REST API

General Information

The MyCRT REST API is split into five sections: Users, Environments, Captures, Replays, and Granting Environment Permissions. The entire API uses JSON for both requests and responses.

Permissions

Every request requires authentication, and will result in errors if the authentication fails to be met. Four main levels of permissions can be found below.

Permission	Description
Must be logged in	The user must be both registered and logged into the system before making the request.
Must be a member of the environment	The user making the request must either be the environment administrator or have been granted access to the environment from an environment administrator.
Must be an admin of the environment	The user making the request must be an environment administrator. Environment admins include the environment creator, and any other users that have been granted admin privileges by the creator.
Must be the owner of the capture or replay	The user making the request must be the owner of the capture or replay resource. The owner of the resource is always the user who created the capture or replay.

The following errors will be returned if a request is made by a user who is not logged in or if the user does not have permission to view a requested capture, replay, or environment.

Error Response for Requests Made By Users Without Permission to Access

401 UNAUTHORIZED

{
    "code": 401,
    "message": "user does not have access"
}

Error Response for Requests Made Without User Logged In

403 FORBIDDEN

{
    "code": 403,
    "message": "login required"
}