Skip to content

API Reference

This document provides a complete reference for the LiMon REST API. The API is organized by domain entity and uses query parameters for filtering, pagination, and grouping.

Base URL

By default, the LiMon API server (served via Gunicorn) runs on port 8585. Cross-Origin Resource Sharing (CORS) is enabled to support frontend applications hosted on separate servers.

http://<your-server>:8585

Authentication & Security

The API employs a multi-tiered security model depending on the endpoint namespace:

  • Public Data (/api/v1/*, /api/output/*): No authentication required.
  • Administrative & Configuration (/api/admin/*, /api/v1/config/*): Requires a valid API key passed via the X-API-KEY header.
  • Subscription-Gated (/api/v1/reports/*): Requires an active Intelligence subscription.
  • Professional Tier (/api/admin/webhooks/*): Requires an API key + Professional tier license.

For endpoints requiring an API key, include it in your HTTP headers:

X-API-KEY: <your-api-key>

Infrastructure & System (Public)

Method Endpoint Description
GET /api/health API server infrastructure health check and status
GET /api/v1/system/capabilities Return detected environment capabilities (AD sync, sites, etc.)
GET /api/v1/system/schema-version Return current database schema version
GET /api/v1/dashboard/metrics Operational Health KPIs (servers online, active users, critical saturation). Cached (90s default)

License Monitoring Data (Public)

Servers & Sites

Method Endpoint Description
GET /api/v1/servers List all servers. Filters: status, type, search
GET /api/v1/servers/{id} Detailed server view with features and active sessions
GET /api/v1/servers/{id}/history License inventory change history
GET /api/v1/sites List all geographic sites with aggregated metrics
GET /api/v1/sites/{id} Site detail with servers, applications deployed, and metrics

Applications

Method Endpoint Description
GET /api/v1/applications List all applications. Filters: category, vendor, is_critical
GET /api/v1/applications/{id} Application detail with deployments, features, metrics
GET /api/v1/applications/{id}/sessions Active sessions for an application across all deployments
GET /api/v1/applications/{id}/usage_history Time-series usage data for charts. Includes by-site breakdown
GET /api/v1/applications/{id}/top_users Top users by sessions or hours
PUT /api/v1/applications/{id}/keystone Set or clear the keystone feature. Body: { feature_id: int\|null }

Users & Departments

Method Endpoint Description
GET /api/v1/users List all users with enriched data. Filters: department, source, days
GET /api/v1/users/{username} Detailed user profile with AD data, last seen/synced timestamps
GET /api/v1/users/{username}/activity User activity stats, top features, daily time-series, recent sessions
GET /api/v1/departments List all departments with aggregated metrics
GET /api/v1/departments/{name}/users List users in a department
GET /api/v1/departments/{name}/activity Department activity (charts and usage over time)

Usage, Analytics & Features

Method Endpoint Description
GET /api/v1/sessions Universal session query. Filters: status (active/archived), server_id, feature, user
GET /api/v1/usage Generate usage summary. Group by: feature, user, server, or day
GET /api/v1/denials Generate denial report using pre-computed views
GET /api/v1/events License events from imported logs. Filters: type (denied/queued/timeout)
GET /api/v1/features/{server_id}/{name}/usage_history Time-series usage data for specific features
GET /api/v1/features/lookup Lookup human-readable display name for a feature code
GET /api/v1/lookups/features Bulk feature display name mappings

Intelligence Reports Sub

Requires an active Intelligence Subscription.

Method Endpoint Description
POST /api/v1/reports/generate Submit async generation request. Types: money, audit, estate, app, site
GET /api/v1/reports/status/{id} Poll status of an async report generation command
GET /api/v1/reports/download/{file} Download a generated PDF report
GET /api/v1/reports/list List previously generated intelligence reports
DELETE /api/v1/reports/{filename} Delete a generated intelligence report
GET /api/v1/reports/schedules List all automated report schedules
POST /api/v1/reports/schedules Create a new automated report schedule
PUT /api/v1/reports/schedules/{id} Update an existing schedule
DELETE /api/v1/reports/schedules/{id} Delete a report schedule permanently
POST /api/v1/reports/schedules/{id}/run-now Trigger immediate synchronous generation + optional email delivery

Log Import Std

Requires any valid license key or active evaluation.

Method Endpoint Description
POST /api/v1/log-import/start Upload .log/.txt files (multipart/form-data). Max 200MB each
GET /api/v1/log-import/status/{id} Poll progress of an asynchronous import batch
GET /api/v1/log-import/history List recent import history (paginated)

Administrative Commands (API Key Required) Std

Method Endpoint Description
GET /api/admin/commands Lists available administrative commands (No Auth required to list)
POST /api/admin/command/{name} Executes a specific administrative command
GET /api/admin/license Returns installation ID and current license capabilities
POST /api/admin/license Validates and activates a new license key
GET /api/admin/stats Get counts of all configuration entities

System Configuration (API Key Required)

Method Endpoint Description
GET / PUT /api/v1/config/monitoring Get/Update monitoring settings (interval, retention)
GET / PUT /api/v1/config/smtp Get/Update SMTP configuration
POST /api/v1/config/smtp/test Send a test email
GET / PUT /api/v1/config/tools Get/Update license tool paths
POST /api/v1/config/tools/validate Validate a license tool binary path
GET / PUT /api/v1/config/feature-ignore Get/Update feature ignore lists
GET /api/v1/config/system Get company and licensing info (read-only)
GET /api/v1/config/about Get system metadata (Installation ID, schema version)
POST /api/v1/config/export Download config.yml generated from database
POST /api/v1/config/import Upload YAML to update configuration

Admin CRUD (API Key Required) Std

Standard RESTful CRUD operations (GET, POST, PUT, DELETE) are available under /api/admin/ for managing the following configuration objects:

  • /api/admin/applications
  • /api/admin/feature-mappings
  • /api/admin/sites
  • /api/admin/servers
  • /api/admin/deployments
  • /api/admin/license-history
  • /api/admin/webhooks (Requires Professional Tier)

Setup Wizard (Initialization Guard) Std

Note: Returns 403 Forbidden if the system is already initialized (config.yml exists).

Method Endpoint Description
GET /api/v1/wizard/status Return wizard initialization state
GET /api/v1/wizard/defaults Return shipped defaults and environment variables
GET /api/v1/wizard/timezones Return list of IANA timezone names
POST /api/v1/wizard/test-db Test database connection with provided credentials
POST /api/v1/wizard/run-migrations Apply pending database migrations
POST /api/v1/wizard/generate-secrets Generate admin token and API key
POST /api/v1/wizard/test-tool Validate a license tool binary path
POST /api/v1/wizard/test-server Poll a license server and return features found
POST /api/v1/wizard/test-smtp Send a test email via SMTP
POST /api/v1/wizard/prepare-activation Ensure installation_id exists before activation key entry
POST /api/v1/wizard/finalize Write configuration to DB & config.yml, restart system

Static Output Files (Public)

Method Endpoint Description
GET /api/output/dashboard Pre-generated HTML dashboard overview
GET /api/output/server/{name} Server-specific HTML output
GET /api/output/alerts HTML license alerts and warnings
GET /api/output/list JSON list of all available HTML output files
GET /api/output/file/{name} Fetch any HTML output file by filename
POST /api/output/refresh Trigger immediate refresh of static output files
```