Admin APIs
Admin APIs are designed for platform administration and system management. These APIs provide comprehensive functionality for managing the entire Weir AI platform, including organizations, users, platforms, and system-wide operations.Authentication
Admin APIs use bearer token authentication with admin privileges.Admin Authentication
Authenticate with admin credentials to get admin access tokens.
Use Admin Token
Include the admin access token in the Authorization header for all requests.
Manage System
Use admin tokens to perform system-wide administrative operations.
Available Endpoints
Authentication
- Admin Login: Administrative user authentication
- Token Management: Admin token generation and refresh
Organization Management
- Get Organizations: Retrieve all organizations
- Organization Details: Get detailed organization information
- Organization Settings: Manage organization configurations
User Administration
- User Management: System-wide user administration
- User Roles: Manage user roles and permissions
- User Settings: Configure user preferences and settings
Platform Administration
- Platform Management: System-wide platform administration
- Platform Settings: Manage platform configurations
- Platform Monitoring: Monitor platform performance and usage
System Management
- Pod Management: Create and manage system pods
- System Settings: Configure system-wide settings
- System Monitoring: Monitor system performance and health
Logging & Monitoring
- System Logs: Access comprehensive system logs
- Audit Logs: Review audit trails and system activities
- Performance Metrics: Monitor system performance and usage
Rate Limits
Admin APIs have the following rate limits:Authentication
- Admin Login: 10 requests per minute per IP
- Token Refresh: 30 requests per minute per admin
- Token Management: 50 requests per minute per admin
API Requests
- General Endpoints: 500 requests per minute per admin
- Burst Limit: 1000 requests per 5-minute window
Common Headers
All Admin API requests require these headers:Bearer token for admin authentication. Format:
Bearer YOUR_ADMIN_ACCESS_TOKENContent type for request body. Use
application/json for JSON payloads.Error Handling
Admin APIs return standard HTTP status codes and error responses:400 Bad Request
400 Bad Request
Invalid request parameters, missing required fields, or validation errors.
401 Unauthorized
401 Unauthorized
403 Forbidden
403 Forbidden
Valid authentication but insufficient admin permissions.
404 Not Found
404 Not Found
Requested resource not found or admin doesn’t have access to it.
409 Conflict
409 Conflict
Resource conflict, such as trying to create a duplicate resource.
429 Too Many Requests
429 Too Many Requests
Rate limit exceeded. Check rate limit headers for retry information.
500 Internal Server Error
500 Internal Server Error
Server-side error. Contact support if the issue persists.
Security Considerations
Access Control
Access Control
- Implement multi-factor authentication for admin access
- Use role-based access control for different admin functions
- Regularly audit admin access and permissions
- Implement session timeout for admin sessions
Data Protection
Data Protection
- Encrypt sensitive data in transit and at rest
- Implement data masking for sensitive information
- Use secure logging practices
- Implement data retention policies
Audit & Monitoring
Audit & Monitoring
- Log all admin operations and access
- Monitor for suspicious admin activities
- Implement real-time alerting for critical operations
- Regular security audits and penetration testing
Best Practices
Token Management
Token Management
- Implement automatic token refresh before expiration
- Store admin tokens securely with additional encryption
- Use different admin tokens for different environments
- Implement token rotation for enhanced security
Request Optimization
Request Optimization
- Cache responses when possible to reduce API calls
- Use pagination for large datasets
- Implement retry logic with exponential backoff
- Monitor rate limit headers to avoid hitting limits
Error Handling
Error Handling
- Implement comprehensive error handling for all admin operations
- Provide clear error messages to administrators
- Log errors for debugging without exposing sensitive information
- Handle network failures and timeouts gracefully
Security
Security
- Always use HTTPS for all admin API requests
- Validate and sanitize all input parameters
- Implement proper CORS policies for admin interfaces
- Use secure storage for admin authentication tokens
Getting Started
Admin Authentication
Use the admin authentication endpoint to get admin access tokens.
Explore Endpoints
Browse the available admin endpoints based on your administrative needs.
Test Operations
Use the provided examples to test your admin operations.
Implement Security
Implement proper security measures and access controls.
Integration Examples
Admin Operations
Build administrative tools for system management and monitoring.
System Monitoring
Create system monitoring dashboards and alerting systems.
User Administration
Build user administration interfaces for system-wide user management.
Platform Management
Create platform administration tools for system-wide platform management.
Compliance and Auditing
Audit Logging
Audit Logging
- Log all admin operations with timestamps and user information
- Implement comprehensive audit trails for compliance
- Monitor and alert on critical administrative actions
- Regular audit log review and analysis
Data Privacy
Data Privacy
- Implement data privacy controls and access restrictions
- Use data masking for sensitive information
- Implement data retention and deletion policies
- Regular privacy impact assessments
Security Compliance
Security Compliance
- Implement security controls and monitoring
- Regular security assessments and penetration testing
- Compliance with industry security standards
- Incident response and security breach procedures