Developer Documentation
API Reference
The Novastraxis REST API gives you programmatic access to compute, networking, data mesh, threat analytics, observability, IAM, and compliance. All endpoints use JSON over HTTPS.
https://api.novastraxis.comAuthentication
All API requests require a valid API key. Keys are scoped to specific permissions and can be rotated at any time without downtime. Novastraxis supports two authentication methods:
API Key (Bearer Token)
Pass your key in the Authorization header. Recommended for server-to-server integrations.
Authorization: Bearer nsx_live_...OAuth 2.0 + OIDC
For user-context operations and SSO integrations. Supports PKCE flow for public clients and client_credentials for services.
POST /oauth/tokenGenerate an API key
Navigate to Settings → API Keys in the Novastraxis Console, or use the CLI: nsx api-keys create --name my-key --scopes compute,network,data
Authenticate requests
Include your API key in the Authorization header of every request. All API requests must be made over HTTPS — HTTP requests are rejected.
curl -H "Authorization: Bearer nsx_live_a1b2c3d4e5f6..." \
https://api.novastraxis.com/v2/compute/instancesHandle rate limits
The API enforces rate limits per key: 1,000 requests/minute for standard keys, 10,000/minute for enterprise keys. Rate limit headers are included in every response.
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 847
X-RateLimit-Reset: 1714089600Rate Limits & Quotas
Standard API keys: 1,000 req/min. Enterprise keys: 10,000 req/min. Burst allowance up to 2x for 10-second windows. If you exceed limits, the API returns 429 Too Many Requests with a Retry-After header.
Endpoints
All endpoints are versioned under /v2. The v1 API was deprecated in January 2026 and will be removed in July 2026.
Compute
/v2/compute/instancesList all compute instances in your organization. Supports filtering by region, status, and tags. Returns paginated results (max 100 per page).
Parameters
region, status, tags, page, per_page
Example Response
{ "instances": [...], "total": 142, "page": 1 }/v2/compute/instancesProvision a new compute instance. Specify machine type, region, networking config, and optional startup scripts. Instance is available within 90 seconds.
Parameters
machine_type, region, network_id, image_id, startup_script
Example Response
{ "instance": { "id": "nsx-i-8f3a2b", "status": "provisioning" } }/v2/compute/instances/{id}Terminate a compute instance. Attached storage volumes are preserved unless force_delete=true. Triggers a final snapshot by default.
Parameters
force_delete, skip_snapshot
Example Response
{ "status": "terminating", "final_snapshot_id": "snap-9c4d1e" }Networking
/v2/network/vpcsList all Virtual Private Clouds. Each VPC includes its CIDR range, attached subnets, peering connections, and zero-trust policy status.
Parameters
region, include_subnets
Example Response
{ "vpcs": [...], "total": 12 }/v2/network/firewall-rulesCreate a zero-trust firewall rule. Rules are identity-aware and support L3/L4/L7 matching. Changes propagate globally within 30 seconds.
Parameters
vpc_id, direction, protocol, ports, source_identity, action
Example Response
{ "rule": { "id": "fw-7b2e9a", "status": "active", "propagation": "complete" } }Data Mesh
/v2/data/domainsList all data domains in your mesh. Each domain includes ownership info, schema count, data product catalog, and SLA compliance metrics.
Parameters
owner_team, include_products
Example Response
{ "domains": [...], "total": 8 }/v2/data/queriesExecute a federated query across data domains. The query engine routes to the optimal domain replicas and enforces column-level access policies.
Parameters
sql, domains, timeout_ms, consistency_level
Example Response
{ "query_id": "q-5f8a1c", "status": "running", "estimated_ms": 1200 }Threat Analytics
/v2/threats/alertsList active threat alerts across your infrastructure. Includes severity scoring (CVSS 4.0), affected resources, recommended remediation, and MITRE ATT&CK mapping.
Parameters
severity, status, resource_id, mitre_technique, since
Example Response
{ "alerts": [...], "total": 23, "critical": 2, "high": 7 }/v2/threats/scanTrigger an on-demand vulnerability scan against specified resources. Scans complete within 5 minutes for most environments. Results feed into the threat dashboard.
Parameters
resource_ids, scan_type, include_dependencies
Example Response
{ "scan_id": "sc-3e7b2f", "status": "queued", "estimated_duration_s": 180 }Observability
/v2/observability/queryQuery metrics, logs, and traces using NovaQL (Novastraxis Query Language). Supports time-series aggregations, log pattern matching, and distributed trace correlation.
Parameters
query, time_range, step, format
Example Response
{ "result_type": "matrix", "data": [...], "stats": { "rows_scanned": 14200000 } }Identity & Access
/v2/iam/service-accountsList all service accounts. Includes assigned roles, last authentication timestamp, key rotation status, and associated workload identities.
Parameters
role, status, include_keys
Example Response
{ "service_accounts": [...], "total": 34 }Compliance
/v2/compliance/postureGet your organization's real-time compliance posture across all active frameworks (SOC 2, ISO 27001, FedRAMP High, HIPAA, PCI DSS). Returns control-level pass/fail status.
Parameters
framework, resource_scope
Example Response
{ "frameworks": [...], "overall_score": 97.3, "failing_controls": 4 }Error Codes
All errors follow a consistent JSON format with a machine-readable error_code and a human-readable message.
| Status | Code | Description |
|---|---|---|
| 400 | invalid_request | Malformed request body or missing required parameters |
| 401 | unauthorized | Missing or invalid API key |
| 403 | forbidden | Valid key but insufficient permissions for this scope |
| 404 | not_found | Resource does not exist or was deleted |
| 409 | conflict | Resource state conflict (e.g. duplicate name) |
| 429 | rate_limited | Request rate exceeded. Check Retry-After header |
| 500 | internal_error | Unexpected server error. Contact support with request ID |
| 503 | service_unavailable | Temporary outage. Retry with exponential backoff |
Ready to integrate?
Generate your first API key and start building in minutes. Our developer relations team is available for architecture reviews and integration support.