Version: 1.0.0

Unizo Platform API

The Unizo Platform API provides a unified interface for managing and monitoring your integrated services, configurations, and watches across the Unizo ecosystem. This API enables you to programmatically access and control your platform resources, automate workflows, and build custom integrations.

Key Concepts

Services

Services represent the various tools and platforms integrated with Unizo, such as:

• SCM - Source Control Management (GitHub, GitLab, Bitbucket)
• TICKETING - Issue tracking systems (Jira, ServiceNow)
• IDENTITY - Identity providers (Okta, Azure AD)
• VMS - Vulnerability Management Systems
• SIEM - Security Information and Event Management
• EDR - Endpoint Detection and Response

Integrations

Integrations are configured connections between Unizo and your external services. They maintain:

• Connection credentials and access points
• Health status and operational state
• Rate limiting and notification settings
• Service-specific configuration

Watches

Watches are webhook-based monitors that track changes and events in your integrated services:

• Repository activity (commits, pull requests, issues)
• Security events and alerts
• Configuration changes
• Custom event triggers

Authentication

The Platform API supports two authentication methods:

API Key Authentication

Include your API key in the request header:

x-api-key: your-api-key-here

Bearer Token Authentication

For JWT-based authentication:

Authorization: Bearer your-jwt-token

Request Headers

Required Headers

• correlationId - UUID for request tracing and debugging

Optional Headers

• x-request-id - Custom request identifier
• x-client-version - Client application version

Rate Limiting

API requests are subject to rate limits:

• Default: 1000 requests per hour per API key
• Burst: 100 requests per minute

Rate limit headers are included in all responses:

• X-RateLimit-Limit - Maximum requests allowed
• X-RateLimit-Remaining - Requests remaining in current window
• X-RateLimit-Reset - Unix timestamp when limit resets

Error Handling

The API uses standard HTTP status codes:

• 200 - Success
• 400 - Bad Request (invalid parameters)
• 401 - Unauthorized (missing or invalid credentials)
• 403 - Forbidden (insufficient permissions)
• 404 - Resource not found
• 429 - Too Many Requests (rate limit exceeded)
• 500 - Internal Server Error

Error responses include detailed information:

{
  "code": "INVALID_PARAMETER",
  "message": "The limit parameter must be between 1 and 100",
  "details": {
    "parameter": "limit",
    "value": 150,
    "constraints": {
      "min": 1,
      "max": 100
    }
  }
}

Authentication

HTTP: Bearer Auth

JWT Bearer token authentication. Obtain a token by authenticating with your Unizo credentials via the authentication endpoint. Tokens expire after 24 minutes.

Example: Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Security Scheme Type:	http
HTTP Authorization Scheme:	bearer
Bearer format:	JWT

API Key: apiKeyAuth

API key authentication. You can generate API keys from the Unizo portal under Settings > API Keys. Keys can be scoped to specific permissions and services.

Example: x-api-key: unizo_live_sk_1234567890abcdef

Security Scheme Type:	apiKey
Header parameter name:	x-api-key

Contact

Unizo Support: support@unizo.ai

URL: https://support.unizo.ai

License

Apache License Version 2.0