Our API
The Lumturio API is organized around REST.
Our API is designed to have predictable, resource-oriented URLs and to use HTTP response codes to indicate API errors.
JSON will be returned in all responses from the API, including errors.
You authenticate to the Lumturio API by providing your secret API key in the request. You can manage your API keys from your account.
All API requests must be made over HTTPS. Calls made over plain HTTP will fail.
API Authentication
To authenticate will you need to provide the following header:
X-API-TOKEN: <Your-Api-Key>
The token can be found in your account under settings in the tab 'API Key'.
Below you can find a working PHP example:
<?php
DEFINE('API_URL', "https://app.lumturio.com/api/");
DEFINE('API_TOKEN', "<Your-Api-Key>");
$result = callApi("/site.getsites");
if($result->ok == true) {
$sites = $result->items;
foreach($sites as $site) {
if($site->need_engine_update == 1) {
echo $site->site_url;
}
}
}
function callApi($path) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, API_URL . $path);
curl_setopt($ch, CURLOPT_VERBOSE, false); // enable this to debug
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); // leave this to true to avoid man in the middle attacks
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true); // leave this to true to avoid man in the middle attacks
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-API-TOKEN:' . API_TOKEN));
return json_decode(curl_exec($ch));
}
?>
If the example above is not working and after enabling the CURLOPT_VERBOSE option you get the following warning
* SSL certificate problem: unable to get local issuer certificate
This error by OpenSSL means the program was unable to verify the issuer of the certificate or the topmost certificate of a provided chain. To resolve this you can specify a more recent database of trusted root certificates.
curl_setopt($ch, CURLOPT_CAINFO, 'cacert.pem');
You can download a cacert.pem file generated from mozilla.org from here, or provide your own.
The Site object
Our Sites object is easy to use and lets you assess essential information at a glance: number of websites, outstanding security updates, outstanding module updates or Drupal core updates.
GET site.getsites
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.getsites
Output:
POST site.addsite
Usage:
curl --header "X-API-TOKEN:Your-Token" --data "param1=value1¶m2=value2" https://app.lumturio.com/api/site.addsite
Output:
POST site.set/:site_id/settings
Usage:
curl --header "X-API-TOKEN:Your-Token" --data "param1=value1¶m2=value2" https://app.lumturio.com/api/site.set/<your_site_id>/settings
Output:
GET site.get/:site_id
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.get/<your_site_id>
Output:
GET site.scan/:site_id
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.scan/<your_site_id>
Output:
GET site.scansites
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.scansites
Output:
GET site.get/:site_id/module/:module_name
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.get/<your_site_id>/module/<selected_module_shortname>
Output:
GET site.get/:site_id/history
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.get/<your_site_id>/history
Output:
GET site.get/:site_id/crawlstats
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/site.get/<your_site_id>/crawlstats
Output:
The Module object
The module ibect is the entry point to all information related to your websites’ modules. On this page you can search and filter using a free text field, or you can select to filter information for actively maintained, actively developed or unsupported modules.
The module usage stats are very powerful. As an example, the module usages stats allow you to see on how many websites you are using a particular module, whether that module is actively maintained, still in development or unsupported, and what the different versions of the module across your installations are.
GET module.getmodules
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/module.getmodules
Output:
GET module.get/:modulename
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/module.get/<module_short_name>
Output:
The Trigger object
Our instant notification feature is a powerful customization tool that allows you to set your own notification triggers for each of your websites, based on events you wish to monitor. This can be a feature or security update on a certain module, all modules or Drupal core.
GET trigger.gettriggers
Usage:
curl --header "X-API-TOKEN:Your-Token" -X GET https://app.lumturio.com/api/trigger.gettriggers
Output:
POST trigger.add
Usage:
curl --header "X-API-TOKEN:Your-Token" --data "param1=value1¶m2=value2" https://app.lumturio.com/api/trigger.add
Parameters
'action','site_id','module_short_name','notify_email'
Output:
POST trigger.remove
Usage:
curl --header "X-API-TOKEN:Your-Token" --data "param1=value1¶m2=value2" https://app.lumturio.com/api/trigger.remove
Parameters:
'trigger_id'
Output:
The Security object
we subscribe to all available mailing lists, workgroups, IRC channels and available security information. This guarantees that we can filter out the noise and only report actionable security tasks to you.
GET security.getadvisory
Usage:
curl --header "X-API-TOKEN:Your-Token" --data "param1=value1¶m2=value2" https://app.lumturio.com/api/security.getadvisory
Output: