API Reference

All endpoints are prefixed with /api/v1. Responses are JSON. Authentication is required unless noted otherwise.

Authentication

Method	Path	Description	Auth Required
`POST`	/api/v1/auth	Login (returns API token)	No
`DELETE`	/api/v1/auth	Logout (Hotwire Native)	Yes
`POST`	/api/v1/jwt	Login (returns JWT pair)	No
`POST`	/api/v1/jwt/refresh	Refresh JWT tokens	No
`POST`	/api/v1/jwt/revoke	Revoke a JWT token	Yes

Sites

Method	Path	Description
`GET`	/api/v1/sites	List all sites
`GET`	/api/v1/sites/:id	Get site details
`POST`	/api/v1/sites	Create a site
`PATCH`	/api/v1/sites/:id	Update a site
`DELETE`	/api/v1/sites/:id	Delete a site

Example: List Sites

curl -H "Authorization: token YOUR_TOKEN" \
  https://wporchestrix.com/api/v1/sites

[
  {
    "id": "site_abc123",
    "name": "My WordPress Site",
    "url": "https://example.com",
    "status": "healthy",
    "wp_version": "6.5",
    "php_version": "8.2",
    "created_at": "2026-01-15T10:30:00Z"
  }
]

Health Checks

Method	Path	Description
`GET`	/api/v1/sites/:site_id/health_checks	List health checks for a site
`GET`	/api/v1/sites/:site_id/health_checks/:id	Get health check details

Snapshots

Method	Path	Description
`GET`	/api/v1/sites/:site_id/snapshots	List snapshots
`GET`	/api/v1/sites/:site_id/snapshots/:id	Get snapshot details
`POST`	/api/v1/sites/:site_id/snapshots	Create a snapshot
`DELETE`	/api/v1/sites/:site_id/snapshots/:id	Delete a snapshot
`PUT`	/api/v1/sites/:site_id/snapshots/:id/upload	Upload snapshot data

Upgrade Pipelines

Method	Path	Description
`GET`	/api/v1/sites/:site_id/upgrade_pipelines	List pipelines
`GET`	/api/v1/sites/:site_id/upgrade_pipelines/:id	Get pipeline details
`POST`	/api/v1/sites/:site_id/upgrade_pipelines	Create a pipeline
`POST`	/api/v1/sites/:site_id/upgrade_pipelines/:id/approve	Approve a pipeline

Vulnerabilities

Method	Path	Description
`GET`	/api/v1/sites/:site_id/vulnerability_records	List vulnerabilities
`GET`	/api/v1/sites/:site_id/vulnerability_records/:id	Get vulnerability details
`PATCH`	/api/v1/sites/:site_id/vulnerability_records/:id	Update vulnerability status

Activity Logs

Method	Path	Description
`GET`	/api/v1/activity_logs	List activity logs

Webhooks

Method	Path	Description
`GET`	/api/v1/webhook_endpoints	List webhook endpoints
`GET`	/api/v1/webhook_endpoints/:id	Get webhook endpoint details
`POST`	/api/v1/webhook_endpoints	Create a webhook endpoint
`PATCH`	/api/v1/webhook_endpoints/:id	Update a webhook endpoint
`DELETE`	/api/v1/webhook_endpoints/:id	Delete a webhook endpoint

User & Account

Method	Path	Description
`GET`	/api/v1/me	Current user details
`GET`	/api/v1/accounts	List accounts
`GET`	/api/v1/accounts/:id	Get account details
`GET`	/api/v1/users	List users in current account

Error Responses

Error responses include an error key:

// 401 Unauthorized
{ "error": "Invalid email or password" }

// 404 Not Found
{ "error": "Record not found" }

// 422 Unprocessable Content
{ "error": "otp_attempt_required" }

Pagination

List endpoints return paginated results. Use page parameter to navigate:

GET /api/v1/sites?page=2