Migration Guide: API v1 to API v2

On March 31, 2026, Addigy API v1 will be deprecated and its functionality removed. All integrations should be updated to use our new and enhanced API v2.

API v2 delivers greater reliability, performance, security, and scalability to meet the evolving needs of modern organizations. It offers a robust framework, improved security, and regularly added new endpoints — empowering you to build richer, more flexible integrations for the future.

If you have any questions, reach out to api-team@addigy.com

Affected endpoints

These changes apply if your integrations use:
https://prod.addigy.com/api/{{endpoint_path}}?client_id={{client_id}}&client_secret={{client_secret}}

Endpoint migration details

In order for your integrations with the Addigy API to continue to work, you will need to update to use API v1.

We’ve created Postman API Documentation that you can use to compare and test the legacy API v1 endpoints side-by-side with their API v2 endpoint replacement.

Key improvements

• Granular RBAC authorization for endpoints
• Enhanced querying, pagination and sorting with standardized response format
  • Sorting options: asc, desc

• API key based authentication

Authentication differences

API v1 Authentication

API v1 uses query parameters or headers for authentication (client_id and client_secret) credentials

• Base URL: https://prod.addigy.com/api/

API v2 Authentication

API v2 employs bearer token authentication using an API key passed in the Authorization header. Learn how to create an API v2 key.

• Base URL: https://api.addigy.com/api/v2/
• Authentication Method: Bearer token in Authorization header
• Required Header: Authorization: Bearer your_api_token
• Example: curl -H "Authorization: Bearer your_token" https://api.addigy.com/api/v2/devices
• Permissions: API v2 tokens support granular permission controls following the principle of least privilege

Endpoint Migration Details

Application Management

Postman Documentation

Get Installed Applications

• API v1: GET /api/applications
• API v2: Multiple endpoints based on application type:
  • POST /api/v2/oa/installed-apps/mdm/query
  • POST /api/v2/oa/installed-apps/agent/query
• Method Change: GET → POST with request body
• Request Structure:
  • v1: Simple GET with optional status query parameter
  • v2: POST with JSON body containing application query criteria
• Key Changes:
  • Uses /oa/ for which response will include data for all descendant organizations (child, grandchild, etc.), allowing you to query across multiple organizations when multitenancy query param is set to true
  • Separated into MDM-managed and agent-managed applications
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
• Permission Required:
  • View Devices

Certificate Management

Postman Documentation

Request Certificate List from Device

• API v1: POST /api/mdm/certificates/list?agent_id={{agent_id}}
• API v2: POST /api/v2/mdm/certificates/query
• Request Structure:
  • v1: POST with agent_id as query parameter and empty body
  • v2: POST with JSON body containing certificate query criteria including device identifiers
• Key Changes:
  • Agent ID moved from query parameter to structured request bod
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
• Permission Required:

  • View Devices

Command Execution

Postman Documentation

Run Commands on Devices

• API v1: POST /api/devices/commands
• API v2: POST /api/v2/o/{organization_id}/devices/commands/run
• Request Structure:
  • v1: POST with JSON body containing agents_ids array and command string
  • v2: POST with organization ID in path and enhanced command execution structure
• Key Changes:
  • Uses organization-specific path structure (/{organization_id}/)
  • Organization ID must be passed as path parameter (not in request body or query parameters)
• Permission Required:
  • Execute Commands

Command Output Retrieval

Postman Documentation

Get Device Command Output

• API v1: GET /api/devices/output?actionid={{action_id}}&agentid={{agent_id}}
• API v2: GET /api/v2/o/{{organization_id}}/devices/{agent_id}/commands/{action_id}/output
• Request Structure:
  • v1: GET with actionid and agentid as query parameters
  • v2: GET with IDs embedded in RESTful path structure
• Key Changes:
  • Uses /o/{orgid}/ sub-route for organization-specific edit operations
  • Organization ID must be passed as path parameter (not in request body or query parameters)
  • Parameters moved from query string to RESTful path structure

Device Assignment

Postman Documentation

Get Device Command Output

• API v1: POST /api/policies/devices
• API v2: POST /api/v2/o/{{organization_id}}/devices/assign
• Request Structure:
  • v1: POST with policy_id and agent_id
  • v2: POST with policy_ids and agent_ids arrays in body
• Key Changes:
  • Uses /o/{orgid}/ sub-route for organization-specific edit operations
  • Organization ID must be passed as path parameter (not in request body or query parameters)

  • Now able to add multiple devices to multiple policies

Device Information Endpoints

Postman Documentation

Get All Devices

• API v1: GET /api/devices
• API v2: POST /api/v2/devices
• Method Change: GET → POST with request body for filtering
• Request Structure:
  • v1: Simple GET with no body, credentials in query string
  • v2: POST with JSON body containing device filter criteria
• Key Changes:
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
  • Fact keys are formatted as snakecase to adhere to JSON standards
• Permission Required:
  • View Devices

