ALLOD API

v1.0.0 https://swg.your-domainhttps://dam.your-domain

Servers

  • https://swg.your-domain
  • https://dam.your-domain

The ALLOD platform runs entirely in your own infrastructure. Every API call stays inside your network — no vendor cloud in the path. This reference covers two products: - **ALLOD | SWG** — the Secure Web Gateway and its admin API - **ALLOD | DAM** — the Digital Asset Manager and its governance API

DAM — Systems

Vendor systems under governance — the core inventory of third-party SaaS/cloud services.

Returns all vendor systems in the governance inventory.

Parameters
NameInTypeDescription
status query string
Responses
200 System list.
application/json
System[]
items
System
app_hosts string[]
string[]
items
string
created_at string(date-time)
hosts string[]
string[]
items
string
id string(uuid)
name string
saascat_id string — Catalog identifier linking to the ALLOD SaaS catalog.
status string enum: active | inactive | triage
updated_at string(date-time)
vendor string
Request Body *
application/json
System
app_hosts string[]
string[]
items
string
created_at string(date-time)
hosts string[]
string[]
items
string
id string(uuid)
name string
saascat_id string — Catalog identifier linking to the ALLOD SaaS catalog.
status string enum: active | inactive | triage
updated_at string(date-time)
vendor string
Responses
201 Created system.
application/json
System
app_hosts string[]
string[]
items
string
created_at string(date-time)
hosts string[]
string[]
items
string
id string(uuid)
name string
saascat_id string — Catalog identifier linking to the ALLOD SaaS catalog.
status string enum: active | inactive | triage
updated_at string(date-time)
vendor string

Returns the Record of Processing Activities entry for this system (Article 30 GDPR).

Parameters
NameInTypeDescription
id * path string
Responses
200 RoPA entry.
Parameters
NameInTypeDescription
id * path string
Request Body *
application/json
object
Responses
200 Updated RoPA entry.

Returns the latest results from all vendor intelligence probes (DNS, TLS, hosting, GLEIF, GDPR documents, etc.).

Parameters
NameInTypeDescription
id * path string
Responses
200 Probe results keyed by probe type.
application/json
object

Queues an immediate full re-scan of all vendor intelligence probes for this system.

Parameters
NameInTypeDescription
id * path string
Responses
202 Scan queued.
Parameters
NameInTypeDescription
id * path string
Responses
200 System detail.
application/json
System
app_hosts string[]
string[]
items
string
created_at string(date-time)
hosts string[]
string[]
items
string
id string(uuid)
name string
saascat_id string — Catalog identifier linking to the ALLOD SaaS catalog.
status string enum: active | inactive | triage
updated_at string(date-time)
vendor string
404 Not found.
application/json
Error
error string — Human-readable error message.
Parameters
NameInTypeDescription
id * path string
Request Body *
application/json
System
app_hosts string[]
string[]
items
string
created_at string(date-time)
hosts string[]
string[]
items
string
id string(uuid)
name string
saascat_id string — Catalog identifier linking to the ALLOD SaaS catalog.
status string enum: active | inactive | triage
updated_at string(date-time)
vendor string
Responses
200 Updated system.
application/json
System
app_hosts string[]
string[]
items
string
created_at string(date-time)
hosts string[]
string[]
items
string
id string(uuid)
name string
saascat_id string — Catalog identifier linking to the ALLOD SaaS catalog.
status string enum: active | inactive | triage
updated_at string(date-time)
vendor string
Parameters
NameInTypeDescription
id * path string
Responses
204 Deleted.

DAM — Reviews

Privacy and security review workflows per system.

Parameters
NameInTypeDescription
status query string
Responses
200 Review list.
application/json
Review[]
items
Review
completed_at string(date-time)
cycle_type_id string(uuid)
due_date string(date)
id string(uuid)
notes string
status string enum: pending | approved | rejected | expired
system_id string(uuid)
Parameters
NameInTypeDescription
id * path string
Responses
200 Reviews for the system.
application/json
Review[]
items
Review
completed_at string(date-time)
cycle_type_id string(uuid)
due_date string(date)
id string(uuid)
notes string
status string enum: pending | approved | rejected | expired
system_id string(uuid)
Parameters
NameInTypeDescription
id * path string
Request Body *
application/json
Review
completed_at string(date-time)
cycle_type_id string(uuid)
due_date string(date)
id string(uuid)
notes string
status string enum: pending | approved | rejected | expired
system_id string(uuid)
Responses
201 Created review.
application/json
Review
completed_at string(date-time)
cycle_type_id string(uuid)
due_date string(date)
id string(uuid)
notes string
status string enum: pending | approved | rejected | expired
system_id string(uuid)
Parameters
NameInTypeDescription
id * path string
Request Body *
application/json
Review
completed_at string(date-time)
cycle_type_id string(uuid)
due_date string(date)
id string(uuid)
notes string
status string enum: pending | approved | rejected | expired
system_id string(uuid)
Responses
200 Updated review.
application/json
Review
completed_at string(date-time)
cycle_type_id string(uuid)
due_date string(date)
id string(uuid)
notes string
status string enum: pending | approved | rejected | expired
system_id string(uuid)

DAM — Keys

API key management for the DAM.

Responses
200 All API keys.
application/json
APIKey[]
items
APIKey
created_at string(date-time)
id string
last_used string(date-time)
name string
Request Body *
application/json
object
name * string
Responses
201 Created key with secret (returned once).
application/json
object
id string
name string
secret string

DAM — Cycle Types

Review cycle definitions (e.g. Annual GDPR review).

