API Access
Enable API access to integrate CastellanAI with your existing tools and workflows.
Most users don't need API access. The CastellanAI dashboard provides all features for day-to-day security monitoring.
Overview
CastellanAI provides API access for organizations integrating security data with SIEM platforms, ticketing systems, or custom dashboards.
Who Needs API Access?
| User Type | Use Case |
|---|---|
| IT Teams | Integrating with existing security tools |
| SOC Teams | Pulling data into centralized SIEM platforms |
| Developers | Building custom integrations or automations |
Enabling API Access
- 1️⃣ Navigate
- 2️⃣ Create Key
- 3️⃣ Save Key
Step 1: Navigate to API Settings
- Log in to the CastellanAI Portal
- Click your profile icon in the top-right corner
- Select Settings → API Access
Step 2: Create an API Key
- Click + Create API Key
- Enter a descriptive name (e.g., "SIEM Integration" or "Ticketing System")
- Select the appropriate permission level:
| Permission | What It Allows |
|---|---|
| Read Only | View security events, agent status, and reports |
| Read/Write | Read access plus ability to acknowledge events |
| Admin | Full access including configuration changes |
- Click Create Key
Step 3: Save Your Key
Your API key is shown only once. Copy it immediately and store it securely (e.g., in a password manager or secrets vault).
Storage Best Practices:
- Use a password manager
- Store in a secrets vault (e.g., HashiCorp Vault, AWS Secrets Manager)
- Never commit API keys to version control
API Key Permissions
- 👁️ Read Only
- ✏️ Read/Write
- 👑 Admin
Read Only Permission
Use Case: Monitoring and reporting integrations
Capabilities:
| Action | Allowed |
|---|---|
| View security events | ✅ |
| View agent status | ✅ |
| Generate reports | ✅ |
| Acknowledge events | ❌ |
| Modify configuration | ❌ |
Read/Write Permission
Use Case: Ticketing and workflow integrations
Capabilities:
| Action | Allowed |
|---|---|
| View security events | ✅ |
| View agent status | ✅ |
| Generate reports | ✅ |
| Acknowledge events | ✅ |
| Execute actions | ✅ |
| Modify configuration | ❌ |
Admin Permission
Use Case: Full automation and management
Capabilities:
| Action | Allowed |
|---|---|
| All Read/Write capabilities | ✅ |
| Modify configuration | ✅ |
| Manage users | ✅ |
| Create/delete API keys | ✅ |
Only use Admin permission when absolutely necessary. Prefer least-privilege access.
Managing API Keys
- 👀 View Keys
- 🗑️ Revoke Key
View Active Keys
Go to Settings → API Access to see all active API keys:
| Column | Description |
|---|---|
| Name | Key identifier |
| Permission | Access level |
| Created | Creation date |
| Last Used | Most recent API call |
Revoke a Key
If a key is compromised or no longer needed:
- Go to Settings → API Access
- Find the key you want to revoke
- Click the Revoke button
- Confirm the action
The key will be immediately disabled and cannot be restored. Any systems using this key will lose access.
Rate Limits
API requests are limited based on your subscription tier:
| Subscription | Requests per Minute | Burst Limit |
|---|---|---|
| Small Business | 100 | 150 |
| Medium Business | 500 | 750 |
| Enterprise | 2,000 | 3,000 |
📊 Rate Limit Headers
Each API response includes rate limit headers:
X-RateLimit-Limit: 500
X-RateLimit-Remaining: 450
X-RateLimit-Reset: 1640000000
| Header | Description |
|---|---|
X-RateLimit-Limit | Your tier's limit per minute |
X-RateLimit-Remaining | Requests remaining in window |
X-RateLimit-Reset | Unix timestamp when limit resets |
If you exceed your rate limit, requests return HTTP 429. Contact support if you need higher limits.
Authentication Methods
- 🔑 Header Auth
- 🔗 Query Parameter
API Key in Header (Recommended)
Include your API key in the Authorization header:
curl -H "Authorization: Bearer YOUR_API_KEY" \
https://api.castellanai.com/v1/events
API Key in Query (Not Recommended)
Query parameters may be logged in server access logs. Use header authentication instead.
curl "https://api.castellanai.com/v1/events?api_key=YOUR_API_KEY"
Getting Help
| Customer Type | Support Channel |
|---|---|
| Enterprise | Dedicated Technical Account Manager |
| All Customers | support@castellanai.com |
For detailed technical API documentation, contact support to request access to the Developer Portal.
What's Next?
| Guide | Description |
|---|---|
| Data Export | Export security data to external systems |
| Webhooks | Receive real-time event notifications |
| Integrations | Pre-built integrations |