CloudRebuild
CSP Portal
Overview
  • Dashboard
  • Customers
  • Onboard
  • Users
Management
  • Billing
  • Price Book
  • Resources
  • SaaS Workloads
  • Usage
  • Integrations
  • Integration Health
  • ERP Modules
Governance
  • Notifications
  • Alerts
  • Audit Log
  • Security
System
  • Catalog Admin
  • API Docs
API Docs
System healthy

API Documentation

Service-to-service and admin API reference for CloudRebuild CSP.

Authentication

Service routes require either:

  • Bearer JWT (Authorization: Bearer <jwt>) signed with CSP_SERVICE_JWT_SECRET
  • HMAC-signed request with headers X-CSP-Client-Id, X-CSP-Timestamp, X-CSP-Signature

Admin routes require an HTTP-only cookie session (csp_admin_session) obtained via POST /api/admin/auth/login.

License & Entitlements

POST/api/license/validateService JWT or HMAC

Validate a license decision for a resource action. Returns allowed/warning/blocked with reason.

GET/api/entitlements/{customer_id}/{tenant_id}Service JWT or HMAC

Retrieve all feature entitlements for a tenant. Returns enabled/disabled map.

Usage

POST/api/usage/updateService JWT or HMAC

Record incremental usage for a metric. Triggers threshold checks and notifications.

POST/api/usage/reconcileService JWT or HMAC

Push authoritative usage snapshot from downstream. Reconciles used_quantity against licenses.

Customer Onboarding

POST/api/customers/onboardService JWT or HMAC

Create customer, tenant, licenses, features, and super admin atomically.

POST/api/admin/customers/onboardAdmin session

Admin portal wrapper for customer onboarding with full provisioning.

Admin

GET/api/admin/customersAdmin session

List all customers with tenant/license/invoice counts.

GET/api/admin/billing/{customer_id}Admin session

Generate or retrieve invoice draft for a customer. Supports PDF, CSV, XLSX export.

GET/api/admin/auditAdmin session

Query audit logs. Filter by action, customer_id, and time range.

GET/api/admin/resource-catalogAdmin session

List cloud resource types. PATCH to toggle backup/restore/DR support.

GET/api/admin/saas-workloadsAdmin session

List SaaS workload types. PATCH to toggle support.

GET/api/admin/usageAdmin session

Browse usage records with filters.

GET/api/admin/usersAdmin session

List CSP users. PATCH role/status, PUT resend invite, DELETE reset password.

GET/api/admin/alertsAdmin session

View dispatched threshold alert history.

GET/api/admin/licensesAdmin session

List licenses. PATCH thresholds (warning/critical/buffer %).

GET/api/admin/integrationsAdmin session

Manage service-to-service integration tokens.

Auth

POST/api/admin/auth/loginNone

Admin password login. Returns JWT session cookie or MFA challenge.

POST/api/admin/auth/mfa/verifyNone

Verify TOTP code or recovery code to complete login.

POST/api/admin/auth/logoutAdmin session

Clear admin session cookie.

POST/api/admin/auth/accept-inviteNone

Accept invitation and set initial password.