Get Online Devices

• API v1: GET /api/devices/online
• API v2: POST /api/v2/devices
• Method Change: GET → POST with request body
• Request Structure:
  • v1: Simple GET with authentication in headers, no filtering options
  • v2: POST with JSON body to specify online status criteria using device filters
  • Query for online devices:
    "query": {
   "filters": [
     {
       "audit_field": "online",
       "operation": "=",
       "type": "boolean",
       "value": "true"
     }
   ]
 } 
• Key Changes:
  • Consolidated into universal device search endpoint
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
  • Fact keys are formatted as snakecase to adhere to JSON standards
• Permission Required:
  • View Devices

Get Policy Devices

• API v1: GET /api/policies/devices?policy_id={{policy_id}}
• API v2: POST /api/v2/devices
• Method Change: GET → POST with request body
• Request Structure:
  • v1: GET with policy_id as query parameter
  • v2: POST with policy-based filters in JSON request body
  • Query for devices in a policy:
    "query": {
   "filters": [
     {
       "audit_field": "policy_ids",
       "operation": "contains",
       "type": "list",
       "value": ["ef53fde1-f76f-4077-8892-c14f7221ea7f"]
     }
   ]
 } 
• Key Changes:
  • Consolidated into universal device search endpoint
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
  • Fact keys are formatted as snakecase to adhere to JSON standards
• Permission Required:
  • View Devices

MDM Settings Management

Postman Documentation

Update MDM Settings

• API v1: POST /api/mdm/settings?agent_id={{agent_id}} with JSON body
• API v2: Multiple specific endpoints:
  • POST /api/v2/mdm/settings/app_analytics
  • POST /api/v2/mdm/settings/bluetooth
  • POST /api/v2/mdm/settings/data_roaming
  • POST /api/v2/mdm/settings/device/name
  • POST /api/v2/mdm/settings/diagnostic_submission
  • POST /api/v2/mdm/settings/personal_hotspot
  • POST /api/v2/mdm/settings/voice_roaming
  • POST /api/v2/mdm/settings/wallpaper
  • POST api/v2/mdm/commands/device/remote-desktop/enable
  • POST api/v2/mdm/commands/device/remote-desktop/disable
• Request Structure:
  • v1: Single endpoint with agent_id query parameter and setting-specific JSON body
  • v2: Multiple specialized endpoints, each for specific setting types
• Key Changes:
  • Single endpoint split into multiple setting-specific endpoints
  • Agent ID moved to request body from query parameters
• Permission Required:
  • Execute Commands

Monitoring and Alerts

Postman Documentation

Get Alerts

• API v1: GET /api/alerts?status=Resolved&page=1&per_page=10
• API v2: GET /api/v2/monitoring/received-alerts
• Request Structure:
  • v1: GET with filtering parameters (status, page, per_page) in query string
  • v2: GET with enhanced query parameter options
• Key Changes:
  • Standardized pagination and sorting functionality

Policy Management

Get Policies

Postman Documentation

• API v1: GET /api/policies
• API v2: POST /api/v2/oa/policies/query
• Method Change: GET → POST with request body
• Request Structure:
  • v1: Simple GET request with no body
  • v2: POST with JSON body containing policy query filters
• Key Changes:
  • Uses /oa/ for which response will include data for all descendant organizations (child, grandchild, etc.), allowing you to query across multiple organizations when multitenancy query param is set to true
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality

Add Devices to Policy

Postman Documentation

• API v1: GET /api/policies/devices

Software Management

Postman Documentation

Get Custom Software

• API v1: GET /api/custom-software
• API v2: POST /api/v2/oa/smart-software/query
• Method Change: GET → POST with request body
• Request Structure:
  • v1: Simple GET with optional query parameters (identifier, instructionid)
  • v2: POST with JSON body containing software query criteria
• Key Changes:
  • Uses /oa/ for which response will include data for all descendant organizations (child, grandchild, etc.), allowing you to query across multiple organizations when multitenancy query param is set to true
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
• Permission Required:
  • View Smart Software

System Events

Postman Documentation

Get System Events

• API v1: GET /api/system/events
• API v2: POST /api/v2/system-events/query
• Method Change: GET → POST with request body
• Request Structure:
  • v1: GET with optional filtering parameters in query string
  • v2: POST with JSON body containing event search criteria
• Key Changes:
  • Changed from GET to POST with query-based filtering
  • Standardized pagination and sorting functionality
• Permission Required:
  • View System Events

User Management Commands

Postman Documentation

Send List User Command to Device

• API v1: POST /api/mdm/user/list?agent_id={{agent_id}}
• API v2: POST /api/v2/mdm/commands/device/user/list
• Request Structure:
  • v1: POST with agent_id as query parameter and empty body
  • v2: POST with JSON body containing device identification and command parameters
• Key Changes:
  • Agent ID moved from query parameter to request body structure
  • Enhanced device user command management
  • Improved command tracking and execution status
  • ADE (Automated Device Enrollment) specific optimizations
• Permission Required:
  • Execute Commands

Get Device User List

• API v1: GET /api/mdm/user?agent_id={{agent_id}}
• API v2: GET /api/v2/mdm/commands/device-users/query
• Request Structure:
  • v1: GET with agent_id as query parameter
  • v2: GET with enhanced query parameter structure and filtering options
• Key Changes:
  • Changed from GET to POST with query-based filtering

Endpoints that will not be available in API v2