REST API

Authentication

All requests require a Bearer token in the Authorization header. We support two credential types — pick the one that fits your integration.

# All requests require a Bearer token
curl https://api.cloudsealed.com/v1/findings \
  -H "Authorization: Bearer $CS_TOKEN"

# OAuth: exchange an authorization code for a short-lived access token
curl -X POST https://api.cloudsealed.com/oauth/token \
  -d grant_type=authorization_code \
  -d code=$CODE \
  -d client_id=$CLIENT_ID \
  -d client_secret=$CLIENT_SECRET

Core resources

The handful of nouns the API revolves around. Everything else composes from these.

• Findings

  GET /v1/findings

  Individual security, cost, architectural, or compliance issues detected during a 4D audit. The atomic unit of CloudSealed.

• Resources

  GET /v1/resources

  Cloud objects discovered in your tenant — instances, buckets, IAM principals, network rules. Findings attach to resources.

• Audits

  GET /v1/audits

  A single forensic pass over your environment. Lists, retrieves, and reanalyzes on demand.

• Policies

  GET /v1/policies

  Custom rules layered on top of the 4D framework. Define what counts as critical for your organization.

• Reports

  GET /v1/reports

  Generated deliverables — executive summaries, remediation plans, compliance evidence — downloadable as PDF or JSON.

Pagination

List endpoints return cursor-paginated results. Pass ?limit=50 (max 200) and use the next_cursor field from the response to fetch the next page.

GET /v1/findings?limit=50&cursor=eyJpZCI6Im...

{
  "data": [ /* ... 50 items ... */ ],
  "next_cursor": "eyJpZCI6Imp...",
  "has_more": true
}

Rate limits

1,000 requests/minute per token by default. Heavy endpoints (report generation, full reanalysis) have separate budgets. Every response carries X-RateLimit-* headers — back off proactively.