> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ayliea.com/llms.txt
> Use this file to discover all available pages before exploring further.

# API overview

> Integrate Ayliea security posture data into your existing tools and workflows with the REST API.

The Ayliea REST API provides programmatic access to your organization's security posture data — assessment scores, recommendations, and AI discovery results. Use it to feed dashboards, trigger alerts in your SIEM, sync remediation tasks with your ticketing system, or build custom integrations.

## Base URL

All API requests use the following base URL:

```
https://assess.ayliea.com/api/v1
```

The API is versioned via the URL path. The current version is `v1`.

## Key details

| Property     | Value                                       |
| ------------ | ------------------------------------------- |
| Protocol     | HTTPS only                                  |
| Format       | JSON request and response bodies            |
| Auth         | API key via `X-API-Key` header              |
| Availability | Enterprise tier only                        |
| CORS         | Not supported — server-to-server use only   |
| Timestamps   | ISO 8601 UTC (e.g., `2026-03-15T14:30:00Z`) |
| Rate limit   | 60 requests per minute per API key          |

<Warning>
  The API is designed for server-to-server integration. API keys must never be exposed in client-side code, mobile apps, or browser requests.
</Warning>

## Quick start

Get from zero to your first API call in three steps.

<Steps>
  <Step title="Create an API key">
    Navigate to **Organization Settings** and open the **API Keys** tab. Click **Create Key**, give it a label (e.g., "SIEM Integration"), select the scopes you need, and click **Create**.

    Copy the key immediately — it is shown only once.
  </Step>

  <Step title="Make your first request">
    Replace `YOUR_API_KEY` with the key you just copied:

    ```bash theme={null}
    curl https://assess.ayliea.com/api/v1/scores \
      -H "X-API-Key: ayliea_pk_YOUR_API_KEY"
    ```
  </Step>

  <Step title="Parse the response">
    A successful response returns JSON with your latest assessment scores:

    ```json theme={null}
    {
      "scores": [
        {
          "framework_id": "ai-security",
          "overall_score": 72,
          "grade": "C",
          "completed_at": "2026-03-15T14:30:00Z"
        }
      ]
    }
    ```
  </Step>
</Steps>

## Available endpoints

<CardGroup cols={3}>
  <Card title="Scores" icon="chart-line" href="/api-reference/endpoints/scores">
    Latest assessment scores per framework with grades and completion timestamps.
  </Card>

  <Card title="Recommendations" icon="wrench" href="/api-reference/endpoints/recommendations">
    Prioritized remediation recommendations with status, framework, and category context.
  </Card>

  <Card title="Discovery" icon="radar" href="/api-reference/endpoints/discovery">
    AI platform discovery scan results with detected platforms and confidence scores.
  </Card>
</CardGroup>

## Next steps

<CardGroup cols={2}>
  <Card title="Authentication" icon="key" href="/api-reference/authentication">
    Learn how API keys work, how scopes are enforced, and how to rotate keys safely.
  </Card>

  <Card title="Errors" icon="triangle-exclamation" href="/api-reference/errors">
    Understand error responses, HTTP status codes, and how to handle failures.
  </Card>
</CardGroup>
