Authentication
API calls use bearer tokens. Generate tokens in your project settings.
- read scope for read-only access.
- full scope for write access.
Authorization: Bearer <TOKEN>
Base URL
https://wafdog.com/api/v3
Endpoint catalog
| Method | Path | Scope | Description |
|---|---|---|---|
| GET | /project | read | Project metadata, alerts, and metrics. |
| GET | /project/applications | read | List applications in the active project. |
| GET | /project/applications/{application} | read | Application detail with checks. |
| GET | /project/applications/lookup?hostname=example.com | read | Return (or create) the public share link for a host. |
| POST | /project/applications/{application}/public-share | read | Create a public share link if missing. |
| POST | /project/applications/{application}/public-share/shuffle | full | Rotate the public share link. |
| POST | /project/applications | full | Create a new application. |
| PATCH | /project/applications/{application} | full | Update an application. |
| DELETE | /project/applications/{application} | full | Delete an application and its checks. |
Example: list applications
curl -H "Authorization: Bearer YOUR_TOKEN" \ -H "Accept: application/json" \ https://wafdog.com/api/v3/project/applications
Example: create application
curl -X POST \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
https://wafdog.com/api/v3/project/applications \
-d '{"hostname":"example.com","name":"Example"}'
Example response: lookup public share
{
"data": {
"id": "af8e30c9-...",
"hostname": "example.com",
"public_share_url": "https://wafdog.com/applications/share/....",
"public_share_token_created_at": "2025-10-15 21:49:33",
"checks_count": 4
},
"meta": []
}
Errors and best practices
- 401 Token missing or expired.
- 403 Scope lacks permission for the endpoint.
- 404 Unknown application or resource.
- 422 Validation error (missing or invalid fields).