Cargando…
Cargando…
Enterprise
Integrate simiriki into your operations stack. Ingest events, query posture, trigger playbooks, and generate executive reports programmatically.
Base URL
https://api.simiriki.com/api/v1All endpoints are prefixed with /api/v1. Requests and responses use JSON.
Authentication
All authenticated endpoints require a JWT Bearer token and an x-org-id header for tenant scoping.
| Header | Value | Description |
|---|---|---|
| Authorization | Bearer <token> | JWT token obtained from the auth flow |
| x-org-id | <uuid> | Organization ID for tenant scoping (row-level security) |
| Content-Type | application/json | Required for POST/PATCH requests with a body |
dashboard.simiriki.comAuthorization header as a Bearer tokenExample Request
curl -X GET https://api.simiriki.com/api/v1/events \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID" \
-H "Content-Type: application/json"Events
Ingest operational events from any source, query event history, and register custom event sources.
Ingest an operational event into the pipeline. Authenticates via x-api-key header or x-org-id header. Events flow through the detection pipeline automatically after ingestion.
Auth: x-api-key or x-org-id header
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| event_type | string | Yes | Type of event (e.g. "user.login", "policy.change") |
| source | string | Yes | Event source identifier |
| payload | object | Yes | Event payload data |
| timestamp | string | No | ISO 8601 timestamp (defaults to now) |
Response Example
{
"status": "accepted",
"event_id": "evt_a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"event_type": "user.login",
"timestamp": "2026-04-09T14:30:00.000Z"
}Code Samples
curl -X POST https://api.simiriki.com/api/v1/events/ingest \
-H "x-api-key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"event_type": "user.login",
"source": "azure-ad",
"payload": {
"user_email": "admin@contoso.com",
"ip_address": "203.0.113.42",
"success": true
}
}'Query events for your organization. Supports filtering by event type, source, and time range with pagination.
Auth: JWT Bearer + x-org-id
Query Parameters
| Name | Type | Description |
|---|---|---|
| event_type | string | Filter by event type |
| source | string | Filter by source (e.g. "azure-ad", "microsoft365") |
| from | string | Start date (ISO 8601) |
| to | string | End date (ISO 8601) |
| limit | number | Max results (default 50) |
| offset | number | Pagination offset |
Response Example
{
"events": [
{
"event_id": "evt_a1b2c3d4-...",
"event_type": "user.login",
"source": "azure-ad",
"payload": { ... },
"timestamp": "2026-04-09T14:30:00.000Z",
"processed": true
}
],
"total": 1283,
"limit": 50,
"offset": 0
}Code Samples
curl -X GET "https://api.simiriki.com/api/v1/events?source=azure-ad&limit=20" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Retrieve a single event by its ID, including its full payload and processing status.
Auth: JWT Bearer + x-org-id
Response Example
{
"event_id": "evt_a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"event_type": "policy.change",
"source": "microsoft365",
"payload": {
"policy_name": "MFA Enforcement",
"action": "disabled",
"actor": "admin@contoso.com"
},
"timestamp": "2026-04-09T14:30:00.000Z",
"processed": true,
"created_at": "2026-04-09T14:30:01.234Z"
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/events/evt_a1b2c3d4 \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Observe & Posture
Monitor security posture, track OS Score over time, and query findings across your managed organizations.
