API reference
Every Sanad API endpoint. Authentication is a Bearer license key OR an HttpOnly session cookie set by /api/dpo/session/login.
Quick test
curl -H "Authorization: Bearer $LICENSE_KEY" \ https://<portal>/api/dpo/dashboard/alerts
Authentication
POST
/api/dpo/session/loginExchange license key for HttpOnly session cookiePOST
/api/dpo/session/logoutClear the session cookieGET
/api/dpo/sessionWhoami — returns tenant identitySignup
POST
/api/dpo/signupCreate unverified tenant; sends verification emailPOST
/api/dpo/verify-emailConsume verification token; emails license keyConsent receipts (DPDP §6)
POST
/api/dpo/consent/issueIssue a signed consent receiptPOST
/api/dpo/consent/withdrawWithdraw a consent — emits sibling receiptGET
/api/dpo/consentList consent receiptsGET
/api/dpo/consent/receipt/:idFetch by UUID or CR-numberGET
/api/dpo/consent/verify/:rnCapability-style public verifyRights requests (DPDP §11/§12/§13/§14/§6.4)
POST
/api/dpo/rights/intakeRecord a data-principal rights requestPOST
/api/dpo/rights/updateStatus transition (FULFILLED, REJECTED, etc.)GET
/api/dpo/rightsList requests (filter by status, type)GET
/api/dpo/rights/overdueRequests breached on SLAGET
/api/dpo/rights/:idTenant-scoped fetchGET
/api/dpo/rights/verify/:rnPublic capability verifyIncidents + regulator notifications
POST
/api/dpo/incident/intakeRecord incident; CERT-In 6h + DPDP 72h clocks start at discovered_atPOST
/api/dpo/incident/generate-reportRender + sign one regulator-format report (CERT-In, DPB, data principal, Board, SEBI, RBI, IRDAI)POST
/api/dpo/incident/updateStatus transitionGET
/api/dpo/incidentList incidentsGET
/api/dpo/incident/:idSingle incidentGET
/api/dpo/incident/:id/reportsAll regulator notifications for one incidentPOST
/api/dpo/incident/:id/evidenceAttach signed forensic evidenceGET
/api/dpo/incident/deadlinesOpen incidents with statutory deadline statusGovernance registers
POST/GET
/api/dpo/dpiaDPIAs (DPDP §10(2)(c))POST/GET
/api/dpo/processingRecord of Processing Activities (DPDP Rule 11)POST/GET
/api/dpo/transfersCross-border transfers (DPDP §16 + Rule 14)POST/GET
/api/dpo/trainingStaff training records (DPDP Rule 11(d))POST/GET
/api/dpo/policiesVersioned policies with approval lifecyclePOST/GET
/api/dpo/vendorsVendor register with signed DPA hashes (§8(2))POST/GET
/api/dpo/retentionRetention schedulesPOST/GET
/api/dpo/erasureSigned erasure attestations (DPDP §12.3)Aggregates
POST
/api/dpo/board/reportGenerate signed quarterly Board reportPOST
/api/dpo/exportDPDP §11 subject export (signed bundle)GET
/api/dpo/dashboard/alertsAll pending-work surfaces in one callWebhooks (HMAC-signed event delivery)
POST
/api/dpo/webhooksCreate subscription; secret returned ONCEPOST
/api/dpo/webhooks/updatePause/resume/disable, change events or URLPOST
/api/dpo/webhooks/testSend a synthetic test eventPOST
/api/dpo/webhooks/retryRetry a failed deliveryGET
/api/dpo/webhooks/deliveriesDelivery logGET
/api/dpo/webhooks/outboxPending events queued for fan-outSentinel Detect (MDR)
POST
/api/sentinel-detect/alertIngest signed alertGET
/api/sentinel-detect/alertList alertsPOST
/api/sentinel-detect/alert/updateAnalyst transition + escalate-to-incidentPOST
/api/sentinel-detect/rulesCreate detection rulePOST
/api/sentinel-detect/rules/updateToggle / status changePOST
/api/sentinel-detect/rules/bootstrapCreate the 7-rule starter packPOST
/api/sentinel-detect/evaluateRun a single event through the rule enginePOST
/api/sentinel-detect/evaluate-batchUp to 500 events per callPOST
/api/sentinel-detect/classify-telemetryPull rows from sentinel_telemetry and classifyGET
/api/sentinel-detect/statsSOC dashboard aggregatesVerification
GET
/api/verify/:numberPublic verifier; routes by prefix to all 15 artifact typesChain integrity
GET
/api/dpo/chain/verify?prefix=CRRecompute chain + signaturesGET
/api/dpo/chain/replay?prefix=CROrdered chain dump for off-platform auditPOST
/api/dpo/chain/snapshotTake a signed snapshot of an entire chainCognoShift Private Limited · CIN U85499HR2025PTC130446