6753727a04
Comprehensive documentation updates: API.md: - Add /api/security/change-password endpoint - Add AI provider test endpoints - Add assistant chat & session management endpoints - Add legacy chat sessions endpoints - Add alert investigation and patrol autonomy endpoints - Add findings & investigations endpoints - Add approvals & command execution endpoints - Add remediation plans endpoints - Add intelligence & forecasting endpoints - Add knowledge base endpoints - Add debug endpoint - Add Socket.IO compatibility endpoint Config files: - Document sso.enc, ai_chat_sessions.json - Document profile-versions.json, profile-changelog.json, profile-deployments.json
26 KiB
🔌 Pulse API Reference
Pulse provides a comprehensive REST API for automation and integration.
Base URL: http://<your-pulse-ip>:7655/api
🔐 Authentication
Most API requests require authentication via one of the following methods:
API Token (Recommended)
Pass the token in the X-API-Token header.
curl -H "X-API-Token: your-token" http://localhost:7655/api/health
Bearer Token
curl -H "Authorization: Bearer your-token" http://localhost:7655/api/health
Session Cookie
Standard browser session cookie (used by the UI).
Session endpoints:
POST /api/login(setspulse_session+pulse_csrf)POST /api/logout(clears session)
Login body:
{ "username": "admin", "password": "secret", "rememberMe": true }
Public endpoints include:
GET /api/healthGET /api/versionGET /api/agent/version(agent update checks)GET /api/setup-script(requires a setup token)
🔏 Scopes and Admin Access
Some endpoints require admin privileges and/or scopes. Common scopes include:
monitoring:readsettings:readsettings:writehost-agent:config:readhost-agent:manage
Endpoints that require admin access are noted below.
📡 Core Endpoints
System Health
GET /api/health
Check if Pulse is running.
{
"status": "healthy",
"timestamp": 1700000000,
"uptime": 3600,
"devModeSSH": false
}
System State
GET /api/state
Returns the complete state of your infrastructure (Nodes, VMs, Containers, Storage, Alerts). This is the main endpoint used by the dashboard.
Simple Stats (HTML)
GET /simple-stats
Lightweight HTML status page for quick checks.
Unified Resources
GET /api/resources
Returns a unified, flattened resource list. Requires monitoring:read.
GET /api/resources/stats
Summary counts and health rollups.
GET /api/resources/{id}
Fetch a single resource by ID.
Resource Metadata
User notes, tags, and custom URLs for resources.
-
GET /api/hosts/metadata(admin ormonitoring:read) -
GET /api/hosts/metadata/{hostId}(admin ormonitoring:read) -
PUT /api/hosts/metadata/{hostId}(admin ormonitoring:write) -
DELETE /api/hosts/metadata/{hostId}(admin ormonitoring:write) -
GET /api/guests/metadata(admin ormonitoring:read) -
GET /api/guests/metadata/{guestId}(admin ormonitoring:read) -
PUT /api/guests/metadata/{guestId}(admin ormonitoring:write) -
DELETE /api/guests/metadata/{guestId}(admin ormonitoring:write) -
GET /api/docker/metadata(admin ormonitoring:read) -
GET /api/docker/metadata/{containerId}(admin ormonitoring:read) -
PUT /api/docker/metadata/{containerId}(admin ormonitoring:write) -
DELETE /api/docker/metadata/{containerId}(admin ormonitoring:write) -
GET /api/docker/hosts/metadata(admin ormonitoring:read) -
GET /api/docker/hosts/metadata/{hostId}(admin ormonitoring:read) -
PUT /api/docker/hosts/metadata/{hostId}(admin ormonitoring:write) -
DELETE /api/docker/hosts/metadata/{hostId}(admin ormonitoring:write)
Version Info
GET /api/version
Returns version, build time, and update status.
Example response:
{
"version": "5.0.16",
"buildTime": "2026-01-19T22:20:18Z",
"channel": "stable",
"deploymentType": "systemd",
"updateAvailable": true,
"latestVersion": "5.0.17"
}
Version fields are returned as plain semantic versions (no leading v).
