API Reference
The Munera REST API lets you build custom integrations, automate workflows, and pull data into external dashboards. All endpoints are under https://munera.cloud/api/v1 (cloud) or https://your-domain.com/api/v1 (self-hosted).
ℹ️
Authentication required
Every endpoint (except webhooks and SSO flows) requires either an
X-API-Key header or a valid session cookie. See the Authentication guide for details on creating and using API keys.Endpoint groups
AuthenticationAPI KeysTasksProjectsSprintsEngineers & TeamsAnalyticsPredictive AIIntegrationsReportsSlackEmailPush NotificationsSSO2FARoles & PermissionsAudit LogsHealth & Monitoring
Authentication
Full details in the Authentication guide →
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| POST | /auth/register | None | Register a new user |
| POST | /auth/login | None | Login and receive access + refresh tokens |
| POST | /auth/logout | User | Invalidate session and clear cookies |
| POST | /auth/refresh | Refresh token | Refresh access token |
| GET | /auth/me | User | Get current authenticated user |
| PUT | /auth/me | User | Update profile (name, email) |
| POST | /auth/change-password | User | Change password |
API Keys
Programmatic API access uses long-lived API keys scoped to your organisation. Each user can hold up to 10 active keys. Keys are hashed with Argon2 and never stored in plain text.
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| POST | /api-keys/ | User | Create API key — raw value returned once only |
| GET | /api-keys/ | User | List user's API keys (prefix + metadata) |
| DELETE | /api-keys/{id} | User | Revoke API key immediately |
Tasks
Full details in the Tasks API guide →
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /tasks | User | List tasks with filtering and pagination |
| POST | /tasks | User | Create a new task |
| GET | /tasks/{id} | User | Get a single task by ID |
| PATCH | /tasks/{id} | User | Update task fields |
| DELETE | /tasks/{id} | Admin | Delete a task |
| POST | /tasks/{id}/assign | User | Trigger AI assignment |
| POST | /tasks/{id}/analyze | User | Re-run AI skill analysis |
| POST | /tasks/{id}/status | User | Transition task status |
| POST | /tasks/{id}/dependencies | User | Add task dependency |
| DELETE | /tasks/{id}/dependencies/{dep_id} | User | Remove dependency |
Projects
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /projects | User | List projects with filters |
| POST | /projects | Manager+ | Create project |
| GET | /projects/my | User | List the current user's projects |
| GET | /projects/stats | User | Get project statistics |
| GET | /projects/{id} | User | Get project details |
| PUT | /projects/{id} | Manager+ | Update project |
| DELETE | /projects/{id} | Admin | Delete project |
| GET | /projects/{id}/stats | User | Get project task stats |
| GET | /projects/{id}/members | User | List project members |
| POST | /projects/{id}/members | Manager+ | Add member to project |
| PUT | /projects/{id}/members/{user_id} | Manager+ | Update member role |
| DELETE | /projects/{id}/members/{user_id} | Manager+ | Remove member |
Sprints
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /projects/{id}/sprints | User | List sprints for a project |
| POST | /projects/{id}/sprints | Manager+ | Create sprint |
| GET | /projects/{id}/sprints/{sid} | User | Get sprint detail |
| PUT | /projects/{id}/sprints/{sid} | Manager+ | Update sprint |
| DELETE | /projects/{id}/sprints/{sid} | Manager+ | Delete planned sprint |
| POST | /projects/{id}/sprints/{sid}/start | Manager+ | Start sprint |
| POST | /projects/{id}/sprints/{sid}/complete | Manager+ | Complete sprint |
| POST | /projects/{id}/sprints/{sid}/tasks | Manager+ | Add tasks to sprint |
| DELETE | /projects/{id}/sprints/{sid}/tasks/{tid} | Manager+ | Remove task from sprint |
| GET | /projects/{id}/sprints/{sid}/burndown | User | Burndown chart data |
| GET | /projects/{id}/velocity | User | Velocity chart data |
Engineers & Teams
Full details in the Teams API guide →
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /engineers | User | List all engineers in the organisation |
| GET | /engineers/{id} | User | Get engineer profile and workload |
| PATCH | /engineers/{id}/skills | User | Update engineer skill profile |
| PATCH | /engineers/{id}/capacity | User | Update weekly capacity hours |
| GET | /teams | view_teams | List org teams |
| POST | /teams | manage_teams | Create team |
| GET | /teams/{id} | view_teams | Get team details |
| PUT | /teams/{id} | manage_teams | Update team |
| DELETE | /teams/{id} | manage_teams | Delete team |
| GET | /teams/{id}/members | view_teams | List team members |
| POST | /teams/{id}/members | manage_teams | Add team member |
| PUT | /teams/{id}/members/{user_id} | manage_teams | Update member role |
| DELETE | /teams/{id}/members/{user_id} | manage_teams | Remove team member |
Analytics
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /analytics/team-metrics | User | Velocity, throughput, cycle time |
| GET | /analytics/workload | User | Current utilisation per engineer |
| GET | /analytics/skill-coverage | User | Skill heatmap and gap analysis |
Predictive AI
ML-powered predictions — requires analytics:read permission.
