "createRule",
  • "data": {
    }
}

Create a rule category

Create a new rule category

Authorizations:
API-Tokens
Request Body schema: application/json
required
parent
required
string <uuid>

The parent category of the rules

id
string <uuid>
Default: "{autogenerated}"

Rule category id, only provide it when needed.

name
required
string

Name of the rule category

description
string

Rules category description

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "CreateRuleCategory"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "parent": "b9f6d98a-28bc-4d80-90f7-d2f14269e215",
  • "id": "32d013f7-b6d8-46c8-99d3-016307fa66c0",
  • "name": "Security policies",
  • "description": "Baseline applying CIS guidelines"
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "CreateRuleCategory",
  • "data": {
    }
}

Get rule category details

Get detailed information about a rule category

Authorizations:
API-Tokens
path Parameters
ruleCategoryId
required
string <uuid>
Example: e0a311fa-f7b2-4f9e-89a9-db517b9c6b90

Rule category id

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "GetRuleCategoryDetails"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/rules/categories/4306143d-eabf-4478-b7b1-1616f4aa02b5?prettify=true'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "GetRuleCategoryDetails",
  • "data": {
    }
}

Delete group category

Delete a group category. It must have no child groups and no children categories.

Authorizations:
API-Tokens
path Parameters
ruleCategoryId
required
string <uuid>
Example: e0a311fa-f7b2-4f9e-89a9-db517b9c6b90

Rule category id

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "DeleteRuleCategory"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request DELETE 'https://rudder.example.com/rudder/api/latest/rules/categories/4306143d-eabf-4478-b7b1-1616f4aa02b5?prettify=true'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "DeleteRuleCategory",
  • "data": {
    }
}

Update rule category details

Update detailed information about a rule category

Authorizations:
API-Tokens
path Parameters
ruleCategoryId
required
string <uuid>
Example: e0a311fa-f7b2-4f9e-89a9-db517b9c6b90

Rule category id

Request Body schema: application/json
required
parent
required
string <uuid>

The parent category of the rules

name
required
string

Name of the rule category

description
string

Rules category description

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "UpdateRuleCategory"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "parent": "b9f6d98a-28bc-4d80-90f7-d2f14269e215",
  • "name": "Security policies",
  • "description": "Baseline applying CIS guidelines"
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "UpdateRuleCategory",
  • "data": {
    }
}

Get rules tree

Get all available rules and their categories in a tree

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "GetRuleTree"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/rules/tree?prettify=true'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "GetRuleTree",
  • "data": {
    }
}

Get a rule details

Get the details of a rule

Authorizations:
API-Tokens
path Parameters
ruleId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the target rule

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "ruleDetails"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET 'https://rudder.example.com/rudder/api/latest/rules/06ba8940-ed6c-4102-ba46-93d640a64c36'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "ruleDetails",
  • "data": {
    }
}

Update a rule details

Update the details of a rule

Authorizations:
API-Tokens
path Parameters
ruleId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the target rule

Request Body schema: application/json
required
id
string <uuid>

Rule id

displayName
string

Rule name

shortDescription
string

One line rule description

longDescription
string

Rule documentation

category
string <uuid>

The parent category id.

directives
Array of strings

Directives linked to the rule

Array of objects (rule-targets)

Node and special groups targeted by that rule

enabled
boolean

Is the rule enabled

system
boolean

If true it is an internal Rudder rule

Array of objects

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "updateRule"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "id": "0c1713ae-cb9d-4f7b-abda-ca38c5d643ea",
  • "displayName": "Security policy",
  • "shortDescription": "Baseline applying CIS guidelines",
  • "longDescription": "This rules should be applied to all Linux nodes required basic hardening",
  • "category": "38e0c6ea-917f-47b8-82e0-e6a1d3dd62ca",
  • "directives": [
    ],
  • "targets": [
    ],
  • "enabled": true,
  • "system": false,
  • "tags": [
    ]
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "updateRule",
  • "data": {
    }
}

Delete a rule

Delete a rule.