Get the latest security posture snapshot for a tenant, including the OS Score, dimension breakdowns, and risk indicators.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Response Example
{
"tenant_id": "t_abc123",
"os_score": 73,
"dimensions": {
"identity": 82,
"security": 68,
"compliance": 71,
"operations": 74
},
"risk_level": "medium",
"findings_open": 12,
"findings_critical": 2,
"computed_at": "2026-04-09T14:00:00.000Z"
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/observe/posture/TENANT_ID \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Retrieve posture history for trend visualization. Returns daily snapshots of the OS Score and dimension breakdowns.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Query Parameters
| Name | Type | Description |
|---|---|---|
| days | number | Number of days of history (default 30) |
Response Example
{
"tenant_id": "t_abc123",
"history": [
{
"os_score": 73,
"dimensions": { "identity": 82, "security": 68, ... },
"computed_at": "2026-04-09T00:00:00.000Z"
},
{
"os_score": 71,
"dimensions": { "identity": 80, "security": 67, ... },
"computed_at": "2026-04-08T00:00:00.000Z"
}
]
}Code Samples
curl -X GET "https://api.simiriki.com/api/v1/observe/posture/TENANT_ID/history?days=14" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Get findings summary for a tenant. Returns categorized findings with severity, status, and affected resources.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Response Example
{
"tenant_id": "t_abc123",
"total": 37,
"by_severity": {
"critical": 2,
"high": 8,
"medium": 15,
"low": 12
},
"by_status": {
"open": 22,
"in_progress": 9,
"resolved": 6
},
"findings": [
{
"finding_id": "f_xyz789",
"title": "MFA not enforced for admins",
"severity": "critical",
"status": "open",
"detection_rule": "identity.mfa_enforcement",
"created_at": "2026-04-08T10:15:00.000Z"
}
]
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/observe/findings/TENANT_ID \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Trigger a posture recomputation for a specific tenant. Useful after bulk event ingestion or connector sync completion.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Response Example
{
"tenant_id": "t_abc123",
"os_score": 75,
"dimensions": {
"identity": 84,
"security": 70,
"compliance": 72,
"operations": 76
},
"computed_at": "2026-04-09T14:35:00.000Z"
}Code Samples
curl -X POST https://api.simiriki.com/api/v1/observe/posture/TENANT_ID \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Operations
Query operational timelines, entity lifecycles, cost analysis, and the operational commit log.
Get the operational timeline for your organization. Returns chronological events, changes, and actions across all managed entities.
Auth: JWT Bearer + x-org-id
Query Parameters
| Name | Type | Description |
|---|---|---|
| limit | number | Max results (default 50) |
| group_by | string | Set to "entity" for grouped view |
Response Example
{
"timeline": [
{
"id": "op_123",
"event_type": "policy.change",
"entity": "MFA Policy",
"actor": "admin@contoso.com",
"summary": "Conditional Access policy updated",
"timestamp": "2026-04-09T14:30:00.000Z"
}
]
}Code Samples
curl -X GET "https://api.simiriki.com/api/v1/operations/timeline?limit=20" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Get the Operational Cost of Complexity for your organization. Quantifies the hidden cost of operational overhead in dollars.
Auth: JWT Bearer + x-org-id
Query Parameters
| Name | Type | Description |
|---|---|---|
| period_days | number | Analysis period in days |
| avg_hourly_cost | number | Average hourly cost of an operator (USD) |
Response Example
{
"org_id": "org_abc123",
"period_days": 30,
"total_cost_usd": 14280,
"breakdown": {
"identity_management": 3200,
"security_incidents": 5400,
"compliance_reviews": 2800,
"operational_overhead": 2880
},
"hours_spent": 238,
"avg_hourly_cost": 60
}Code Samples
curl -X GET "https://api.simiriki.com/api/v1/operations/cost?period_days=30" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Get the current operational status summary, including active connectors, pending actions, and system health.
Auth: JWT Bearer + x-org-id
Response Example
{
"org_id": "org_abc123",
"status": "healthy",
"active_connectors": 8,
"pending_actions": 3,
"last_event_at": "2026-04-09T14:28:00.000Z",
"last_scan_at": "2026-04-09T14:00:00.000Z"
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/operations/status \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Playbooks
Manage remediation playbooks, trigger executions, and track impact. Playbooks automate multi-step corrective actions.
List all playbooks available for your organization, including library playbooks and custom definitions.
Auth: JWT Bearer + x-org-id
Response Example
{
"playbooks": [
{
"playbook_id": "pb_001",
"name": "Enforce MFA for Admins",
"description": "Enables MFA requirement for all admin accounts",
"trigger_type": "finding.identity.mfa",
"steps": 4,
"last_run": "2026-04-08T09:00:00.000Z",
"enabled": true
}
]
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/playbooks \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Manually trigger a playbook execution for a specific finding. Executes all steps with full audit trail.
Auth: JWT Bearer + x-org-id
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| playbook_id | string | Yes | ID of the playbook to execute |
| insight_id | string | Yes | ID of the finding/insight to remediate |
Response Example
{
"execution": {
"execution_id": "exec_789",
"playbook_id": "pb_001",
"insight_id": "f_xyz789",
"status": "running",
"started_at": "2026-04-09T14:35:00.000Z",
"steps_total": 4,
"steps_completed": 0
}
}Code Samples
curl -X POST https://api.simiriki.com/api/v1/playbooks/trigger \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID" \
-H "Content-Type: application/json" \
-d '{
"playbook_id": "pb_001",
"insight_id": "f_xyz789"
}'List all playbook executions for your organization, including status, duration, and impact metrics.