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /predictive/tasks/{task_id}/completion | analytics:read | Predict task completion time |
| GET | /predictive/teams/{team_id}/capacity | analytics:read | Forecast team capacity |
| GET | /predictive/users/{user_id}/burnout | analytics:read | Individual burnout risk score |
| GET | /predictive/teams/{team_id}/burnout | analytics:read | Team burnout summary |
| GET | /predictive/tasks/{task_id}/recommendations | analytics:read | Smart assignment recommendations |
| GET | /predictive/predictions | analytics:read | List stored predictions |
| GET | /predictive/users/{user_id}/skills | analytics:read | Skill proficiency data |
Integrations (Jira & Linear)
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /integrations | User | List org integrations |
| POST | /integrations | Manager+ | Create integration |
| GET | /integrations/{id} | User | Get integration details |
| PUT | /integrations/{id} | Manager+ | Update integration |
| DELETE | /integrations/{id} | Manager+ | Remove integration |
| POST | /integrations/{id}/test | User | Test connection |
| POST | /integrations/{id}/sync | Manager+ | Trigger full sync |
| GET | /integrations/{id}/sync/status | User | Check sync status |
| POST | /integrations/{id}/sync/task/{task_id} | User | Sync single task |
| GET | /integrations/{id}/mappings | User | List task mappings |
| POST | /integrations/{id}/mappings | User | Create manual mapping |
| DELETE | /integrations/{id}/mappings/{mid} | User | Remove mapping |
| POST | /integrations/webhooks/jira | Signature | Jira webhook receiver |
| POST | /integrations/webhooks/linear | Signature | Linear webhook receiver |
Reports & Exports
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| POST | /reports/export | User | Quick export — returns file (CSV / Excel / PDF / JSON) |
| GET | /reports/ | User | List saved report configurations |
| POST | /reports/ | User | Create saved report |
| GET | /reports/{id} | User | Get saved report |
| PUT | /reports/{id} | User | Update saved report |
| DELETE | /reports/{id} | User | Delete saved report |
| POST | /reports/{id}/run | User | Execute saved report and download |
| GET | /reports/{id}/executions | User | List execution history |
Slack Integration
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /slack/oauth/install | User | Generate Slack OAuth URL |
| GET | /slack/oauth/callback | User | Handle OAuth callback |
| GET | /slack/integration | User | Get integration status |
| DELETE | /slack/integration | Admin | Disconnect Slack |
| POST | /slack/commands | Signature | Handle slash commands |
| POST | /slack/interactive | Signature | Handle button interactions |
| POST | /slack/link | User | Link personal Slack account |
| DELETE | /slack/link | User | Unlink personal Slack account |
| GET | /slack/preferences | User | Get notification preferences |
| PUT | /slack/preferences | User | Update notification preferences |
| GET | /slack/channels | User | List channel subscriptions |
| POST | /slack/channels | Manager+ | Subscribe a channel |
| DELETE | /slack/channels/{id} | Manager+ | Unsubscribe channel |
| POST | /slack/test-message | Admin | Send test message |
Email Notifications
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /email/preferences | User | Get email notification preferences |
| PUT | /email/preferences | User | Update email notification preferences |
| POST | /email/unsubscribe | Token | Unsubscribe via token link |
| POST | /email/webhook | Signature | SendGrid delivery event webhook |
| GET | /email/queue/stats | Admin | Get email queue statistics |
| POST | /email/test | Admin | Send test email |
| POST | /email/queue/process | Admin | Manually trigger queue processing |
Push Notifications
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /push/vapid-public-key | User | Get VAPID public key for browser subscription |
| POST | /push/subscribe | User | Register push subscription |
| POST | /push/unsubscribe | User | Remove push subscription |
| POST | /push/test | User | Send test push notification |
SSO (SAML 2.0)
Supports Okta, Azure AD, Google Workspace, and OneLogin.
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /sso/check/{org_slug} | None | Check if SSO is enabled for the org |
| GET | /sso/initiate/{org_slug} | None | Redirect to Identity Provider |
| POST | /sso/callback/{org_id} | None | Handle SAML assertion from IdP |
| GET | /sso/metadata/{org_id} | None | SP metadata XML for IdP configuration |
| GET | /sso/config | Admin | Get SSO configuration |
| POST | /sso/config | Admin | Create SSO configuration |
| PUT | /sso/config | Admin | Update SSO configuration |
| DELETE | /sso/config | Admin | Delete SSO configuration |
Two-Factor Authentication
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| POST | /2fa/setup | User | Initiate 2FA setup — returns QR code |
| POST | /2fa/verify | User | Verify TOTP code and enable 2FA |
| GET | /2fa/status | User | Get 2FA status for current user |
| POST | /2fa/disable | User | Disable 2FA |
| POST | /2fa/backup-codes/regenerate | User | Regenerate backup codes |
| POST | /2fa/login/verify | Pending token | Complete login with TOTP code |
Roles & Permissions
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /roles | view_users | List org roles |
| POST | /roles | manage_roles | Create custom role |
| GET | /roles/{id} | manage_roles | Get role details |
| PUT | /roles/{id} | manage_roles | Update role |
| DELETE | /roles/{id} | manage_roles | Delete role |
| GET | /roles/{id}/users | view_users | List users with this role |
| GET | /roles/users/{id}/roles | view_users | Get user's assigned roles |
| POST | /roles/users/{id}/roles | assign_roles | Assign role to user |
Audit Logs
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /audit/logs | Admin | Query audit log (filterable by event type, user, date range) |
Health & Monitoring
| Method | Endpoint | Auth | Description |
|---|---|---|---|
| GET | /health | None | Basic health check + WebSocket count |
| GET | /health/detailed | None | DB, Redis, Celery, disk, WebSocket checks |
| GET | /health/ready | None | Readiness probe (DB + Redis) |
| GET | /health/live | None | Liveness probe — always 200 |
| GET | /monitoring/metrics/summary | Admin | JSON Prometheus metrics summary |
| GET | /monitoring/alerts | Admin | Recent alert records |
| GET | /monitoring/alerts/rules | Admin | Alert rule configuration |
| PUT | /monitoring/alerts/rules | Admin | Update alert thresholds |