API Reference
The SureStage REST API provides programmatic access to all platform features. Use it to automate simulation management, configure routes, run flows, and integrate SureStage into your CI/CD pipeline.
Base URL
https://api.surestage.com/v1
Authentication
All API requests require authentication via one of:
- JWT Bearer Token - Obtained via the auth endpoints
- API Key - Generated in the dashboard or via CLI
curl -H "Authorization: Bearer YOUR_TOKEN" \
https://api.surestage.com/v1/instances
See Authentication for details.
Services
The API is organized across multiple microservices:
| Service | Port (Local) | Description |
|---|---|---|
| Identity Service | 3001 | Authentication, users, roles, permissions |
| Organization Service | 3002 | Companies, API keys, SSO, audit logs |
| Mock Engine Service | 3003 | Instances, routes, responses, mock state |
| AI Service | 3004 | AI-powered features |
| Collections Service | 3005 | Route collections and library |
| Platform Service | 3006 | Systems, compliance, tasks, templates |
| Proxy Service | 3007 | Proxy configs, recording, replay |
| Protocol Server Service | 3008 | Multi-protocol support |
Response Format
All API responses use a standard envelope:
{
"success": true,
"data": { ... },
"meta": {
"timestamp": "2026-02-15T12:00:00Z",
"requestId": "req_abc123"
}
}
Error Responses
{
"success": false,
"error": {
"code": "RESOURCE_NOT_FOUND",
"message": "Instance not found",
"details": {}
},
"meta": {
"timestamp": "2026-02-15T12:00:00Z",
"requestId": "req_abc123"
}
}
See Error Codes for the complete list.
Rate Limits
API requests are rate-limited per plan:
| Plan | Rate Limit |
|---|---|
| Free | 60 requests/minute |
| Pro | 300 requests/minute |
| Enterprise | 1000 requests/minute |
See Rate Limits for details.
Interactive API Explorer
Each service's Swagger UI is available in non-production environments:
http://localhost:<port>/api/docs
SDKs & Tools
- CLI - Installation guide
- OpenAPI Specs - Download from each service's docs page