Skip to content

API Reference

This page summarizes the API surfaces most operators and integrations need. It focuses on common integration and administration paths rather than every internal endpoint.

Base URL

Docker deployments usually expose the API through the bundled proxy:

http://<your-server>/api/...

Package installs and direct service access use the Flask/Gunicorn port:

http://<your-server>:8585/api/...

Authentication

Public monitoring endpoints are readable without an API key. Administrative, configuration, setup, and report operations require the API key generated during setup.

X-API-KEY: <your-api-key>
Namespace Typical access
/api/health Public health check.
/api/v1/* monitoring reads Public monitoring data for the frontend and integrations.
/api/v1/admin/* API key required. Some endpoints are tier-gated.
/api/v1/config/* API key required.
/api/v1/reports/* API key plus active report entitlement where applicable.
/api/v1/wizard/* First-run setup flow; guarded once setup is complete.

System And Monitoring

Method Endpoint Description
GET /api/health API process health check.
GET /api/v1/system/capabilities Detected edition, tier, and feature capabilities.
GET /api/v1/system/schema-version Current database schema version.
GET /api/v1/system/enrichment-summary User/directory enrichment status summary.
GET /api/v1/dashboard/metrics JSON dashboard KPIs for the web UI. This is not Prometheus text.
GET /api/v1/servers Server list with status and summary metrics.
GET /api/v1/servers/{id} Server detail, including features and active usage.
GET /api/v1/servers/{id}/history License inventory history for a server.
GET /api/v1/applications Product/application rollups.
GET /api/v1/applications/{id} Application detail and deployments.
GET /api/v1/sites Site/location rollups.
GET /api/v1/users User activity list, enriched when directory sync is enabled.
GET /api/v1/departments Department rollups where enrichment is available.
GET /api/v1/sessions Active or archived sessions with filters.
GET /api/v1/usage Usage summaries grouped by feature, user, server, or day.
GET /api/v1/denials Denial summaries from imported/debug log data.
GET /api/v1/events Parsed license events such as denials, queues, and timeouts.
GET /api/v1/licenses/search License inventory search.
GET /api/v1/features/unused Features with little or no observed usage.
GET /api/v1/features/lookup Display-name lookup for feature codes.

Prometheus And Generated Output

LiMon exposes Prometheus text through the generated output API:

Method Endpoint Description
GET /api/v1/output/prometheus Prometheus text exposition backed by reports/data/metrics.prom.
GET /api/v1/output/dashboard Generated dashboard HTML from the monitoring service.
GET /api/v1/output/server/{name} Generated server-specific HTML output.
GET /api/v1/output/alerts Generated alert HTML output.
GET /api/v1/output/list List generated HTML files.
GET /api/v1/output/file/{name} Fetch one generated HTML output file.
POST /api/v1/output/refresh Request output refresh where supported.

Recommended Prometheus scrape configuration:

scrape_configs:
  - job_name: "limon"
    metrics_path: /api/v1/output/prometheus
    scheme: http
    static_configs:
      - targets:
          - limon.example.internal

/api/v1/output/prometheus contains lightweight operational metrics generated by the monitor, such as command counters and poll timings. It is distinct from /api/v1/dashboard/metrics, which returns JSON dashboard KPIs for LiMon itself.

Configuration And Admin

Method Endpoint Description
GET / PUT /api/v1/config/monitoring Monitoring settings such as interval, retention, and thresholds.
GET / PUT /api/v1/config/tools Vendor tool paths.
POST /api/v1/config/tools/validate Validate a vendor utility binary.
GET / PUT /api/v1/config/smtp SMTP settings.
POST /api/v1/config/smtp/test Send a test email.
GET / PUT /api/v1/config/directory AD/LDAP directory settings.
POST /api/v1/config/directory/test Test directory connectivity.
GET / PUT /api/v1/config/feature-ignore Vendor/global feature ignore lists.
GET / PUT /api/v1/config/reports Report styling, output, and report defaults.
GET / PUT /api/v1/config/privacy Privacy and anonymization behavior.
GET /api/v1/config/system Company and license-related system details.
GET /api/v1/config/about Installation ID, schema, and runtime metadata.
POST /api/v1/config/export Export current configuration as YAML.
POST /api/v1/config/import Import YAML into DB-backed configuration.

Common Admin UI data is managed under /api/v1/admin/*:

Method Endpoint Description
GET /api/v1/admin/stats Admin dashboard counts and status.
GET /api/v1/admin/license License and installation information.
POST /api/v1/admin/license Activate or update a license key.
GET /api/v1/admin/api-key Read API key status.
POST /api/v1/admin/api-key/rotate Rotate the active API key.
DELETE /api/v1/admin/api-key/previous Revoke the previous API key after rotation.
GET / POST /api/v1/admin/servers List or create monitored servers.
POST /api/v1/admin/servers/batch Batch-create server records.
POST /api/v1/admin/servers/{id}/test Test a configured server.
POST /api/v1/admin/servers/{id}/decommission Stop polling a server while preserving history.
POST /api/v1/admin/servers/{id}/reactivate Reactivate a decommissioned server.
GET / POST /api/v1/admin/applications List or create applications.
GET / POST /api/v1/admin/sites List or create sites.
GET / POST /api/v1/admin/feature-mappings Manage feature display/cost mappings.
GET / POST /api/v1/admin/webhooks Manage webhooks. Pro

Reports And Log Import

Method Endpoint Description
POST /api/v1/reports/generate Submit an async report request.
GET /api/v1/reports/status/{id} Poll report command status.
GET /api/v1/reports/download/{file} Download a generated PDF.
GET /api/v1/reports/list List generated reports.
GET /api/v1/reports/view/money Read savings report view data.
GET /api/v1/reports/view/audit Read audit defense report view data.
GET /api/v1/reports/view/estate Read estate report view data.
GET /api/v1/reports/view/app Read application report view data.
GET /api/v1/reports/view/site Read site report view data.
GET /api/v1/reports/view/chargeback Read chargeback report view data.
GET / POST /api/v1/reports/schedules List or create report schedules.
PUT / DELETE /api/v1/reports/schedules/{id} Update or delete a schedule.
POST /api/v1/reports/schedules/{id}/run-now Run a schedule immediately.
POST /api/v1/log-import/start Upload .log or .txt files for async import.
GET /api/v1/log-import/status/{id} Poll import progress.
GET /api/v1/log-import/history Read recent import history.

Setup Wizard

Wizard endpoints are intended for first-run initialization.

Method Endpoint Description
GET /api/v1/wizard/status Wizard initialization state.
GET /api/v1/wizard/defaults Shipped defaults and environment-derived values.
GET /api/v1/wizard/timezones IANA timezone list.
GET / POST /api/v1/wizard/state Read or update saved wizard state.
POST /api/v1/wizard/test-db Test database settings.
POST /api/v1/wizard/run-migrations Apply pending database migrations.
POST /api/v1/wizard/generate-secrets Generate admin/API credentials.
POST /api/v1/wizard/test-tool Validate a vendor tool path.
POST /api/v1/wizard/test-server Poll a candidate license server.
POST /api/v1/wizard/test-smtp Send a test SMTP message.
POST /api/v1/wizard/prepare-activation Prepare installation identity before activation.
POST /api/v1/wizard/finalize Persist setup and leave wizard mode.

Compliance Ledger Pro

Method Endpoint Description
GET /api/v1/system/compliance-ledger/status Ledger health and current status.
GET /api/v1/system/compliance-ledger/verify Verify ledger integrity.
GET /api/v1/system/compliance-ledger/export Export ledger data for audit workflows.