Auth: JWT Bearer + x-org-id
Response Example
{
"executions": [
{
"execution_id": "exec_789",
"playbook_id": "pb_001",
"playbook_name": "Enforce MFA for Admins",
"status": "completed",
"started_at": "2026-04-08T09:00:00.000Z",
"completed_at": "2026-04-08T09:02:30.000Z",
"steps_total": 4,
"steps_completed": 4,
"impact_score": 8.5
}
]
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/playbooks/executions \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Recommendations
Get AI-generated remediation recommendations, browse the playbook catalog, and accept or reject suggested actions.
Get the recommendation summary for a tenant. Returns prioritized recommendations based on findings and posture analysis.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Response Example
{
"tenant_id": "t_abc123",
"recommendations": [
{
"id": "rec_456",
"title": "Enable MFA for 3 admin accounts",
"priority": "critical",
"playbook_id": "pb_001",
"estimated_impact": "+5 OS Score",
"status": "pending",
"created_at": "2026-04-09T10:00:00.000Z"
}
],
"total": 8,
"by_priority": {
"critical": 2,
"high": 3,
"medium": 3
}
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/recommend/TENANT_ID \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Accept a recommendation, marking it for execution. The associated playbook can then be triggered.
Auth: JWT Bearer + x-org-id (admin or owner role)
Response Example
{
"id": "rec_456",
"status": "accepted",
"accepted_by": "user_abc",
"accepted_at": "2026-04-09T14:40:00.000Z"
}Code Samples
curl -X POST https://api.simiriki.com/api/v1/recommend/rec_456/accept \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"List the full playbook catalog. Returns all available playbooks with their step definitions and trigger types.
Auth: JWT Bearer + x-org-id (viewer, operator, admin, or owner role)
Response Example
[
{
"id": "pb_001",
"name": "Enforce MFA for Admins",
"category": "identity",
"trigger_type": "finding.identity.mfa",
"steps": [
{ "order": 1, "action": "detect_affected_users" },
{ "order": 2, "action": "enable_mfa_policy" },
{ "order": 3, "action": "notify_users" },
{ "order": 4, "action": "verify_compliance" }
],
"estimated_duration_minutes": 5
}
]Code Samples
curl -X GET https://api.simiriki.com/api/v1/recommend/playbooks \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Watch & Reports
Manage scheduled monitoring jobs, view posture trends, access notification history, and generate executive reports.
Get posture trends for a tenant. Returns time-series data showing how the OS Score and dimensions evolve over time.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Query Parameters
| Name | Type | Description |
|---|---|---|
| period | string | Aggregation period: "daily", "weekly", "monthly" (default "daily") |
| limit | number | Number of data points (default 30) |
Response Example
{
"tenant_id": "t_abc123",
"period": "daily",
"trends": [
{
"date": "2026-04-09",
"os_score": 73,
"findings_open": 12,
"findings_resolved": 3,
"events_count": 847
}
]
}Code Samples
curl -X GET "https://api.simiriki.com/api/v1/watch/TENANT_ID/trends?period=daily&limit=14" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Generate an executive report for a tenant. Returns a structured report with posture summary, findings, recommendations, and trend analysis.
Auth: JWT Bearer + x-org-id (admin or owner role)
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| period_days | number | No | Report period in days (default 7) |
| report_type | string | No | "weekly", "monthly", or "on_demand" (default "on_demand") |
Response Example
{
"report_id": "rpt_abc123",
"tenant_id": "t_abc123",
"report_type": "weekly",
"period_days": 7,
"summary": {
"os_score_start": 68,
"os_score_end": 73,
"findings_opened": 5,
"findings_resolved": 8,
"playbooks_executed": 3
},
"generated_at": "2026-04-09T14:45:00.000Z"
}Code Samples
curl -X POST https://api.simiriki.com/api/v1/watch/TENANT_ID/report \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID" \
-H "Content-Type: application/json" \
-d '{
"period_days": 7,
"report_type": "weekly"
}'Download a generated executive report as a PDF. Returns a binary PDF file with the report content formatted for executive distribution.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Response Example
Content-Type: application/pdf
Content-Disposition: attachment; filename="simiriki-report-weekly-rpt_abc1.pdf"
[Binary PDF data]Code Samples
curl -X GET https://api.simiriki.com/api/v1/watch/report/rpt_abc123/pdf \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID" \
-o report.pdfGet notification history for a tenant. Returns alerts, status changes, and system notifications.
