The Cloud Conformity API allows you to programmatically interact with Cloud Conformity
The table below lists the Cloud Conformity API endpoints:
| Region | Endpoint |
|---|---|
| Europe (Ireland - eu-west-1) | https://eu-west-1-api.cloudconformity.com/v1 |
| Australia (Sydney - ap-southeast-2) | https://ap-southeast-2-api.cloudconformity.com/v1 |
| US (Oregon - us-west-2) | https://us-west-2-api.cloudconformity.com/v1 |
This early API is subject to change. Cloud Conformity will use commercially reasonable efforts to support the previous version of the API. The API is provided on an ‘AS IS’ and ‘WHEN AVAILABLE’ basis. Cloud Conformity has no liability to user as a result of any change to the API.
All requests to Cloud Conformity's API must be authenticated. An API key is a secure 64-bit strong key randomly generated by Cloud Conformity on behalf of a user. To generate an API Key, navigate to User settings > API Keys and click on New API Key to generate your API key.
Your new API Key will be generated and can be downloaded as shown in the following screenshot:
Note:
When you create an API key, Cloud Conformity gives you an opportunity to copy and download the key only once. If you don't download it or if you lose it, you can delete the API key and then create a new one.
You can have a maximum of two API keys (active or inactive) at a time
A newly created API key has the status of enable meaning that you can use the key for API calls. You can have up to two API keys for your Cloud Conformity account at a time, which is useful when you want to rotate the API keys. When you disable an API key, you can't use it for API calls.
When using API keys:
- Rotate API keys periodically
- Remove unused API keys
All requests to Cloud Conformity's API must be authenticated. Add an Authorization header with the ‘APIKey’, and your 64-bit key:
ApiKey r1WxLyo_-ZjLjkB3WtQ1u5XOwExfnxV2f0cCrHaPPoWZ8GgGUfdFZZ3LWkvcBL9i
The Cloud Conformity API uses HTTP status codes to indicate the success or failure of a request. An error indicates that the API did not successfully handle your request. In addition to the status code, the response may contain additional information about problems encountered while performing an operation.
Status Code:
200 OK201 Created202 Accepted204 No Content301 Moved Permanently304 Not Modified400 Bad Request401 Unauthorized403 Forbidden404 Not Found422 Unprocessable Entity500 Internal Server Error
Note:
When getting 401 and 403 errors, double check that you have the correct privileges. For example, if you have Read-Only access to an account, you can perform read calls such as pulling a list of existing checks from the
GET /checksendpoint. However, you cannot perform write calls such as requesting a conformity bot run from thePOST /accounts/id/scanendpoint.
There are two parameters to configure pagination:
| Name | Definition |
|---|---|
page[size] |
Indicates the number of results that should be returned. Maximum value is 1000 and defaults to 100 if not specified |
page[number] |
Indicates the page number, defaults to 0 |
Below is a list of the available APIs:
If you have questions or issues using the Cloud Conformity API, please contact us at [email protected]