Skip to content

API Reference

Root Security provides a comprehensive set of RESTful APIs that allow you to integrate authentication and authorization functionality into your applications.

API Endpoints

API Description
Authentication API Manage authentication flows including login, registration, and token management
Users API Create, read, update, and delete user accounts
Roles API Define and manage roles for authorization
Permissions API Configure granular permissions for roles

Authentication

All API requests require authentication using an API key or access token.

API Key Authentication

curl https://api.rootsecurity.com/v1/users \
  -H "Authorization: Bearer YOUR_API_KEY"

OAuth 2.0 Authentication

For client applications, use OAuth 2.0 to obtain access tokens:

curl https://auth.rootsecurity.com/oauth/token \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "client_id": "YOUR_CLIENT_ID",
    "client_secret": "YOUR_CLIENT_SECRET",
    "audience": "https://api.rootsecurity.com/",
    "grant_type": "client_credentials"
  }'

Rate Limiting

API requests are subject to rate limiting to ensure service stability:

  • 100 requests per minute for free tier accounts
  • 1,000 requests per minute for standard tier accounts
  • 10,000 requests per minute for enterprise tier accounts

Error Handling

The API returns standard HTTP status codes and error messages in JSON format:

{
  "error": "invalid_request",
  "error_description": "Missing required parameter: client_id",
  "status_code": 400
}

API Versions

  • Current stable version: v1
  • Beta version: v2-beta
  • Legacy version: v0 (deprecated)