API Documentation

Developer documentation for integrating with Insider Risk Index APIs

Overview

Base URL

https://insiderisk.io

Response Format

All API responses are in JSON format unless otherwise specified.

Rate Limiting

Public endpoints: 60 requests per minute
Authenticated endpoints: 120 requests per minute

Authentication

Most endpoints are public. Admin endpoints require API key authentication viaX-API-Key header.

Endpoints

GET

/api/glossary

Retrieve all glossary terms

Response

{
  "terms": [
    {
      "id": "string",
      "term": "string",
      "slug": "string",
      "definition": "string",
      "category": "string",
      "difficulty": "string",
      "pillarRelevance": ["string"],
      "relatedTerms": ["string"]
    }
  ]
}

GET

/api/glossary/[slug]

Get a specific glossary term by slug

Path Parameters

slug(string)- URL-friendly term identifier

Response

{
  "term": {
    "id": "string",
    "term": "string",
    "slug": "string",
    "definition": "string",
    "category": "string",
    "difficulty": "string",
    "pillarRelevance": ["string"],
    "relatedTerms": ["string"],
    "sources": ["string"]
  }
}

GET

/api/matrix

Fetch Insider Threat Matrix data

Response

{
  "techniques": [
    {
      "id": "string",
      "title": "string",
      "description": "string",
      "category": "motive | coercion | manipulation",
      "preventions": [...],
      "detections": [...],
      "pillarMapping": {...}
    }
  ],
  "lastUpdated": "ISO 8601 timestamp"
}

POST

/api/matrix/sync

Required (Admin)

Synchronize Matrix data from ForScie repository

Response

{
  "success": true,
  "message": "Matrix data synchronized",
  "techniques": 50,
  "timestamp": "ISO 8601 timestamp"
}

GET

/api/matrix/techniques

Search and filter Matrix techniques

Query Parameters

category(string)- Filter by category (motive/coercion/manipulation)

pillar(string)- Filter by pillar relevance

search(string)- Search term for title/description

Response

{
  "techniques": [...],
  "total": 50,
  "filtered": 12
}

GET

/api/matrix/analysis/[pillar]

Get pillar-specific Matrix analysis

Path Parameters

pillar(string)- Pillar ID (visibility/coaching/evidence/identity/phishing)

Response

{
  "pillar": "string",
  "techniques": [...],
  "recommendations": [...],
  "statistics": {
    "totalTechniques": 15,
    "byCategory": {...}
  }
}

POST

/api/generate-pdf

Generate PDF reports from assessment results

Request Body

{
  "type": "board-brief | detailed",
  "assessmentId": "string",
  "data": {
    "scores": {...},
    "recommendations": [...],
    "organizationData": {...}
  }
}

Response

Binary PDF data (application/pdf)

GET

/api/pdf/[type]/[id]

Generate and download PDF report

Path Parameters

type(string)- Report type (board-brief/detailed)

id(string)- Assessment ID

Response

Binary PDF data (application/pdf)

GET

/api/og

Generate Open Graph images

Query Parameters

title(string)- Page title

description(string)- Page description

score(number)- Risk score (0-100)

Response

Binary PNG image (image/png)

GET

/api/sitemap

Generate XML sitemap

Response

<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
  <url>
    <loc>https://insiderisk.io/</loc>
    <lastmod>2025-01-27</lastmod>
    <changefreq>weekly</changefreq>
    <priority>1.0</priority>
  </url>
  ...
</urlset>

GET

/api/rss

RSS feed for research articles

Response

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0">
  <channel>
    <title>Insider Risk Index Research</title>
    <link>https://insiderisk.io/research</link>
    <description>Latest research and insights</description>
    <item>...</item>
  </channel>
</rss>

POST

/api/contact

Submit contact form

Request Body

{
  "name": "string",
  "email": "string",
  "organization": "string (optional)",
  "message": "string",
  "type": "general | support | partnership"
}

Response

{
  "success": true,
  "message": "Thank you for contacting us"
}

Error Codes

400

Bad Request - Invalid parameters

401

Unauthorized - Missing or invalid API key

404

Not Found - Resource doesn't exist

429

Too Many Requests - Rate limit exceeded

500

Internal Server Error

Example Usage

Fetch Glossary Terms (JavaScript)

fetch('https://insiderisk.io/api/glossary')
  .then(response => response.json())
  .then(data => {
    console.log(`Found ${data.terms.length} glossary terms`);
    data.terms.forEach(term => {
      console.log(`- ${term.term}: ${term.definition.substring(0, 50)}...`);
    });
  })
  .catch(error => console.error('Error:', error));

Generate PDF Report (Python)

import requests

# Generate a board brief PDF
response = requests.get(
    'https://insiderisk.io/api/pdf/board-brief/assessment123'
)

if response.status_code == 200:
    with open('board_brief.pdf', 'wb') as f:
        f.write(response.content)
    print('PDF saved successfully')
else:
    print(f'Error: {response.status_code}')

Search Matrix Techniques (cURL)

curl -X GET "https://insiderisk.io/api/matrix/techniques?category=manipulation&pillar=phishing" \
  -H "Accept: application/json"

Need Help?

For API support, feature requests, or to report issues:

• Email: [email protected]
• GitHub Issues: Report an issue
• Contact Form: Send us a message

← Back to Home