🖥️ Nodes & Config
Public Config
GET /api/config
Returns a small public config payload (update channel, auto-update enabled).
List Nodes
GET /api/config/nodes
Add Node
POST /api/config/nodes
{
"type": "pve",
"name": "Proxmox 1",
"host": "https://192.168.1.10:8006",
"user": "root@pam",
"password": "password"
}
Test Connection
POST /api/config/nodes/test-connection
Validate credentials before saving.
Test Node Config (Validation Only)
POST /api/config/nodes/test-config
Validates node config without saving.
Update Node
PUT /api/config/nodes/{id}
Delete Node
DELETE /api/config/nodes/{id}
Test Node (Legacy)
POST /api/config/nodes/{id}/test
Refresh Cluster Nodes
POST /api/config/nodes/{id}/refresh-cluster
Export Configuration
POST /api/config/export (admin or API token)
Request body:
{ "passphrase": "use-a-strong-passphrase" }
Returns an encrypted export bundle in data. Passphrases must be at least 12 characters.
Import Configuration
POST /api/config/import (admin)
Request body:
{
"data": "<exported-bundle>",
"passphrase": "use-a-strong-passphrase"
}
🧭 Setup & Discovery
Setup Script (Public)
GET /api/setup-script
Returns the Proxmox/PBS setup script. Requires a temporary setup token (auth_token) in the query.
Setup Script URL
POST /api/setup-script-url (auth)
Generates a one-time setup token and URL for /api/setup-script.
Auto-Register (Public)
POST /api/auto-register
Auto-registers a node using the temporary setup token.
Agent Install Command
POST /api/agent-install-command (auth)
Generates an API token and install command for agent-based Proxmox setup.
Discovery
GET /api/discover (auth)
Runs network discovery.
AI Discovery (Service Discovery)
Service discovery is used by Pulse Assistant and the UI to inventory web services and enrich links.
GET /api/discovery(list summaries)GET /api/discovery/statusPUT /api/discovery/settings(admin,settings:write)GET /api/discovery/type/{type}GET /api/discovery/host/{host}GET /api/discovery/{type}/{host}/{id}POST /api/discovery/{type}/{host}/{id}(trigger discovery, optionalforce)DELETE /api/discovery/{type}/{host}/{id}GET /api/discovery/{type}/{host}/{id}/progressPUT /api/discovery/{type}/{host}/{id}/notes
Test Notification
POST /api/test-notification (auth)
Broadcasts a WebSocket test event.
📊 Metrics & Charts
Chart Data
GET /api/charts?range=1h
Returns time-series data for CPU, Memory, and Storage.
Ranges: 5m, 15m, 30m, 1h, 4h, 12h, 24h, 7d
Storage Charts
GET /api/storage-charts
Returns storage chart data.
Storage Stats
GET /api/storage/
Detailed storage usage per node and pool.
Backup History
GET /api/backups/unified
Combined view of PVE and PBS backups.
Other backup endpoints:
GET /api/backupsGET /api/backups/pveGET /api/backups/pbs
Snapshots
GET /api/snapshots
Returns guest snapshot history for the current tenant.
🔔 Notifications
Send Test Notification
POST /api/notifications/test (admin)
Triggers a test alert to all configured channels.
Email, Apprise, and Webhooks
GET /api/notifications/email(admin)PUT /api/notifications/email(admin)GET /api/notifications/apprise(admin)PUT /api/notifications/apprise(admin)GET /api/notifications/webhooks(admin)POST /api/notifications/webhooks(admin)PUT /api/notifications/webhooks/<id>(admin)DELETE /api/notifications/webhooks/<id>(admin)POST /api/notifications/webhooks/test(admin)GET /api/notifications/webhook-templates(admin)GET /api/notifications/webhook-history(admin)GET /api/notifications/email-providers(admin)GET /api/notifications/health(admin)
Audit Webhooks (Pro)
GET /api/admin/webhooks/audit(admin,settings:read)POST /api/admin/webhooks/audit(admin,settings:write)
Advanced Reporting (Pro)
GET /api/admin/reports/generate(admin,settings:read)- Query params:
format(pdf/csv, defaultpdf),resourceType,resourceId,metricType(optional),start/end(RFC3339, optional; defaults to last 24h),title(optional)
- Query params:
Queue and Dead-Letter Tools
GET /api/notifications/queue/stats(admin)GET /api/notifications/dlq(admin)POST /api/notifications/dlq/retry(admin)POST /api/notifications/dlq/delete(admin)
🚨 Alerts
Alert configuration and history (requires monitoring:read/monitoring:write).