Authorizations:
API-Tokens
path Parameters
ruleId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the target rule

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "deleteRule"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request DELETE 'https://rudder.example.com/rudder/api/latest/rules/176ad06b-ed02-4da3-8053-16225d217741'

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "deleteRule",
  • "data": {
    }
}

Directives

Directives management

List all directives

List all directives

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listDirectives"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/directives

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listDirectives",
  • "data": {
    }
}

Create a directive

Create a new directive from provided parameters. You can specify a source directive to clone it.

Authorizations:
API-Tokens
Request Body schema: application/json
source
string <uuid>

The id of the directive the clone will be based onto. If this parameter if provided, the new directive will be a clone of this source. Other value will override values from the source.

id
string <uuid>

Directive id

displayName
string

Human readable name of the directive

shortDescription
string

One line directive description

longDescription
string <markdown>

Description of the technique (rendered as markdown)

techniqueName
string

Directive id

techniqueVersion
string

Directive id

priority
integer [ 0 .. 10 ]

Directive priority. 0 has highest priority.

enabled
boolean

Is the directive enabled

system
boolean

If true it is an internal Rudder directive

Array of objects
parameters
object

Directive parameters (depends on the source technique)

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "createDirective"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "source": "b9f6d98a-28bc-4d80-90f7-d2f14269e215",
  • "id": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "displayName": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "shortDescription": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "longDescription": "# Documentation\n* [Ticket link](https://tickets.example.com/issues/3456)",
  • "techniqueName": "userManagement",
  • "techniqueVersion": "8.0",
  • "priority": 5,
  • "enabled": true,
  • "system": false,
  • "tags": [
    ],
  • "parameters": {
    }
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "createDirective",
  • "data": {
    }
}

Get directive details

Get all information about a given directive

Authorizations:
API-Tokens
path Parameters
directiveId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the directive

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "directiveDetails"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/directives/17dadf50-6056-4c8b-a935-6b97d14b89a7

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "directiveDetails",
  • "data": {
    }
}

Delete a directive

Delete a directive

Authorizations:
API-Tokens
path Parameters
directiveId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the directive

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "deleteDirective"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request DELETE https://rudder.example.com/rudder/api/latest/directives/17dadf50-6056-4c8b-a935-6b97d14b89a7

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "deleteDirective",
  • "data": {
    }
}

Update a directive details

Update directive information

Authorizations:
API-Tokens
path Parameters
directiveId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the directive

Request Body schema: application/json
required
id
string <uuid>

Directive id

displayName
string

Human readable name of the directive

shortDescription
string

One line directive description

longDescription
string <markdown>

Description of the technique (rendered as markdown)

techniqueName
string

Directive id

techniqueVersion
string

Directive id

priority
integer [ 0 .. 10 ]

Directive priority. 0 has highest priority.

enabled
boolean

Is the directive enabled

system
boolean

If true it is an internal Rudder directive

policyMode
string
Enum: "enforce" "audit"

Policy mode of the directive

Array of objects
parameters
object

Directive parameters (depends on the source technique)

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "updateDirective"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "id": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "displayName": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "shortDescription": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "longDescription": "# Documentation\n* [Ticket link](https://tickets.example.com/issues/3456)",
  • "techniqueName": "userManagement",
  • "techniqueVersion": "8.0",
  • "priority": 5,
  • "enabled": true,
  • "system": false,
  • "policyMode": "audit",
  • "tags": [
    ],
  • "parameters": {
    }
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "updateDirective",
  • "data": {
    }
}

Check that update on a directive is valid

Check that update on a directive is valid

Authorizations:
API-Tokens
path Parameters
directiveId
required
string <uuid>
Example: 9a1773c9-0889-40b6-be89-f6504443ac1b

