What this API gives you
You can use the API to:- register monitored assets with coordinates and metadata
- evaluate nearby or relevant events into threats
- fetch grouped incidents built from those threats
- configure alert rules and consume triggered alerts
- generate threat, incident, and landscape reports
- access the wider events intelligence layer for maps and analytics
Internal-to-external mapping
| Internal Intrace concept | External API concept |
|---|---|
case_id | removed from public API |
investigation_id | removed from public API |
| case assets | assets |
| events investigation threat feed | threats |
| physical alert rules | alert rules |
| aggregate monitor / case event intelligence | event intelligence endpoints |
Base URL
Resource families
Assets
Assets are the things you want monitored. In the first external version, the physical monitoring workflow is centered on locatable assets such as:facilityresidence
Threats
Threats are not raw event rows. They are evaluated, asset-relevant records produced by the monitoring pipeline. A threat can include:- severity and status
- risk scoring fields
- source attributions
- linked or affected assets
- development/version history summaries
Events
Events are the broad intelligence layer. Use them for:- background event search
- map rendering
- heatmaps and country summaries
- point inspection and vector tiles
Design principles
- Tenant-scoped — API key scope replaces internal case and investigation references
- Asset-first — monitoring begins from registered assets and their radius/config
- Two layers — asset-linked threat feed plus full event-intelligence layer
- Operational workflows — alerts, incidents, and reports exposed directly