Responses
200 All cycle types.
application/json
CycleType[]
items
CycleType
description string
id string(uuid)
interval_days * integer — Review recurrence in days, e.g. 365 for annual.
name * string
Request Body *
application/json
CycleType
description string
id string(uuid)
interval_days * integer — Review recurrence in days, e.g. 365 for annual.
name * string
Responses
201 Created.
application/json
CycleType
description string
id string(uuid)
interval_days * integer — Review recurrence in days, e.g. 365 for annual.
name * string
Parameters
NameInTypeDescription
id * path string
Responses
200 Cycle type.
application/json
CycleType
description string
id string(uuid)
interval_days * integer — Review recurrence in days, e.g. 365 for annual.
name * string
Parameters
NameInTypeDescription
id * path string
Request Body *
application/json
CycleType
description string
id string(uuid)
interval_days * integer — Review recurrence in days, e.g. 365 for annual.
name * string
Responses
200 Updated.
application/json
CycleType
description string
id string(uuid)
interval_days * integer — Review recurrence in days, e.g. 365 for annual.
name * string
Parameters
NameInTypeDescription
id * path string
Responses
204 Deleted.

DAM — Classifications

Data classification levels (e.g. Public, Internal, Confidential).

Responses
200 All classification levels.
application/json
ClassificationLevel[]
items
ClassificationLevel
color string — Hex color for UI display.
description string
id string(uuid)
name * string — e.g. Public, Internal, Confidential, Restricted.
rank integer — Ordering index; lower = less sensitive.
Request Body *
application/json
ClassificationLevel
color string — Hex color for UI display.
description string
id string(uuid)
name * string — e.g. Public, Internal, Confidential, Restricted.
rank integer — Ordering index; lower = less sensitive.
Responses
201 Created.
application/json
ClassificationLevel
color string — Hex color for UI display.
description string
id string(uuid)
name * string — e.g. Public, Internal, Confidential, Restricted.
rank integer — Ordering index; lower = less sensitive.
Parameters
NameInTypeDescription
id * path string
Request Body *
application/json
ClassificationLevel
color string — Hex color for UI display.
description string
id string(uuid)
name * string — e.g. Public, Internal, Confidential, Restricted.
rank integer — Ordering index; lower = less sensitive.
Responses
200 Updated.
application/json
ClassificationLevel
color string — Hex color for UI display.
description string
id string(uuid)
name * string — e.g. Public, Internal, Confidential, Restricted.
rank integer — Ordering index; lower = less sensitive.
Parameters
NameInTypeDescription
id * path string
Responses
204 Deleted.

SWG — CASB

Cloud Access Security Broker — shadow IT and app usage reporting.

Returns all observed SaaS applications, ranked by device penetration. Only applications seen on at least `min_device_pct` of enrolled devices are included.

Parameters
NameInTypeDescription
min_device_pct query number Minimum device fraction. Defaults to controller setting.
Responses
200 Shadow IT application list.
application/json
ShadowITApp[]
items
ShadowITApp
app_id string
category string
device_pct number — Fraction of enrolled devices that used this app.
first_seen string(date-time)
last_seen string(date-time)
name string

Returns a breakdown of which applications each device has accessed.

Responses
200 App usage per device.
application/json
object[]
items
object
apps string[] — App IDs seen on this device.
string[] — App IDs seen on this device.
items
string
device_id string
username string

SWG — License

License settings and check-in status.

Responses
200 Current license info.
application/json
object
customer string
expires_at string(date-time)
key_hint string
key_set boolean
last_checkin string(date-time)
valid boolean

Saves the license key and triggers an immediate check-in.

Request Body *
application/json
object
license_key * string
Responses
200 Check-in result.

SWG — Keys

API key management for the SWG controller.

Responses
200 All API keys (secret not included).
application/json
APIKey[]
items
APIKey
created_at string(date-time)
id string
last_used string(date-time)
name string
Request Body *
application/json
object
name * string
Responses
201 Created key. The `secret` field is only returned once.
application/json
object
id string
name string
secret string — Returned only on creation. Store it securely.
Parameters
NameInTypeDescription
id * path string
Responses
204 Key deleted.

SWG — Firewall

Firewall rules and domain allow/deny lists.

Responses
200 Current firewall rules.
application/json
object
default_action string enum: allow | block
rules FirewallRule[]
FirewallRule[]
items
FirewallRule
action * string enum: allow | block
domains * string[] — Hostnames or wildcard patterns, e.g. `*.example.com`.
string[] — Hostnames or wildcard patterns, e.g. `*.example.com`.
items
string
id string
note string

Replaces the entire firewall rule set. Applied immediately to all active agents.

Request Body *
application/json
object
default_action string enum: allow | block
rules FirewallRule[]
FirewallRule[]
items
FirewallRule
action * string enum: allow | block
domains * string[] — Hostnames or wildcard patterns, e.g. `*.example.com`.
string[] — Hostnames or wildcard patterns, e.g. `*.example.com`.
items
string
id string
note string
Responses
200 Updated configuration.

SWG — Devices

Enrolled agent devices and their status.

Returns all enrolled agent devices. Revoked devices are included unless `active_only=true`.

Parameters
NameInTypeDescription
active_only query boolean Exclude revoked devices.
Responses
200 Array of devices.
application/json
Device[]
items
Device
agent_version string
device_id string(uuid)
ip string(ipv4)
last_seen string(date-time)
name string
platform string enum: linux | macos | windows
revoked boolean
username string

Revokes the device's enrollment. The agent will lose proxy access on next connection attempt.

Parameters
NameInTypeDescription
device_id * path string(uuid)
Responses
204 Device revoked.
404 Device not found.
application/json
Error
error string — Human-readable error message.