Edit on GitHub

Azion API is a RESTful API, based on HTTPS requests, which allow you to integrate your systems with our platform in a simple, fast and secure way.

This technical documentation is aimed at clients and developers. Here you will find instructions on how the API works and what features are available. This document is constantly updated and we recommend that you check it before any doing any development on your application, even if you are already familiar with our API.

  1. First steps
  2. Endpoints

1. First steps

Both HTTPS requests and responses must be in JavaScript Object Notation (JSON) format. All HTTPS requests and responses must follow these conventions.

Base URL

The base URL of the API, which must be used is:


HTTP Methods

Each HTTP method defines the type of operation that will be run.

HTTP Method CRUD Whole Collection (e.g. /items) Specific Item (e.g. /items/:item_id)
GET Read It retrieves the list of items in a Collection. It retrieves a specific item in a Collection.
POST Create It creates a new item in the Collection. -
PUT Update/Replace It replaces a whole Collection with a new one. It replaces an item in a Collection with a new one.
PATCH Update/Modify It partially updates a Collection. It partially updates an item in a Collection
DELETE Delete It deletes a whole Collection. It deletes an item in a Collection.

Status Codes

The HTTP return code defines the status – successful or not – after the requested operation is run.

Status Code Meaning
200 OK General Status for a successful operation.
201 CREATED Successfully created a collection or item, by means of POST or PUT.
204 NO CONTENT Successful operation, but without any content to be return to the Body. Generally used for DELETE or PUT operations.
207 MULTI-STATUS A batch of operations were triggered by a single request, which resulted in different return codes when it was run, for some of the operations. The codes are displayed in the “status” field, in the body of the response, for each sub-batch of operations for whichever are applicable.
400 BAD REQUEST Request error, such as invalid parameters, missing mandatory parameters or others.
401 UNAUTHORIZED Error caused by a missing HTTP Authentication header.
403 FORBIDDEN User does not have the permissions to run the requested operation.
404 NOT FOUND The requested resource does not exist.
405 METHOD NOT ALLOWED The requested method is not applicable with the URL.
406 NOT ACCEPTABLE Accept header missing from the HTTP request or the header contains formatting or the version is not supported by the API.
409 CONFLICT Conflict generated in running the request, such as a request to create an already existing record.
429 TOO MANY REQUESTS The request was temporarily rejected, due to exceeding the limit on operations. Wait for the time defined in the X-Ratelimit-Reset header and try again.
500 INTERNAL SERVER ERROR Unintentional error, due to an unidentified failure in the request process.

HTTP Headers

All requests must be generated with the HTTP header specifying the desired code format for responses and the API version used. The current version of the API is 3 and the format is application/json.

Accept: application/json; version=3

Rate Limit

The limit of operations that can be run via the API is defined by 3 HTTP response headers:

  • X-ratelimit-limit: number of operations allowed in one time-frame;
  • X-ratelimit-remaining: number of operations still available in one time-frame;
  • X-ratelimit-reset: is the date and time, in IOS 8601 format, which represents the point in the future when the time-frame will be closed and when the limits will, therefore, be reset.

Example of HTTP response headers and a request:

Date: Thu, 02 Nov 2017 12:30:28 GMT
X-ratelimit-remaining: 199
X-ratelimit-limit: 200
X-ratelimit-reset: 2017-11-02T12:31:28.675446

In the example provided, 200 operations are allowed within a 1-minute time frame. Of those, there are 199 still available, because one has already been run. The total limit will be reset after 1 minute.

When the X-ratelimit-limit is reached, or in other words, when the X-ratelimit-remaining reaches zero, the API will give the error, HTTP 429 TOO MANY REQUESTS. If your application receives this error, you will need to wait until the time defined in X-ratelimit-reset has passed, to make another request.

Optional Parameters

In version 3, it is possible to include some optional parameters as part of the GET method, which can help and modify the form in which your data will be returned.

You can combine these parameters to get the result you want.

They are:

Parameter Description Accepted values:
order_by Identifies which field the return should be sorted by. The default ordering is ascending. Depends on the fields available from the endpoint structure
sort Defines which ordering to be used: ascending or descending. asc

page Identifies which page should be returned, if the return is paginated. The default value is 1. Page number.
page_size Identifies how many items should be returned per page. The default value is 10. Desired number of items.

Request Exemplo

You can use one parameter, or a combination. See the example below, which uses all of them in the same request.

GET /domains?order_by=name&page_size=20&sort=desc&page=3
Accept: application/json; version=3
Authorization: token 2909f3932069047f4736dc87e72baaddd19c9f75

2. Endpoints

The endpoints define the function available in the API.

You must begin by creating an Authentication Token, so you can then use the functions available.


Digital Certificates


Edge Applications

Didn’t find what you were looking for? Open a ticket.