UpCheck

API reference

Every endpoint, parameter, and schema. Generated from the API's OpenAPI document, so it always matches the deployed backend.

19 endpoints across 4 groups, from Upcheck API v1.0.0. Authenticate with a project API key as described in the REST API guide.

https://upcheck-api-a.rekwiem.com

Monitors

get/v1/monitors

List the caller's monitors

Responses

  • 200OK
  • 401Missing/invalid tokenError
  • 422Validation errorError
post/v1/monitors

Create a monitor

Request body · MonitorInput

FieldTypeDescription
urlstringRequired for `http` and `scheduler` monitors; omit for `heartbeat`.
namestringDefault: "Untitled"
typestringCheck type. `http` (we poll a URL to check it's up), `heartbeat` (your job pings us), or `scheduler` (we call your URL on a schedule as a trigger — 2xx = success). Other types (dns, port, ...) are planned.httpheartbeatschedulerDefault: "http"
methodstringHEAD is forced to GET when content rules are set. Schedulers reject HEAD/OPTIONS (a trigger must act) and default to POST.HEADGETPOSTPUTPATCHDELETEOPTIONSDefault: "HEAD"
interval_secintegerFloored to the plan minimum (free 300, pro 60). For heartbeat, the expected max gap between pings.
grace_secintegerHeartbeat only: extra seconds after interval_sec before 'down' (default 60).
slow_msintegerLatency ≥ this ⇒ 'slow'.Default: 1500
timeout_msintegerClamped to 1000–60000.Default: 10000
expect_statusinteger | nullExact code required; null/0 ⇒ any 2xx/3xx.
follow_redirectsbooleanFollow 3xx redirects and judge the final response. Off (default) treats a 3xx as reachable. Turning it on forces the fetch path (no connect/ttfb split).
check_sslbooleanhttps only: report a certificate/TLS failure as a distinct SSL problem instead of a generic connection error. Off by default.
check_domainbooleanLook up the domain's registration expiry via RDAP and warn before it lapses. Off by default.
content_rulesContentRule[]
request_headersHeaderInput[]
request_bodystringRequest body for write methods (POST/PUT/PATCH/DELETE) — rejected with GET/HEAD. Sent with EVERY scheduled check, so point writes at test data or a dedicated test route. application/json unless a Content-Type header is set.
fail_thresholdintegerConsecutive fails before 'down'.Default: 3
recover_thresholdintegerDefault: 1
project_idstringGroup under a project (id from /v1/projects).

Responses

  • 201CreatedMonitor
  • 401Missing/invalid tokenError
  • 403Monitor limit reachedError
  • 422Validation errorError
post/v1/monitors/test

Run one check against a draft config (nothing saved)

Request body · MonitorInput

FieldTypeDescription
urlstringRequired for `http` and `scheduler` monitors; omit for `heartbeat`.
namestringDefault: "Untitled"
typestringCheck type. `http` (we poll a URL to check it's up), `heartbeat` (your job pings us), or `scheduler` (we call your URL on a schedule as a trigger — 2xx = success). Other types (dns, port, ...) are planned.httpheartbeatschedulerDefault: "http"
methodstringHEAD is forced to GET when content rules are set. Schedulers reject HEAD/OPTIONS (a trigger must act) and default to POST.HEADGETPOSTPUTPATCHDELETEOPTIONSDefault: "HEAD"
interval_secintegerFloored to the plan minimum (free 300, pro 60). For heartbeat, the expected max gap between pings.
grace_secintegerHeartbeat only: extra seconds after interval_sec before 'down' (default 60).
slow_msintegerLatency ≥ this ⇒ 'slow'.Default: 1500
timeout_msintegerClamped to 1000–60000.Default: 10000
expect_statusinteger | nullExact code required; null/0 ⇒ any 2xx/3xx.
follow_redirectsbooleanFollow 3xx redirects and judge the final response. Off (default) treats a 3xx as reachable. Turning it on forces the fetch path (no connect/ttfb split).
check_sslbooleanhttps only: report a certificate/TLS failure as a distinct SSL problem instead of a generic connection error. Off by default.
check_domainbooleanLook up the domain's registration expiry via RDAP and warn before it lapses. Off by default.
content_rulesContentRule[]
request_headersHeaderInput[]
request_bodystringRequest body for write methods (POST/PUT/PATCH/DELETE) — rejected with GET/HEAD. Sent with EVERY scheduled check, so point writes at test data or a dedicated test route. application/json unless a Content-Type header is set.
fail_thresholdintegerConsecutive fails before 'down'.Default: 3
recover_thresholdintegerDefault: 1
project_idstringGroup under a project (id from /v1/projects).

