API
Anchor is API-first. UI workflows and automation use the same control-plane concepts: users, scopes, resources, accounts, policies, jobs, logs, posture signals, and Anchor Connect sessions.
The examples in this section are representative integration patterns. Endpoint details can vary by product version, but the operating model stays consistent: authenticate, act against scoped objects, trigger controlled workflows, and read structured evidence.
API domains
Section titled “API domains”- Authentication.
- Resources.
- Policies.
- Logs.
- Posture and audit evidence.
- Anchor Connect workflows.
Authentication example
Section titled “Authentication example”curl -sS -X POST "$ANCHOR_API/auth/login" \ -H "Content-Type: application/json" \ -d '{ "username": "admin", "password": "replace-with-secure-password" }'Representative response:
{ "access_token": "eyJ...", "token_type": "Bearer", "expires_at": "2026-05-06T14:00:00Z"}Use the returned bearer token for subsequent calls:
curl -sS "$ANCHOR_API/resources" \ -H "Authorization: Bearer $ANCHOR_TOKEN"Integration posture
Section titled “Integration posture”Use these pages to understand the automation shape. For implementation work, match endpoint details to the Anchor version in your environment.