API Reference

AtlasAI exposes two REST API surfaces:

API Surface	Base URL	Auth
Tenant Plane (TP)	`https://<your-tp-domain>/api`	`Authorization: Bearer <jwt>` + `x-tenant-id: <id>`
Control Plane (CP)	`https://cp.atlasai.com/api`	`Authorization: Bearer <cp-jwt>`

All responses follow:


{ "data": { ... } }          // success
{ "error": "...", "code": "...", "trace_id": "..." }  // error

Authentication

POST /api/auth/token

Authenticate and receive a JWT.

Request body:


{ "email": "user@example.com", "password": "..." }

Response:


{ "token": "eyJ...", "refresh_token": "...", "user": { "email": "...", "role": "admin" } }

Incidents

GET /api/incidents

List incidents. Supports ?status=open&severity=P1&limit=50&offset=0.

Response: { "items": [...], "total": N, "limit": 50, "offset": 0 }

POST /api/incidents

Create an incident.


{
  "title": "Database connection pool exhausted",
  "severity": "P1",
  "description": "...",
  "source": "prometheus",
  "ci_ids": ["ci-001"]
}

GET /api/incidents/:id

Get incident by ID or reference (INC-00000001).

PATCH /api/incidents/:id

Update an incident. State machine enforced.


{
  "status": "resolved",
  "resolution_notes": "Scaled connection pool to 200",
  "resolved_by": "ops@example.com"
}

Valid status transitions: triggered → open → acknowledged → investigating → resolved → closed resolved → reopened → investigating

ITSM

GET /api/itsm/changes

List change requests. Supports ?status=approved.

POST /api/itsm/changes

Create a change request.


{
  "title": "Deploy v2.4.1",
  "type": "normal",
  "risk_level": "medium",
  "requested_start": "2026-04-01T18:00:00Z",
  "requested_end": "2026-04-01T22:00:00Z",
  "implementation_plan": "...",
  "rollback_plan": "...",
  "requested_by": "ops@example.com"
}

GET /api/itsm/requests

List service requests. ?status=pending_approval.

POST /api/itsm/requests

Submit a service request from the catalog.


{ "catalog_item_id": "item-001", "requested_by": "user@example.com" }

Observability

GET /api/logs

Query logs. ?service=api-gw&level=error&from=2026-04-01T00:00:00Z&limit=100

GET /api/metrics/query

Query time-series metrics. ?metric_name=http_requests_total&start=...&end=...&step=60s

GET /api/traces

List distributed traces. ?service=checkout&from=...&to=...

AI

POST /api/rca

Run Root Cause Analysis on an incident.


{ "incident_id": "INC-00000001" }

POST /api/ai/control/generate-runbook

Generate an AI runbook from an incident or description.


{ "incident_id": "INC-00000001" }
// OR
{ "description": "High memory usage on web servers", "rca_summary": "Memory leak in session handler" }

POST /api/copilot/query

AI Copilot natural language query.


{ "query": "What caused the P1 incident last night?", "persona": "sre" }

Runbooks

GET /api/runbooks

List runbooks. ?status=published&limit=50

POST /api/runbooks/:id/execute

Execute a runbook.


{ "incident_id": "INC-00000001", "dry_run": false }

CMDB

GET /api/cmdb/items

List configuration items. ?class=server&limit=100

POST /api/cmdb/items

Create a CI.


{
  "name": "web-server-01",
  "class": "server",
  "environment": "production",
  "attributes": { "ip": "10.0.0.1", "os": "Ubuntu 22.04" }
}

GET /api/cmdb/impact?ci_id=…

Get impact blast radius for a CI.

Error Codes

Code	HTTP	Meaning
`UNAUTHORIZED`	401	Missing or invalid JWT
`FORBIDDEN`	403	Insufficient permissions
`NOT_FOUND`	404	Resource not found
`VALIDATION_ERROR`	422	Request body/query validation failed
`RATE_LIMIT`	429	Too many requests
`ERROR`	500	Internal server error
`INVALID_TRANSITION`	400	Invalid state machine transition
`QUOTA_EXCEEDED`	402	Plan quota exceeded