Configure a project's monitoring
PUT/api/v1/projects/:project_id/monitoring
Toggle monitoring + set the cadence.
enabled+interval_daysare the only client-owned knobs; thecheckslist is server-maintained (auto-enrolled from the project's confirmed / fixed black-box findings, refreshed on every config write).- Admission: ENABLING monitoring requires the
release_monitoringflag (404 when off) — the same flag the materializer's monitoring source checks. Disabling is never gated, so flipping the flag off strands nothing. - Enabling with zero enrolled checks is rejected with 400
project_monitoring_no_checks— nothing to probe means a materialized run does no work; confirm a black-box finding first. - Scope required:
projects:update+ manager-or-above. - Archived projects reject the write (409).
Request
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 422
- 429
- 500
Successful Response
Bad request — malformed input or failed validation.
Missing, expired, or invalid credentials.
Authenticated but not authorized for this resource. Note: cross-organization reads return 404, not 403.
Resource not found, or hidden for tenant-enumeration safety (the caller lacks permission to know whether the resource exists).
Conflict — the current resource state does not allow this operation (e.g. assessment already started, email already in use).
Semantic validation failure — request shape was valid but contents were not.
Too many requests — rate limited. Retry after the window resets.
Internal server error — unexpected failure.