Public-facing endpoints — auth-stripped, read-only snapshot. Evaluate the product yourself before PoC. In a production deployment the full API (24 routers, 200+ endpoints) is served interactively at `/docs` and `/redoc`.
Curated public-facing endpoints for developer evaluation
Read-only snapshot of selected production endpoints. Internal admin, write, and destructive operations are intentionally omitted. Full API (24 routers, ~200+ endpoints) is available to licensed deployments via interactive Swagger at /docs on the running backend.
Versioning: v2 endpoints are stable. Auth uses cookie sd360_session (HttpOnly) or Authorization: Bearer <jwt> header. License endpoints are public (offline verify).
Source repo: github.com/dmcteknoloji/sentineldb360 (private, license required)
https://your-deployment.example.com — Self-hosted (on-prem / VM)https://saas.sentineldb360.com — SaaS (multi-tenant, ARCH-003 ownership scoped)Liveness and readiness checks
/api/health🌐 publicReturns service status, version, and uptime. Useful for load balancer health checks.
{
"status": "ok",
"version": "0.3.1",
"uptime_seconds": 184293,
"mongodb": "connected"
}JWT (HS256, 24h default) — cookie `sd360_session` or Bearer header
/api/auth/login🌐 publicReturns JWT in HttpOnly cookie sd360_session (TTL: ACCESS_TOKEN_TTL_SEC, default 900s). Bcrypt password verification. Default role on bootstrap: viewer. Roles: ADMIN, EDITOR, VIEWER.
{
"email": "[email protected]",
"password": "***"
}{}/api/auth/me🔒 auth{}Database instance CRUD (MSSQL, PostgreSQL, MySQL, MongoDB)
/api/v2/sources🔒 authReturns all sources visible to the authenticated user. Multi-tenant: ARCH-003 ownership filter applied automatically (org_id enforced via $jsonSchema).
| Name | In | Type | Required | Description |
|---|---|---|---|---|
type | query | "MSSQL" | "PostgreSQL" | "MySQL" | "MongoDB" | no | Filter by RDBMS type |
limit | query | integer | no |
[
{}
]/api/v2/sources/{source_id}🔒 auth| Name | In | Type | Required | Description |
|---|---|---|---|---|
source_id | path | string (uuid) | yes |
{}Time-series metrics from `metrics_ts` collection
/api/v2/metrics/{source_id}/timeseries🔒 authReturns metric points from the metrics_ts collection. Aggregation buckets: 5m / 15m / 1h / 1d. Default window: last 24h (env: METRIC_HISTORY_HOURS).
| Name | In | Type | Required | Description |
|---|---|---|---|---|
source_id | path | string (uuid) | yes | |
metric | query | string | yes | |
from | query | string (date-time) | no | ISO 8601 timestamp |
to | query | string (date-time) | no | |
bucket | query | "5m" | "15m" | "1h" | "1d" | no |
{}Per-engine A-F health scorecard (6 categories)
/api/v2/health-check/{source_id}/summary🔒 authReturns engine-specific health scorecard with 6 categories: Performance, Storage, Security, Availability, Backup, Configuration. Letter grades: 90+=A · 75+=B · 60+=C · 40+=D · <40=F.
| Name | In | Type | Required | Description |
|---|---|---|---|---|
source_id | path | string (uuid) | yes |
{}Linear regression + 95% PI projections (storage, CPU, memory, connections)
/api/v2/capacity/{source_id}/storage🔒 authLinear regression with 95% prediction interval over the last N days. Returns days-to-full estimate and recommended action. Min sample: 14 days of metric history.
| Name | In | Type | Required | Description |
|---|---|---|---|---|
source_id | path | string (uuid) | yes | |
horizon_days | query | integer | no |
{}Blocking chain analysis with Sankey-ready output
/api/v2/blocking/{source_id}/chains🔒 authReturns currently active blocking chains with head SPID, blocked sessions, wait time, and Sankey-ready edges. Threshold env: BLOCKING_WARNING_THRESHOLD_MS.
| Name | In | Type | Required | Description |
|---|---|---|---|---|
source_id | path | string (uuid) | yes | |
min_wait_ms | query | integer | no |
{}AI-powered (LiteLLM / Ollama) findings and recommendations
/api/v2/insights/{source_id}🔒 authReturns LiteLLM-generated insights (default Azure OpenAI gpt-4o-mini, falls back to rule-based advisor). Language follows AI_LANG env (default: tr).
| Name | In | Type | Required | Description |
|---|---|---|---|---|
source_id | path | string (uuid) | yes | |
severity | query | "low" | "medium" | "high" | "critical" | no |
[
{}
]Offline-first Ed25519 JWT license verification (JetBrains pattern)
/api/license/verify🌐 publicPublic endpoint. Verifies Ed25519 JWT against embedded public key. No network round-trip to DMC infrastructure required at runtime — JetBrains pattern. Returns validity, days remaining, and feature flags.
{
"token": "eyJhbGciOiJFZERTQSI..."
}{}/api/license/public-key🌐 publicPublic endpoint. Returns the Ed25519 public key in PEM format for offline JWT verification by client-side tools (e.g. tools/issue_license.py verify).
"-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEA...\n-----END PUBLIC KEY-----\n"
14-day trial provisioning (Cloudflare Turnstile gated)
/api/trial🌐 publicPublic endpoint. Cloudflare Turnstile gated + honeypot + duplicate-email check (TRIAL_MAX_PER_EMAIL, default 2). Persists request to Cosmos trial_requests with pending status — admin must approve via tools/approve_trial.py. Successful approval delivers Ed25519 JWT (TRIAL tier: 14 days, max 50 instances, all 17 features enabled).
{}{}This page shows 12 curated endpoints. A live deployment exposes 200+ endpoints across 24 routers with interactive Swagger UI and OpenAPI 3.1 export.