Operational & Monitoring
Infrastructure and operations endpoints. These support running the platform and are typically restricted to internal networks.
The endpoints on this page can expose internal state. They should be protected at the network/gateway layer and must not be publicly reachable. Authentication requirements are To be confirmed.
Service health
Aggregated health across platform microservices:
POST /v1/onboarding/healthstatus
Content-Type: application/json
{ "fetchAllMicroServiceHealth": true }
// or target specific services:
{ "services": ["ql-atm-eapi", "ql-atm-sapi", "ql-common-services"] }
Channel / rules / cache refresh
Operational refresh hooks for channels, Drools rule files and caches:
| Operation | Endpoint | Body (example) |
|---|---|---|
| Refresh channels | POST /api/channels/refresh | { "refreshAllChannels": true } |
| Refresh rules (Drools) | POST /api/channels/refreshRules | { "droolFileName": ["SubTenantData.drl"] } |
| Refresh cache | POST /api/channels/refresh/cache | { "refreshAllCache": true } |
The cache refresh also accepts a targeted form:
{
"caches": [
{ "cacheName": "AppPropsCache" },
{ "cacheName": "ConfigsCache", "ids": ["configs"] }
]
}
These channel endpoints live under /api/channels, outside the /v1 onboarding namespace.
Spring Boot Actuator & Micrometer
Standard Spring Boot operational endpoints observed in the source:
| Endpoint | Purpose |
|---|---|
GET /actuator/health | Liveness/readiness health. |
GET /actuator/info | Build/app info. |
GET /actuator/metrics | Metric names; append /{name} for a value (e.g. jvm.memory.max). |
GET /actuator/beans | Spring bean graph. |
GET /actuator/threaddump | JVM thread dump. |
GET /actuator/heapdump | JVM heap dump (large; sensitive). |
Expose only the minimum Actuator endpoints needed (commonly health and info). heapdump, threaddump and beans reveal sensitive internals and should be disabled or locked down in production.
External services (not part of this API)
The source collection also references third-party services such as SendGrid (https://api.sendgrid.com/v3/mail/send) for email delivery. These are external integrations governed by their own providers and credentials, and are out of scope for this API. Never embed provider API keys in shared collections.