Introduction
The Controlinfra API is a RESTful JSON API that provides programmatic access to the Controlinfra platform — AI-powered infrastructure drift detection for Terraform.
Base URL
All API requests are made to:
https://api.controlinfra.comAll endpoints are prefixed with /api/. For example:
https://api.controlinfra.com/api/scans/dashboardContent Type
All requests and responses use JSON. Set the Content-Type header:
Content-Type: application/jsonAuthentication
Most endpoints require a Bearer token in the Authorization header:
Authorization: Bearer <token>Tokens can be:
- JWT tokens — obtained via login or OAuth
- CLI tokens — long-lived tokens with granular scopes (prefixed with
ci_) - Runner tokens — sent via the
X-Runner-Tokenheader for runner agent routes
See Authentication for details.
Response Format
Successful responses return JSON with a consistent structure:
json
{
"success": true,
"data": { ... }
}List endpoints include pagination:
json
{
"success": true,
"data": [ ... ],
"pagination": {
"page": 1,
"limit": 20,
"total": 142
}
}Error responses follow the format described in Errors.
Rate Limiting
All endpoints are rate-limited. Limits vary by endpoint type. Rate limit headers are included in every response:
| Header | Description |
|---|---|
RateLimit-Limit | Maximum requests in window |
RateLimit-Remaining | Requests remaining in window |
RateLimit-Reset | Seconds until window resets |
See Rate Limiting for per-endpoint limits.
Endpoint Categories
| Category | Base Path | Description |
|---|---|---|
| Auth | /api/auth | Login, register, OAuth, profile, tokens |
| Repositories | /api/repositories | GitHub repository listing and branches |
| Repo Configs | /api/repo-configs | Repository scan configuration CRUD |
| Scans | /api/scans | Scan management, triggering, dashboard |
| Drifts | /api/drifts | Drift detection results, fixes, PRs |
| Drift Widgets | /api/drift-widgets | Dashboard widget management |
| Runners | /api/runners | Self-hosted runner management |
| Workspaces | /api/workspaces | Workspace organization |
| Projects | /api/projects | Project and credential grouping |
| Predictions | /api/predictions | ML drift predictions and insights |
| Notifications | /api/notifications | In-app notification management |
| Credentials | /api/auth | AWS, Azure, GCP credential management |
| AI Providers | /api/auth | AI provider and BYOK key management |
| Integrations | /api/auth, /api/jira | Slack, Jira, GitHub App |
| Admin | /api/admin | Admin dashboard and system management |