GET /api/alerts/configPUT /api/alerts/configPOST /api/alerts/activateGET /api/alerts/activeGET /api/alerts/historyDELETE /api/alerts/historyGET /api/alerts/incidentsPOST /api/alerts/incidents/notePOST /api/alerts/bulk/acknowledgePOST /api/alerts/bulk/clearPOST /api/alerts/acknowledge(body:{ "id": "alert-id" })POST /api/alerts/unacknowledge(body:{ "id": "alert-id" })POST /api/alerts/clear(body:{ "id": "alert-id" })- Legacy path-based endpoints:
POST /api/alerts/{id}/acknowledge,/unacknowledge,/clear
🛡️ Security
Security Status
GET /api/security/status
Returns authentication status, proxy auth state, and security posture flags.
Change Password
POST /api/security/change-password
{ "currentPassword": "old-pass", "newPassword": "new-pass" }
In Docker installs, the response includes a restart notice.
List API Tokens
GET /api/security/tokens
Create API Token
POST /api/security/tokens
{ "name": "ansible-script", "scopes": ["monitoring:read"] }
Revoke Token
DELETE /api/security/tokens/<id>
Recovery (Localhost or Recovery Token)
POST /api/security/recovery
Supports actions:
generate_token(localhost only)disable_authenable_auth
GET /api/security/recovery returns recovery mode status.
Reset Account Lockout (Admin)
POST /api/security/reset-lockout
{ "identifier": "admin" }
Identifier can be a username or IP address.
Regenerate API Token (Admin)
POST /api/security/regenerate-token
Returns a new raw token (shown once) and updates stored hashes:
{
"success": true,
"token": "raw-token",
"deploymentType": "systemd",
"requiresRestart": false,
"message": "New API token generated and active immediately! Save this token - it won't be shown again."
}
---
## 🧾 Audit Log (Pro)
These endpoints require admin access and the `settings:read` scope. In OSS builds, the list endpoint returns an empty set and `persistentLogging: false`.
### List Audit Events
`GET /api/audit?limit=100&event=login&user=admin&success=true&startTime=2024-01-01T00:00:00Z&endTime=2024-01-31T23:59:59Z`
Response:
```json
{
"events": [
{
"id": "6b3c9c3c-9a2f-4b3c-9a3b-3d0e8c5c5d45",
"timestamp": "2024-01-12T10:15:30Z",
"event": "login",
"user": "admin",
"ip": "10.0.0.10",
"path": "/api/login",
"success": true,
"details": "Successful login",
"signature": "..."
}
],
"total": 1,
"persistentLogging": true
}
Verify Audit Event Signature
GET /api/audit/<id>/verify
Response:
{
"available": true,
"verified": true,
"message": "Event signature verified"
}
Validate API Token (Admin)
POST /api/security/validate-token
{ "token": "raw-token" }
Returns:
{ "valid": true, "message": "Token is valid" }
Bootstrap Token Validation (Public)
POST /api/security/validate-bootstrap-token
Provide the token via header X-Setup-Token or JSON body:
{ "token": "bootstrap-token" }
Returns 204 No Content on success.
Quick Security Setup (Public, bootstrap token required)
POST /api/security/quick-setup
Requires a valid bootstrap token (header X-Setup-Token) or an authenticated session.
{
"username": "admin",
"password": "StrongPass!1",
"apiToken": "token",
"enableNotifications": false,
"darkMode": false,
"force": false,
"setupToken": "optional-bootstrap-token"
}
Apply Security Restart (Systemd Only)
POST /api/security/apply-restart
Applies auth changes by restarting the service (systemd deployments only).
⚙️ System Settings
Get Settings
GET /api/system/settings
Retrieve current system settings.
Update Settings
POST /api/system/settings/update
Update system settings. Requires admin + settings:write.
Legacy System Settings (Read Only)
GET /api/config/system
Legacy system settings endpoint (read-only).
Toggle Mock Mode
GET /api/system/mock-mode
POST /api/system/mock-mode
PUT /api/system/mock-mode
Enable or disable mock data generation (dev/demo only).
SSH Config (Temperature Monitoring)
POST /api/system/ssh-config
Writes the SSH config used for temperature collection (requires setup token or auth).
Verify Temperature SSH
POST /api/system/verify-temperature-ssh
Tests SSH connectivity for temperature collection (requires setup token or auth).
Scheduler Health
GET /api/monitoring/scheduler/health
Returns scheduler health, DLQ, and breaker status. Requires monitoring:read.
Updates (Admin)
GET /api/updates/checkPOST /api/updates/applyGET /api/updates/statusGET /api/updates/streamGET /api/updates/plan?version=X.Y.Z(optionalchannel, acceptsvprefix)GET /api/updates/historyGET /api/updates/history/entry?id=<event_id>
Infrastructure Updates
GET /api/infra-updates(requiresmonitoring:read)GET /api/infra-updates/summary(requiresmonitoring:read)POST /api/infra-updates/check(requiresmonitoring:write)GET /api/infra-updates/host/{hostId}(requiresmonitoring:read)GET /api/infra-updates/{resourceId}(requiresmonitoring:read)
Diagnostics
GET /api/diagnostics(auth)POST /api/diagnostics/docker/prepare-token(admin,settings:write)
Logs (Admin)
GET /api/logs/stream(server-sent stream)GET /api/logs/download(bundled logs)GET /api/logs/levelPOST /api/logs/level(set log level)
Server Info
GET /api/server/info
Returns minimal server info for installer scripts.
🔑 OIDC / SSO
Get OIDC Config
GET /api/security/oidc
Retrieve current OIDC provider settings.
Update OIDC Config
POST /api/security/oidc
Configure OIDC provider details (Issuer, Client ID, etc).
Login
GET /api/oidc/login
Initiate OIDC login flow.
💳 License (Pulse Pro)
License Status (Admin)
GET /api/license/status
License Features (Authenticated)
GET /api/license/features
Activate License (Admin)
POST /api/license/activate
{ "license_key": "PASTE_KEY_HERE" }
Clear License (Admin)
POST /api/license/clear
👥 RBAC / Role Management (Pro)
Role-based access control endpoints for managing roles and user assignments. Requires admin access and the rbac license feature.
List Roles
GET /api/admin/roles
Returns all defined roles.
Create Role
POST /api/admin/roles
{
"id": "operator",
"name": "Operator",
"description": "Can view and manage alerts",
"permissions": [
{ "action": "read", "resource": "alerts" },
{ "action": "write", "resource": "alerts" }
]
}
Update Role
PUT /api/admin/roles/{id}
Update an existing role's name, description, or permissions.
Delete Role
DELETE /api/admin/roles/{id}
List Users
GET /api/admin/users
Returns all users with their role assignments.
Assign Role to User
POST /api/admin/users/{username}/roles
{ "role_id": "operator" }
Remove Role from User
DELETE /api/admin/users/{username}/roles/{role_id}
Note
: OIDC group-to-role mapping can automatically assign roles on login. See OIDC.md for configuration.
🤖 Pulse AI (v5)
Pro gating: endpoints labeled "(Pro)" require a Pulse Pro license and return 402 Payment Required if the feature is not licensed.
Get AI Settings
GET /api/settings/ai
Returns current AI configuration (providers, models, patrol status). Requires admin + settings:read.
Update AI Settings
PUT /api/settings/ai/update (or POST /api/settings/ai/update)
Configure AI providers, API keys, and preferences. Requires admin + settings:write.
List Models
GET /api/ai/models
Lists models available to the configured providers (queried live from provider APIs).
Provider Tests (Admin)
POST /api/ai/testPOST /api/ai/test/{provider}
OAuth (Anthropic)
POST /api/ai/oauth/start(admin)POST /api/ai/oauth/exchange(admin, manual code input)GET /api/ai/oauth/callback(public, IdP redirect)POST /api/ai/oauth/disconnect(admin)
Execute (Chat + Tools)
POST /api/ai/execute
Runs an AI request which may return tool calls, findings, or suggested actions.
Execute (Streaming)
POST /api/ai/execute/stream
Streaming variant of execute (used by the UI for incremental responses).
Assistant Chat & Sessions
GET /api/ai/statusPOST /api/ai/chat(streaming)GET /api/ai/sessionsPOST /api/ai/sessionsDELETE /api/ai/sessions/{id}GET /api/ai/sessions/{id}/messagesPOST /api/ai/sessions/{id}/abortPOST /api/ai/sessions/{id}/summarizeGET /api/ai/sessions/{id}/diffPOST /api/ai/sessions/{id}/forkPOST /api/ai/sessions/{id}/revertPOST /api/ai/sessions/{id}/unrevert
Legacy Chat Sessions (UI Sync)
GET /api/ai/chat/sessionsGET /api/ai/chat/sessions/{id}PUT /api/ai/chat/sessions/{id}DELETE /api/ai/chat/sessions/{id}
Question Answers
POST /api/ai/question/{id}/answer
Kubernetes AI Analysis (Pro)
POST /api/ai/kubernetes/analyze
{ "cluster_id": "cluster-id" }
Requires a Pulse Pro license with the kubernetes_ai feature enabled.
Alert Investigation (Pro)
POST /api/ai/investigate-alert
Runs a focused investigation for an alert payload (used by the UI).
Patrol
GET /api/ai/patrol/autonomyPUT /api/ai/patrol/autonomyGET /api/ai/patrol/statusGET /api/ai/patrol/findingsDELETE /api/ai/patrol/findings(clear all findings)GET /api/ai/patrol/historyGET /api/ai/patrol/runsGET /api/ai/patrol/stream(Pro)POST /api/ai/patrol/run(admin, Pro)POST /api/ai/patrol/acknowledge(Pro)POST /api/ai/patrol/dismissPOST /api/ai/patrol/findings/notePOST /api/ai/patrol/resolvePOST /api/ai/patrol/snooze(Pro)POST /api/ai/patrol/suppress(Pro)GET /api/ai/patrol/suppressions(Pro)POST /api/ai/patrol/suppressions(Pro)DELETE /api/ai/patrol/suppressions/{id}(Pro)GET /api/ai/patrol/dismissed(Pro)
Findings & Investigations
GET /api/ai/unified/findingsGET /api/ai/findings/{id}/investigationGET /api/ai/findings/{id}/investigation/messagesPOST /api/ai/findings/{id}/reinvestigatePOST /api/ai/findings/{id}/reapprove(Pro)
Approvals & Command Execution (Pro)
GET /api/ai/approvalsGET /api/ai/approvals/{id}POST /api/ai/approvals/{id}/approvePOST /api/ai/approvals/{id}/denyPOST /api/ai/run-command(execute an approved command)GET /api/ai/agents(connected agents via/api/agent/ws)
Remediation Plans (Pro)
GET /api/ai/remediation/plansGET /api/ai/remediation/plan?plan_id=<id>POST /api/ai/remediation/approvePOST /api/ai/remediation/executePOST /api/ai/remediation/rollback
Request bodies:
approve:{ "plan_id": "...", "approved_by": "api" }execute:{ "execution_id": "...", "plan_id": "..." }rollback:{ "execution_id": "..." }
Intelligence & Forecasting
GET /api/ai/intelligenceGET /api/ai/intelligence/patternsGET /api/ai/intelligence/predictionsGET /api/ai/intelligence/correlationsGET /api/ai/intelligence/changesGET /api/ai/intelligence/baselinesGET /api/ai/intelligence/remediationsGET /api/ai/intelligence/anomaliesGET /api/ai/intelligence/learningGET /api/ai/forecast(params:resource_id,metric, optionalresource_name,horizon_hours,threshold)GET /api/ai/forecasts/overview(params:metric,horizon_hours,threshold)GET /api/ai/learning/preferences(optionalresource_id)GET /api/ai/proxmox/eventsGET /api/ai/proxmox/correlationsGET /api/ai/incidents(optionalresource_id,limit)GET /api/ai/incidents/{resourceId}(optionallimit)GET /api/ai/circuit/status
Knowledge Base
GET /api/ai/knowledge?guest_id=<id>POST /api/ai/knowledge/savePOST /api/ai/knowledge/deleteGET /api/ai/knowledge/export?guest_id=<id>POST /api/ai/knowledge/importPOST /api/ai/knowledge/clear
Debug
GET /api/ai/debug/context(admin)
Cost Tracking
GET /api/ai/cost/summaryPOST /api/ai/cost/reset(admin)GET /api/ai/cost/export(admin)
📈 Metrics Store (v5)
Auth required: monitoring:read.
Store Stats
GET /api/metrics-store/stats
Returns stats for the persistent metrics store (SQLite-backed).
History
GET /api/metrics-store/history
Returns historical metric series for a resource and time range.
Query params:
resourceType(required):node,vm,container,storage,dockerHost,dockerContainerresourceId(required)metric(optional):cpu,memory,disk, etc. Omit for all metricsrange(optional):1h,6h,12h,24h,1d,7d,30d,90d(default24h; duration strings also accepted)maxPoints(optional): Downsample to a target number of points
License: Requests beyond
7drequire the Pulse Prolong_term_metricsfeature. Unlicensed requests return402 Payment Required. Aliases:guest(VM/LXC) anddocker(Docker container) are accepted, but persistent store data uses the canonical types above.
🤖 Agent Endpoints
Unified Agent (Recommended)
GET /download/pulse-agent
Downloads the unified agent binary. Without arch, Pulse serves the local binary on the server host.
Optional query:
?arch=linux-amd64(supported:linux-amd64,linux-arm64,linux-armv7,linux-armv6,linux-386,darwin-amd64,darwin-arm64,freebsd-amd64,freebsd-arm64,windows-amd64,windows-arm64,windows-386)
The response includes X-Checksum-Sha256 for verification.
The unified agent combines host, Docker, and Kubernetes monitoring. Use --enable-docker or --enable-kubernetes to enable additional metrics.
See UNIFIED_AGENT.md for installation instructions.
Agent Version
GET /api/agent/version
Returns the current server version for agent update checks.
Unified Agent Installer Script
GET /install.sh
Serves the universal install.sh used to install pulse-agent on target machines.
GET /api/install/install.sh
API-prefixed alias for the unified agent installer script.
Unified Agent Installer (Windows)
GET /install.ps1
Serves the PowerShell installer for Windows.
GET /api/install/install.ps1
API-prefixed alias for the unified agent PowerShell installer.
Docker Server Installer Script
GET /api/install/install-docker.sh
Serves the turnkey Docker installer script that generates a docker-compose.yml and .env.
Legacy Agents (Deprecated)
GET /download/pulse-host-agent - Deprecated, use pulse-agent
GET /download/pulse-docker-agent - Deprecated, use pulse-agent --enable-docker
Host-agent downloads accept ?platform=<os>&arch=<arch> and expose a checksum endpoint:
/download/pulse-host-agent.sha256?platform=linux&arch=amd64
Legacy install/uninstall scripts:
GET /install-docker-agent.shGET /install-container-agent.shGET /install-host-agent.shGET /install-host-agent.ps1GET /uninstall-host-agent.shGET /uninstall-host-agent.ps1
Submit Reports
POST /api/agents/host/report - Host metrics
POST /api/agents/docker/report - Docker container metrics
POST /api/agents/kubernetes/report - Kubernetes cluster metrics
Host Agent Management
GET /api/agents/host/lookup?id=<host_id>
GET /api/agents/host/lookup?hostname=<hostname>
Looks up a host by ID or hostname/display name. Requires host-agent:report.
POST /api/agents/host/uninstall
Host agent self-unregister during uninstall. Requires host-agent:report.
POST /api/agents/host/unlink (admin, host-agent:manage)
Unlinks a host agent from a node.
DELETE /api/agents/host/{host_id} (admin, host-agent:manage)
Removes a host agent from state.
Host Agent Linking (Admin)
POST /api/agents/host/link(admin,host-agent:manage)POST /api/agents/host/unlink(admin,host-agent:manage)
Agent Remote Config
GET /api/agents/host/{agent_id}/config
Returns the server-side config payload for an agent (used by remote config and debugging). Requires host-agent:config:read.
PATCH /api/agents/host/{agent_id}/config (admin, host-agent:manage)
Updates server-side config for an agent (e.g., commandsEnabled).
Docker Agent Management (Admin)
POST /api/agents/docker/commands/{commandId}/ack(docker:report)DELETE /api/agents/docker/hosts/{hostId}(docker:manage, supports?hide=trueor?force=true)POST /api/agents/docker/hosts/{hostId}/allow-reenroll(docker:manage)PUT /api/agents/docker/hosts/{hostId}/unhide(docker:manage)PUT /api/agents/docker/hosts/{hostId}/pending-uninstall(docker:manage)PUT /api/agents/docker/hosts/{hostId}/display-name(docker:manage)POST /api/agents/docker/hosts/{hostId}/check-updates(docker:manage)POST /api/agents/docker/containers/update(docker:manage)
Kubernetes Agent Management (Admin)
DELETE /api/agents/kubernetes/clusters/{clusterId}(kubernetes:manage, supports?hide=trueor?force=true)POST /api/agents/kubernetes/clusters/{clusterId}/allow-reenroll(kubernetes:manage)PUT /api/agents/kubernetes/clusters/{clusterId}/unhide(kubernetes:manage)PUT /api/agents/kubernetes/clusters/{clusterId}/pending-uninstall(kubernetes:manage)PUT /api/agents/kubernetes/clusters/{clusterId}/display-name(kubernetes:manage)
Agent Profiles (Pro)
GET /api/admin/profiles (admin, Pro)
POST /api/admin/profiles (admin, Pro)
GET /api/admin/profiles/{id} (admin, Pro)
PUT /api/admin/profiles/{id} (admin, Pro)
DELETE /api/admin/profiles/{id} (admin, Pro)
GET /api/admin/profiles/schema (admin, Pro)
POST /api/admin/profiles/validate (admin, Pro)
POST /api/admin/profiles/suggestions (admin, Pro)
GET /api/admin/profiles/changelog (admin, Pro)
GET /api/admin/profiles/deployments (admin, Pro)
POST /api/admin/profiles/deployments (admin, Pro)
GET /api/admin/profiles/{id}/versions (admin, Pro)
POST /api/admin/profiles/{id}/rollback/{version} (admin, Pro)
GET /api/admin/profiles/assignments (admin, Pro)
POST /api/admin/profiles/assignments (admin, Pro)
DELETE /api/admin/profiles/assignments/{agent_id} (admin, Pro)
🔌 WebSocket Endpoints
GET /ws– Primary UI WebSocket (browser sessions).GET /socket.io/– Legacy Socket.IO compatibility endpoint.GET /api/agent/ws– Agent WebSocket used for AI command execution.
Note
: This is a summary of the most common endpoints. For a complete list, inspect the network traffic of the Pulse dashboard or check the source code in
internal/api/router.go.