Outdated Resource Warning!
This is documentation for legacy version 0.x
releases. If you are using 1.x see the wiki
Queries are passed in a URL-encoded query HTTP/S request to api.php
Security is an important considering as although the API is read-only and designed to be as SQL injection proof as any other portion of the system other information (such as IMAP passwords for a test) may be exposed by someone using the correct functionality of the system but without your permission.
The API security model is similar to that of the graphs. By default only requests authenticated into FreeNATS will be accepted (those presenting the cookies for a valid session).
You can set the variable api.public to 1. At this point there are no authentication requirements for the API and anyone can query it.
The variable api.key can optionally be set to an alphanumeric string. This must then be provided by public (unauthenticated - authenticated users never have to provide an API key) in the request URI as the variable apikey.
A request to the API takes the form of one or more queries with optional parameters. These are passed un the URI as an encoded array with each element numbered individually. The query is passed as query[x]=NAME and any paramaters as param[x]=val¶m1[x]=val1¶m2[x]=val etc.
For example we may wish to do an "alerts" query and then a "node" query on a node with a nodeid of "fish". In this case the query portion of the URI would be: