REST API Reference

The Vigilry REST API is organized around two services: the API Gateway for account management, and the Ingestion Service for sending events.

Authentication Overview

The API supports two authentication methods, resolved in order:

  1. API Key — Send X-Api-Key: <rawKey> header. Sets project context. Used for ingestion endpoints.
  2. JWT Session — A session httpOnly cookie set at login. Used for dashboard/management endpoints.
Authentication

Sign up, log in, log out, and retrieve the current session.

POST/auth/signup
POST/auth/login
POST/auth/logout
GET/auth/me
Organizations

Manage your organization profile and members.

GET/organizations/me
PATCH/organizations/me
GET/organizations/members
POST/organizations/:orgId/members
Projects & API Keys

Create and manage projects and their API keys.

GET/projects
POST/projects
GET/projects/:id
PATCH/projects/:id
DELETE/projects/:id
GET/projects/:projectId/api-keys
POST/projects/:projectId/api-keys
DELETE/api-keys/:id
Events

Query captured events for your organization.

GET/events
Incidents

Create and list detected incidents.

POST/incidents
GET/incidents
Ingestion Service

Send raw events, server errors, webhooks, and Stripe events. Runs on port 4100.

POST/ingest/events
POST/ingest/server-error
POST/ingest/webhook
POST/ingest/stripe