OpenWard serves a local REST API beside the dashboard.
Use this page as the operator-facing API map for remote agents and integrations.
The OpenAPI file for the agent-facing REST surface lives at openapi.yaml. The full shipped endpoint ledger lives in Shipped capabilities.
Protected routes use the same bearer token as the dashboard.
Preferred form:
Authorization: Bearer <token>
Health:
GET /health
- runtime and setup status
- devices and device review
- DNS, destinations, findings, and evidence
- tracker lists, allowlist, denylist, and firewall rules
- policy candidates, replay, approval, enforcement, and rollback
- snapshots, config import/export, and policy timeline
- agent workflow packs
- control-plane health and runtime state
- discovered devices and one-device evidence review
- findings, destinations, and report export
- validation scoreboard and replay history
- change runtime mode
- create or remove mute, allowlist, denylist, and firewall entries
- drive candidate replay, approval, enforcement, and rollback
- change settings
- create or restore snapshots
Use the API when you want:
- a remote agent on another machine
- scripted operator flows
- external dashboards
- integration tests
- automation and scripted flows