Id of the directive

Request Body schema: application/json
required
id
string <uuid>

Directive id

displayName
string

Human readable name of the directive

shortDescription
string

One line directive description

longDescription
string <markdown>

Description of the technique (rendered as markdown)

techniqueName
string

Directive id

techniqueVersion
string

Directive id

priority
integer [ 0 .. 10 ]

Directive priority. 0 has highest priority.

enabled
boolean

Is the directive enabled

system
boolean

If true it is an internal Rudder directive

policyMode
string
Enum: "enforce" "audit"

Policy mode of the directive

Array of objects
parameters
object

Directive parameters (depends on the source technique)

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "checkDirective"

The id of the action

required
object

Request samples

Content type
application/json
{
  • "id": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "displayName": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "shortDescription": "91252ea2-feb2-412d-8599-c6945fee02c4",
  • "longDescription": "# Documentation\n* [Ticket link](https://tickets.example.com/issues/3456)",
  • "techniqueName": "userManagement",
  • "techniqueVersion": "8.0",
  • "priority": 5,
  • "enabled": true,
  • "system": false,
  • "policyMode": "audit",
  • "tags": [
    ],
  • "parameters": {
    }
}

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "checkDirective",
  • "data": {
    }
}

Techniques

Techniques management

List methods

Get all generic methods metadata

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/methods

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

Reload methods

Reload methods metadata from file system

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request POST https://rudder.example.com/rudder/api/latest/methods/reload

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

List all techniques

List all technique with their versions

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/techniques

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

Create technique

Create a new technique in Rudder from a technique in the technique editor

Authorizations:
API-Tokens
Request Body schema: application/json
required
Array
id
string

Technique id

name
string

Technique name

version
string

version of this technique

category
string

category of this technique

description
string

description of this technique

source
string

Source of the technique, always editor here

Array of objects (technique-parameter)

Parameters for this technique

Array of objects (technique-resource)

Resources for this technique

Array of technique-method-call (object) or technique-block (object)

Method and blocks contained by this technique

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

List categories

Get all technique categories

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/techniques/categories

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

Reload techniques

Reload all techniques metadata from file system

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request POST https://rudder.example.com/rudder/api/latest/techniques/reload

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

List versions

List all techniques version

Authorizations:
API-Tokens

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/techniques/versions

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

Technique metadata by ID

Get each Technique's versions with their metadata by ID

Authorizations:
API-Tokens
path Parameters
techniqueId
required
string
Example: userManagement

Technique ID

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/techniques/foo

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

List all directives based on a technique

List all directives based on all version of a technique

Authorizations:
API-Tokens
path Parameters
techniqueId
required
string
Example: userManagement

Technique ID

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniquesDirectives"

The id of the action

required
object

Request samples

curl --header "X-API-Token: yourToken" --request GET https://rudder.example.com/rudder/api/latest/techniques/checkGenericFileContent/directives

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniquesDirectives",
  • "data": {
    }
}

Update technique

Update technique created with technique editor

Authorizations:
API-Tokens
path Parameters
techniqueId
required
string
Example: userManagement

Technique ID

techniqueVersion
required
string
Example: 6.0

Technique version

Request Body schema: application/json
required
Array
id
string

Technique id

name
string

Technique name

version
string

version of this technique

category
string

category of this technique

description
string

description of this technique

source
string

Source of the technique, always editor here

Array of objects (technique-parameter)

Parameters for this technique

Array of objects (technique-resource)

Resources for this technique

Array of technique-method-call (object) or technique-block (object)

Method and blocks contained by this technique

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required
object

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "result": "success",
  • "action": "listTechniques",
  • "data": {
    }
}

Delete technique

Delete a technique from technique editor

Authorizations:
API-Tokens
path Parameters
techniqueId
required
string
Example: userManagement

Technique ID

techniqueVersion
required
string
Example: 6.0

Technique version

Responses

Response Schema: application/json
result
required
string
Enum: "success" "error"

Result of the request

action
required
string
Value: "listTechniques"

The id of the action

required