Responses

  • 200Check resultCheckResult
  • 401Missing/invalid tokenError
  • 422Validation errorError
patch/v1/monitors/{id}

Update a monitor (partial)

Parameters

  • idpath · required

Request body · MonitorPatch

FieldTypeDescription
urlstringRequired for `http` and `scheduler` monitors; omit for `heartbeat`.
namestringDefault: "Untitled"
typestringCheck type. `http` (we poll a URL to check it's up), `heartbeat` (your job pings us), or `scheduler` (we call your URL on a schedule as a trigger — 2xx = success). Other types (dns, port, ...) are planned.httpheartbeatschedulerDefault: "http"
methodstringHEAD is forced to GET when content rules are set. Schedulers reject HEAD/OPTIONS (a trigger must act) and default to POST.HEADGETPOSTPUTPATCHDELETEOPTIONSDefault: "HEAD"
interval_secintegerFloored to the plan minimum (free 300, pro 60). For heartbeat, the expected max gap between pings.
grace_secintegerHeartbeat only: extra seconds after interval_sec before 'down' (default 60).
slow_msintegerLatency ≥ this ⇒ 'slow'.Default: 1500
timeout_msintegerClamped to 1000–60000.Default: 10000
expect_statusinteger | nullExact code required; null/0 ⇒ any 2xx/3xx.
follow_redirectsbooleanFollow 3xx redirects and judge the final response. Off (default) treats a 3xx as reachable. Turning it on forces the fetch path (no connect/ttfb split).
check_sslbooleanhttps only: report a certificate/TLS failure as a distinct SSL problem instead of a generic connection error. Off by default.
check_domainbooleanLook up the domain's registration expiry via RDAP and warn before it lapses. Off by default.
content_rulesContentRule[]
request_headersHeaderInput[]
request_bodystringRequest body for write methods (POST/PUT/PATCH/DELETE) — rejected with GET/HEAD. Sent with EVERY scheduled check, so point writes at test data or a dedicated test route. application/json unless a Content-Type header is set.
fail_thresholdintegerConsecutive fails before 'down'.Default: 3
recover_thresholdintegerDefault: 1
project_idstringGroup under a project (id from /v1/projects).
enabledbooleanfalse = pause the monitor.

Responses

  • 200UpdatedMonitor
  • 401Missing/invalid tokenError
  • 404Not foundError
  • 422Validation errorError
delete/v1/monitors/{id}

Delete a monitor

Parameters

  • idpath · required

Responses

  • 200Deleted
  • 401Missing/invalid tokenError
  • 404Not foundError
  • 422Validation errorError
post/v1/monitors/{id}/mute

Mute a monitor for N minutes (maintenance window; 0 clears)

Parameters

  • idpath · required

Request body

FieldTypeDescription
minutesreqintegerMinutes to suppress down-detection + alerts; 0 clears, capped at 7 days.

Responses

  • 200UpdatedMonitor
  • 401Missing/invalid tokenError
  • 404Not foundError
  • 422Validation errorError
post/v1/heartbeats/{id}/pingNo auth

Heartbeat check-in — call from your job (public; GET also works)

Parameters

  • idpath · required

Responses

  • 200Ping recorded
  • 404Not a heartbeat / not foundError

Tokens

get/v1/tokens

List personal access tokens

Responses

  • 200OK
  • 401Missing/invalid tokenError
  • 422Validation errorError
post/v1/tokens

Create a project-scoped token (session auth only)

Request body

FieldTypeDescription
project_idreqstringProject to scope the token to (id from /v1/projects). Required — every PAT is confined to one project. You must be its owner, admin, or member.
namereqstringLabel for the token.
ttl_secondsnumberOptional expiry (60–7776000s). Omit for a non-expiring token.

Responses

  • 201Created — plaintext returned onceTokenCreated
  • 400Missing project_id / not permitted on itError
  • 401Missing/invalid tokenError
  • 403Requires a session token, not a PATError
  • 422Validation errorError
delete/v1/tokens/{id}

Revoke a token

Parameters

  • idpath · required

Responses

  • 200Revoked
  • 401Missing/invalid tokenError
  • 404Not foundError
  • 422Validation errorError

Projects

get/v1/projects

List projects with per-project status

Responses

  • 200OK
  • 401Missing/invalid tokenError
  • 422Validation errorError
post/v1/projects

Create a project

Request body

FieldTypeDescription
namereqstring

Responses

  • 201CreatedProject
  • 401Missing/invalid tokenError
  • 422Validation errorError
patch/v1/projects/{id}

Rename a project

Parameters

  • idpath · required

Request body

FieldTypeDescription
namereqstring

Responses

  • 200Renamed
  • 401Missing/invalid tokenError
  • 404Not foundError
  • 422Validation errorError
delete/v1/projects/{id}

Delete a project (its monitors are detached, not deleted)

Parameters

  • idpath · required

Responses

  • 200Deleted
  • 401Missing/invalid tokenError
  • 404Not foundError
  • 422Validation errorError

Connectors

post/v1/connectors/{provider}/oauth/start

Begin the OAuth connect flow

Parameters

  • providerpath · required

Responses

  • 200Open this URL to authorize
  • 401Missing/invalid tokenError
  • 422Validation errorError
  • 503Provider not configuredError
get/v1/connectors

List connected providers

Responses

  • 200OK
  • 401Missing/invalid tokenError
  • 422Validation errorError
get/v1/connectors/{provider}/projects

List a provider's projects (with import status)

Parameters

  • providerpath · required

Responses

  • 200OK
  • 401Missing/invalid tokenError
  • 404Not connectedError
  • 422Validation errorError
post/v1/connectors/{provider}/import

Import selected projects as monitors

Parameters

  • providerpath · required

Request body

FieldTypeDescription
external_refsreqstring[]
project_idstringImport the monitors into this project.

Responses

  • 200Import resultImportResult
  • 401Missing/invalid tokenError
  • 422Validation errorError
delete/v1/connectors/{provider}

Disconnect a provider

Parameters

  • providerpath · required

Responses

  • 200Disconnected
  • 401Missing/invalid tokenError
  • 404Not connectedError
  • 422Validation errorError

Prefer the raw document? It's served straight from the API at /openapi.json.