Home ci 22. rest-api: endpoints

22. rest-api: endpoints

Last updated on Aug 05, 2025

The Epycbyte REST API offers a comprehensive set of endpoints for managing various resources such as secrets, firewalls, teams, users, and webhooks. Below is an organized summary of how to use these endpoints effectively:

Authentication

  • Method: Ensure you have the necessary authentication method in place, which could be tokens or API keys. Check Epycbyte's documentation for specific details.

Resource Management

Secrets

  • Retrieve Secrets: Use GET /v2/secrets with pagination if needed.
  • Update Secret Name: Use PATCH /v2/secrets/{name} to change the name, ensuring it's unique per user or team.

Firewall Configuration

  • Get Current Configuration: Use GET /v1/firewalls/{configVersion}.
  • Update Configuration: Use PUT /v1/firewalls with new rules.

Attack Challenge Mode

  • Enable/Disable: Use POST /v1/attack-challenge-mode to toggle the setting.

Teams

  • Create Team: Send a POST request to /v1/teams with slug and optional name.
  • Delete Team: Use DELETE on /v1/teams/{teamId} with optional reasons.
  • Delete Invite Code: Use DELETE on /v1/teams/{teamId}/invites/{inviteCode}.
  • Get Team Info: Use GET on /v2/teams/{teamId}.
  • List Members: Use GET on /v2/teams/{teamId}/members, paginating as needed.
  • Invite Users: POST to /v1/teams/{teamId}/members with email or ID (ID takes precedence).
  • Join Team: POST to /v1/teams/join with invite code or team ID.
  • Update Team Info: PATCH on /v2/teams/{teamId} with new details.
  • Remove Member: DELETE on /v1/teams/{teamId}/members/{uid}.
  • Request Access: POST to /v1/teams/{teamId}/request.
  • Confirm Request: PATCH on /v1/teams/{teamId}/members/{uid} if confirmed.

Users

  • Get User Info: Use GET on /v2/user.
  • List Events: Use GET on /v3/events.

Webhooks

  • Create Webhook: POST to /v1/webhooks.
  • Delete Webhook: DELETE on /v1/webhooks/{webhookId}.
  • Get Webhook Info: GET on /v1/webhooks/{webhookId}.
  • List Webhooks: Use GET on /v1/webhooks.

Best Practices

  • Permissions: Ensure you have the necessary permissions, such as admin rights or ownership for team management.
  • Error Handling: Implement error handling to manage different HTTP status codes and errors appropriately.

Example Workflow

  1. Create a Team:
    • Send POST to /v1/teams with {"slug": "example-team", "name": "Example Team"}.
  2. Invite Users:
    • Use POST on /v1/teams/{teamId}/members with user details or invite codes.
  3. Join the Team:
    • Send POST to /v1/teams/join with the team ID or invite code.
  4. Update Firewall Rules:
    • PUT to /v1/firewalls with new configuration.