# GETTING STARTED

## Overview

This page will help you to get started with using the Self-Service RESTful API.

## Authentication

Access to the Self-Service RESTful API is controlled using an [User API Key](https://support.attackforge.com/attackforge-enterprise/getting-started/manage-user#user-key).

In order to access the Self-Service RESTful API, you must meet the following conditions:

* You must have a valid [User API Key](https://support.attackforge.com/attackforge-enterprise/getting-started/manage-user#user-key);
* You must be provided with access to RESTful API methods by the Administrators; and
* Your [User API Key](https://support.attackforge.com/attackforge-enterprise/getting-started/manage-user#user-key) is supplied in the Header **X-SSAPI-KEY** for each request to the API endpoint.

All requests to the API must be made over HTTPS. Calls made over plain HTTP will fail. You must authenticate all requests.

## Accessing the RESTful API

Access to the RESTful API, including scope of data available, is restricted to the users' data within the application.

By default, every user in the system does not have access to any of the RESTful API methods - including Administrators. Access to the RESTful API must be provided explicitly by an Administrator, and is controlled on an individual method basis.

A user can see their access to the RESTful SSAPI by viewing the SSAPI module in the application.

The following warning and padlock indicate that the RESTful API Method is not available:

<figure><img src="/files/hAttlkd1Skuwkyxh4Eev" alt=""><figcaption></figcaption></figure>

An Administrator can provide a user with access to the RESTful SSAPI by accessing `Users > (select user) > Access > Self-Service RESTful API > Add Access`&#x20;

<figure><img src="/files/FOrOI7RoQM1WWQ0f7Dik" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/getting-started.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.