Automating Basirah with the API
Build custom integrations and automated workflows using the REST API.
Basirah’s REST API lets you automate workflows, build custom integrations, and connect Basirah to tools that don’t have a built-in integration.
Generate an API key
Create an API key from your organization settings. Keys are scoped to the permissions of the user who creates them. Use separate keys for different automation workflows so you can rotate or revoke them independently.
Authenticate requests
Include your API key in the
Authorizationheader as a Bearer token. All API requests must includeContent-Type: application/json.Explore the API
Start by listing findings and work items to understand the response shapes. The API follows REST conventions with pagination, filtering, and sorting on list endpoints.
OpenAPI specYour Basirah instance serves an OpenAPI specification at
/api/v1/openapi.jsonwith exact schemas, required fields, and example responses.Build your workflow
Common automation patterns include:
- Automated triage — Query new findings, apply your own prioritization logic, and create work items via the API.
- Custom notifications — Listen for webhook events and route alerts to channels that Basirah doesn’t natively support.
- Reporting pipelines — Pull risk data and evidence packages into your own dashboards or data warehouse.
- Ticket system bridges — Create work items and dispatch them to ticketing systems not yet supported natively.