# API usage

### Access the online documentation

{% embed url="<https://ca-api-doc.pages.dev>" %}

### Enable the documentation locally

Enable debug mode

```sh
export DJANGO_DEBUG=True
```

Start the backend server (make sure that dependencies are installed):

```shell
python3 manage.py runserver
```

Access the swagger documentation here:

<http://127.0.0.1:8000/api/schema/swagger/>

Or redoc format here:

{% embed url="<http://127.0.0.1:8000/api/schema/redoc/>" %}

### Interacting with the API

* Start by creating a PAT, instructions here[generating-a-pat](https://intuitem.gitbook.io/ciso-assistant/integration/generating-a-pat "mention")
* Use this token to form your Authorization header, it needs to be as follows:

`Authorization: Token <your_token>`

Then you can use with any rest client or within your application or script:

<figure><img src="https://217025809-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FUJGpmCYDFJNsz2CDasSm%2Fuploads%2FW8BE7rworByy2AZTVsp6%2Fimage.png?alt=media&#x26;token=0007b920-4689-4455-a561-924e9ee6cdcf" alt="Example with Bruno (Postman alternative)"><figcaption><p>Example with Bruno (Postman alternative)</p></figcaption></figure>

Or with curl:<br>

```sh
curl --request GET \
  --url http://127.0.0.1:8000/api/assets/ \
  --header 'authorization: Token a6a120f....'
```

#### Notes

* make sure to add the trailing slash '/'
* your endpoint is your instance URL. If the proxy settings are the default ones, it will be the same url but with /api/ (in which case you don't need to add it)
* Pro SaaS users need to open a support request to expose the API on their instance. It's disabled by default.