API Reference
Maintained by: Aether365 Team Audience: Developers and DevOps engineers Scope: Aether365 REST API overview, base URL, and response format
The Aether365 API allows you to programmatically access scan data, trigger scans, manage tenants, and drive AI Pilot - generating, reviewing and applying automated remediation, reading identity-risk signals, and hardening policies.
Endpoint groups
| Area | What it covers |
|---|---|
| Scans | Trigger and list compliance and exposure scans |
| Results | Read individual scan findings |
| AI Pilot | Generate, review and apply automated remediation plans |
| Threat Alerts | Identity-risk signals and one-click user containment |
| Policies | Read policy posture and harden allow-listed policies |
| Tenants | Read and update tenant profile |
| Connections | Manage connected Microsoft 365 tenants |
| Scheduled Scans | Automate recurring scans |
Base URL
https://api.aether365.ioAll endpoints are relative to this base URL.
Authentication
The API uses Bearer token authentication. Include a valid JWT token in the Authorization header of every request:
Authorization: Bearer <token>Tokens are issued by Aether365's authentication system. See Authentication for details on obtaining a token.
Response Format
All API responses use a consistent JSON structure.
Success Response
json
{
"success": true,
"data": {}
}For list endpoints:
json
{
"success": true,
"data": [],
"meta": {
"total": 142,
"page": 1,
"limit": 20
}
}For action endpoints (trigger, delete):
json
{
"success": true,
"data": null
}Error Response
json
{
"success": false,
"error": {
"code": "ERROR_CODE",
"message": "Human-readable description",
"details": {}
}
}HTTP Status Codes
| Code | Meaning |
|---|---|
200 | Success |
201 | Resource created |
400 | Invalid request - missing or malformed parameters |
401 | Authentication required or token invalid |
403 | Access denied - tenant isolation violation |
404 | Resource not found |
409 | Conflict - for example, a scan is already running |
429 | Plan limit reached |
500 | Internal server error |
Error Codes
| Code | Description |
|---|---|
AUTH_MISSING_TOKEN | Authorization header not present |
AUTH_INVALID_TOKEN | Token could not be verified |
AUTH_EXPIRED_TOKEN | Token has expired |
TENANT_NOT_FOUND | Tenant does not exist |
TENANT_NOT_CONNECTED | Microsoft consent not completed |
SCAN_NOT_FOUND | Scan ID does not exist |
SCAN_ALREADY_RUNNING | A scan is already in progress for this tenant |
SCAN_PLAN_LIMIT_REACHED | Scan quota for the current plan is exhausted |
VALIDATION_ERROR | Request body or query parameters are invalid |
INTERNAL_ERROR | Unexpected server error |
Rate Limits
The API is rate-limited to 120 requests per minute. Exceeding the rate limit returns 429 Too Many Requests. The Retry-After header indicates how many seconds to wait before retrying.