Osmedeus API Documentation
Overview
The Osmedeus API provides a RESTful interface for managing security automation workflows, runs, and distributed task execution. Base URL:http://localhost:8002
Default Port: 8002
Authentication
Most API endpoints require authentication. Two methods are supported:-
JWT Token: Obtain a token via the login endpoint, then include it in requests using the
Authorization: Bearer <token>header. -
API Key: Use a static API key via the
x-osm-api-keyheader. Configure in~/osmedeus-base/osm-settings.yamlunderserver.auth_api_key.
API Reference
| Category | Description |
|---|---|
| Public Endpoints | Server info, health checks, Swagger docs |
| Authentication | Login, logout, and JWT token management |
| Workflows | List, view, and refresh workflows |
| Runs | Create and manage workflow executions |
| File Uploads | Upload target files and workflows |
| Snapshots | Export and import workspace snapshots |
| Workspaces | List and manage workspaces |
| Artifacts | List and download output artifacts |
| Assets | View discovered assets |
| Vulnerabilities | View and manage vulnerabilities |
| Event Logs | View execution event logs |
| Step Results | Query step execution results |
| Functions | Execute and list utility functions |
| System Statistics | Get aggregated system stats |
| Settings | Manage server configuration |
| Database | Database management and cleanup |
| Installation | Install binaries and workflows |
| Schedules | Manage scheduled workflows |
| Event Receiver | Event-triggered workflows |
| Distributed Mode | Worker and task management |
| LLM API | Large Language Model API |
| Reference | Error codes, pagination, cron expressions, step types |