Standard API — Cookbook
Standard API — Cookbook
Section titled “Standard API — Cookbook”Base URL:
https://standard-api.bekaa.euAuth: Cookie session (browser) ouAuthorization: Bearer standard_live_...(M2M)
🔐 Autenticação
Section titled “🔐 Autenticação”Login (email/password)
Section titled “Login (email/password)”curl -X POST https://standard-api.bekaa.eu/api/auth/sign-in/email \ -H "Content-Type: application/json" \ -d '{"email": "user@example.com", "password": "s3cur3!"}'Verificar sessão
Section titled “Verificar sessão”curl https://standard-api.bekaa.eu/api/auth/get-session \ -H "Cookie: standard-native-auth.session_token=..."🏢 Organizações (Tenants)
Section titled “🏢 Organizações (Tenants)”Listar minhas organizações
Section titled “Listar minhas organizações”curl https://standard-api.bekaa.eu/api/v1/users/me/organizations \ -H "Cookie: ..."Ativar uma organização
Section titled “Ativar uma organização”curl -X POST https://standard-api.bekaa.eu/api/v1/users/me/orgs/{orgId}/activate \ -H "Cookie: ..."Dashboard da organização
Section titled “Dashboard da organização”curl https://standard-api.bekaa.eu/api/v1/organizations/{orgId}/dashboard \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"🛡️ SCF — Secure Controls Framework
Section titled “🛡️ SCF — Secure Controls Framework”Listar domínios SCF
Section titled “Listar domínios SCF”curl https://standard-api.bekaa.eu/api/v1/scf/domains \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"Buscar controles por domínio
Section titled “Buscar controles por domínio”curl "https://standard-api.bekaa.eu/api/v1/scf/controls?domain=ACC" \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"Buscar controles de um framework (ex: ISO 27001)
Section titled “Buscar controles de um framework (ex: ISO 27001)”curl "https://standard-api.bekaa.eu/api/v1/scf/controls?framework=ISO+27001" \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"Controle específico
Section titled “Controle específico”curl https://standard-api.bekaa.eu/api/v1/scf/controls/{controlId} \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"Frameworks disponíveis
Section titled “Frameworks disponíveis”curl https://standard-api.bekaa.eu/api/v1/scf/frameworks \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"Crosswalks (mappings entre frameworks)
Section titled “Crosswalks (mappings entre frameworks)”curl "https://standard-api.bekaa.eu/api/v1/scf/crosswalks?framework=ISO+27001" \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}"📋 Assessments
Section titled “📋 Assessments”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments \ -H "Content-Type: application/json" \ -H "Cookie: ..." \ -H "x-standard-tenant-id: {orgId}" \ -d '{"name": "ISO 27001 Q3", "framework_id": "iso-27001"}'Listar
Section titled “Listar”curl https://standard-api.bekaa.eu/api/v1/assessments \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Detalhe
Section titled “Detalhe”curl https://standard-api.bekaa.eu/api/v1/assessments/{id} \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Status
Section titled “Status”curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/status \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Resumo (dashboard)
Section titled “Resumo (dashboard)”curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/summary \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Timeline
Section titled “Timeline”curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/timeline \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"📄 Documentos
Section titled “📄 Documentos”Upload
Section titled “Upload”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments/{id}/documents \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -F "file=@policy.pdf" -F "category=policy"Listar
Section titled “Listar”curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/documents \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Chunks (pós-ingestão)
Section titled “Chunks (pós-ingestão)”curl https://standard-api.bekaa.eu/api/v1/documents/{docId}/chunks \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Reprocessar
Section titled “Reprocessar”curl -X POST https://standard-api.bekaa.eu/api/v1/documents/{docId}/reprocess \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"🔍 Knowledge Base (KB)
Section titled “🔍 Knowledge Base (KB)”Busca semântica
Section titled “Busca semântica”curl -X POST https://standard-api.bekaa.eu/api/v1/kb/search \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"query": "access control policy for privileged accounts", "assessment_id": "{id}", "top_k": 10}'📊 Gap Analysis
Section titled “📊 Gap Analysis”Listar gaps
Section titled “Listar gaps”curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/gaps \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Criar gap
Section titled “Criar gap”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments/{id}/gaps \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"control_id": "ACC-01", "status": "not_implemented", "severity": "high"}'✅ SoA / 📈 POA&M / 📝 Reports
Section titled “✅ SoA / 📈 POA&M / 📝 Reports”curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/soa \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"curl https://standard-api.bekaa.eu/api/v1/assessments/{id}/poam \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Gerar relatório
Section titled “Gerar relatório”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments/{id}/reports \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"format": "pdf", "template": "executive_summary"}'🤖 Agents / ⚙️ Workflows
Section titled “🤖 Agents / ⚙️ Workflows”Listar agentes
Section titled “Listar agentes”curl https://standard-api.bekaa.eu/api/v1/agent-runtime/agents \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Executar agente
Section titled “Executar agente”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments/{id}/agent-runs \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"agent_id": "standard-gap-analyst"}'Iniciar workflow
Section titled “Iniciar workflow”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments/{id}/workflows \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"workflow_type": "full_assessment"}'Transição de lifecycle
Section titled “Transição de lifecycle”curl -X POST https://standard-api.bekaa.eu/api/v1/assessments/{id}/lifecycle/transition \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"target_state": "documents_uploaded"}'👥 Membros / 🔑 API Keys
Section titled “👥 Membros / 🔑 API Keys”Listar membros
Section titled “Listar membros”curl https://standard-api.bekaa.eu/api/v1/organizations/{orgId}/members \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}"Convidar membro
Section titled “Convidar membro”curl -X POST https://standard-api.bekaa.eu/api/v1/organizations/{orgId}/members/invite \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"email": "analyst@co.com", "role": "member"}'Criar API key
Section titled “Criar API key”curl -X POST https://standard-api.bekaa.eu/api/v1/organizations/{orgId}/api-keys \ -H "Content-Type: application/json" \ -H "Cookie: ..." -H "x-standard-tenant-id: {orgId}" \ -d '{"name": "CI Pipeline", "scopes": ["assessment:read", "scf:read"]}'🏥 Health
Section titled “🏥 Health”# Públicocurl https://standard-api.bekaa.eu/api/v1/health
# Detalhado (requer auth)curl https://standard-api.bekaa.eu/api/v1/health/detailed \ -H "Cookie: ..."🛡️ Admin (requer platform_admin)
Section titled “🛡️ Admin (requer platform_admin)”# Listar usuárioscurl https://standard-api.bekaa.eu/api/v1/admin/users -H "Cookie: ..."
# Listar tenantscurl https://standard-api.bekaa.eu/api/v1/tenants -H "Cookie: ..."
# Banir usuáriocurl -X POST https://standard-api.bekaa.eu/api/v1/admin/users/{userId}/ban \ -H "Content-Type: application/json" -H "Cookie: ..." \ -d '{"reason": "Policy violation"}'📡 Headers
Section titled “📡 Headers”| Header | Quando | Valor |
|---|---|---|
Cookie | Browser | standard-native-auth.session_token=... |
Authorization | M2M | Bearer standard_live_... |
x-standard-tenant-id | Rotas tenant-scoped | UUID da org ativa |
Content-Type | POST/PUT/PATCH | application/json |
⚠️ Erros
Section titled “⚠️ Erros”{"error": {"code": "NOT_FOUND", "message": "Resource not found.", "trace_id": "abc-123"}}| HTTP | Código | Significado |
|---|---|---|
| 401 | UNAUTHORIZED | Sessão expirada |
| 403 | FORBIDDEN | Sem permissão |
| 404 | NOT_FOUND | Recurso não existe |
| 409 | CONFLICT | Estado inválido |
| 422 | VALIDATION_ERROR | Input inválido |
| 429 | RATE_LIMITED | Rate limit |
| 500 | INTERNAL_ERROR | Erro interno |