Auth: JWT Bearer + x-org-id (operator, admin, or owner role)
Query Parameters
| Name | Type | Description |
|---|---|---|
| limit | number | Max results (default 50) |
Response Example
{
"notifications": [
{
"id": "notif_123",
"type": "finding.critical",
"title": "New critical finding detected",
"body": "MFA not enforced for 3 admin accounts",
"read": false,
"created_at": "2026-04-09T14:30:00.000Z"
}
]
}Code Samples
curl -X GET "https://api.simiriki.com/api/v1/watch/TENANT_ID/notifications?limit=20" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "x-org-id: YOUR_ORG_ID"Growth & Diagnostics
Public diagnostic endpoints for operational maturity assessment. No authentication required for submission.
Submit a diagnostic assessment. Returns a complexity score, maturity level, and estimated annual cost of operational complexity. No authentication required.
Auth: Public (no auth required)
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| responses | object | Yes | Map of question IDs to answers |
| company_size | string | No | Company size range (e.g. "11-50", "51-200") |
| string | No | Contact email for follow-up | |
| company | string | No | Company name |
Response Example
{
"id": "diag_abc123",
"complexity_score": 67,
"maturity_level": 2,
"maturity_label": "Reactive",
"maturity_label_es": "Reactivo",
"estimated_annual_cost_usd": 142800,
"cost_label": "$142,800 / year",
"created_at": "2026-04-09T14:50:00.000Z"
}Code Samples
curl -X POST https://api.simiriki.com/api/v1/growth/diagnostic/submit \
-H "Content-Type: application/json" \
-d '{
"responses": {
"q1": "manual",
"q2": "spreadsheets",
"q3": "weekly"
},
"company_size": "51-200",
"email": "cto@example.com",
"company": "Acme Corp"
}'Retrieve a previously submitted diagnostic result by its ID. No authentication required.
Auth: Public (no auth required)
Response Example
{
"id": "diag_abc123",
"complexity_score": 67,
"maturity_level": 2,
"maturity_label": "Reactive",
"responses": {
"q1": "manual",
"q2": "spreadsheets",
"q3": "weekly"
},
"company_size": "51-200",
"created_at": "2026-04-09T14:50:00.000Z"
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/growth/diagnostic/diag_abc123Get anonymized, aggregated benchmark data across all diagnostic submissions. Useful for industry comparisons.
Auth: Public (no auth required)
Response Example
{
"total_diagnostics": 1240,
"avg_complexity_score": 58,
"maturity_distribution": {
"ad_hoc": 0.15,
"reactive": 0.35,
"defined": 0.30,
"managed": 0.15,
"optimized": 0.05
},
"avg_annual_cost_usd": 98400,
"updated_at": "2026-04-09T00:00:00.000Z"
}Code Samples
curl -X GET https://api.simiriki.com/api/v1/growth/benchmarks/publicRate Limits
All API endpoints are rate-limited to ensure fair usage and platform stability.
| Tier | Limit | Window |
|---|---|---|
| Public endpoints (diagnostic, benchmarks) | 60 requests | per minute |
| Authenticated read endpoints | 300 requests | per minute |
| Event ingestion | 1,000 events | per minute |
| Write endpoints (POST/PATCH) | 120 requests | per minute |
| Report generation | 10 requests | per hour |
Rate-limited responses return HTTP 429 Too Many Requests with a Retry-After header indicating when to retry.
HTTP/1.1 429 Too Many Requests
Retry-After: 30
Content-Type: application/json
{
"statusCode": 429,
"message": "Rate limit exceeded. Retry after 30 seconds.",
"error": "Too Many Requests"
}Error Codes
All errors follow a consistent JSON structure with a status code and human-readable message.
| Code | Meaning |
|---|---|
| 400 | Bad Request — missing or invalid parameters |
| 401 | Unauthorized — missing or invalid token |
| 403 | Forbidden — insufficient role for this endpoint |
| 404 | Not Found — resource does not exist |
| 429 | Too Many Requests — rate limit exceeded |
| 500 | Internal Server Error — contact support |
{
"statusCode": 401,
"message": "Unauthorized",
"error": "Missing or invalid Bearer token"
}Get API access and start building operational intelligence into your stack today.