Skip to content
MicroVisualizer

Overview

MicroVisualizer API (1.0.0)

Section titled “MicroVisualizer API (1.0.0)”

The MicroVisualizer API enables creation, visualization, and management of microservices architecture diagrams. It supports defining services, messaging topics (Kafka, RabbitMQ, etc.), their relationships, and organizing them into categories, owners, and business flows.

Rate Limiting

All API endpoints are subject to rate limiting. When the rate limit is exceeded, the API returns a 429 Too Many Requests response with a Retry-After header indicating how many seconds to wait before retrying. Clients should implement exponential backoff when receiving 429 responses.

  • OpenAPI version: 3.0.4

Authentication

Section titled “ Authentication ”

SessionAuth

Section titled “SessionAuth ”

Session-based authentication using an HTTP-only cookie.

When you sign in through the web application, a session cookie named __session is automatically set by the authentication provider. This cookie contains a JWT token that identifies your user session and organization membership.

For Browser/Web Clients:

  • The cookie is automatically included in requests by the browser
  • No manual configuration needed after authentication

For API Clients:

  • You must obtain a valid session token through the authentication flow
  • Include the cookie in your requests: Cookie: __session=<your-token>

Security Notes:

  • Tokens are scoped to your organization
  • Tokens expire after a period of inactivity
  • Always use HTTPS in production to protect the session token

Security scheme type: apiKey

Cookie parameter name: __session

ApiKeyAuth

Section titled “ApiKeyAuth ”

API key authentication for machine-to-machine communication.

API keys allow automated systems and services to authenticate without user interaction. Each API key is associated with an organization and has its own permissions.

Usage:

  • Include the API key in the Authorization header: Authorization: Bearer <your-api-key>

Obtaining an API Key:

  • API keys can be generated from your organization settings in the web application
  • Each key is tied to a specific organization

Security Notes:

  • Treat API keys like passwords - never commit them to version control
  • Rotate keys regularly
  • Use different keys for different environments (dev, staging, production)
  • Keys can be revoked immediately if compromised

Security scheme type: http

Bearer format: JWT