What the API exposes
| Endpoint group | Use case |
|---|---|
| Activity logs | Track every action taken in Forest, exports for audit and compliance |
| Admin logs | Track configuration and administrative operations across the project |
| Notes | Read and write collaboration notes on records |
- Use the Forest Agent directly, the agent serves your collections via its own REST API. See the Node.js or Ruby agent reference.
- Connect via MCP, the MCP server exposes your data, actions, and workflows to AI agents under the same governance.
Base URL
All public API requests go to:Authentication
All requests require a Bearer token in theAuthorization header:
Rate limits
The public API enforces per-token rate limits. See Rate limits for current values, response headers, and best practices for handling throttling.Common use cases
Audit and compliance
Export activity logs to a data warehouse for long-term retention. Build custom audit dashboards. Pull decision traces for regulator inquiries.
SIEM integration
Stream Forest activity into Splunk, Datadog, ELK, CloudWatch, or your existing SIEM.
External collaboration
Sync notes between Forest and external collaboration tools (Slack, Teams, internal CRMs).
Custom reporting
Pull operations data on a schedule and feed it into business reporting tools.
Getting started
Generate an application token
Project Settings → API Access → Generate New Token. The user generating the token must have Admin role on the project.
Make your first request
Use the token in the
Authorization header. See Authentication for examples in cURL, Node.js, and Python.Next steps
Authentication
Generate and use API tokens.
Rate limits
Understand and handle limits.
Activity logs
The most-used endpoint group.