The Pingdom API is a way for you to automate your interaction with the Pingdom system. With the API, you can create your own scripts or applications with most of the functionality you can find inside the Pingdom control panel.

The Pingdom API is RESTful and HTTP-based. Basically, this means that the communication is made through normal HTTP requests.

Authentication is needed in order to use the Pingdom API, and for this a Pingdom API Token is required. You generate your Pingdom API Token inside My Pingdom. The Pingdom API Token has a property called “Access level” to define its permissions. All operations that create or modify something (e.g. checks) need the Read/Write permission. If you only need to read data using the API token, we recommend to set the access level to “Read access”.

The authentication method for using tokens is HTTP Bearer Authentication (encrypted over HTTPS). This means that you will provide your token every time you make a request. No sessions are used.

Request

GET /checks HTTP/1.1
Host: api.pingdom.com
Authorization: Bearer ofOhK18Ca6w4S_XmInGv0QPkqly-rbRBBoHsp_2FEH5QnIbH0VZhRPO3tlvrjMIKQ36VapX

Response

HTTP/1.1 200 OK
Content-Length: 13
Content-Type: application/json
{"checks":[]}

For compatibility reasons, the Pingdom API allows to use HTTP Basic Authentication with tokens. In cases where this is necessary, input the API token as the username and leave the password field empty.

An example request of how that would look like with the following API token: ofOhK18Ca6w4S_XmInGv0QPkqly-rbRBBoHsp_2FEH5QnIbH0VZhRPO3tlvrjMIKQ36VapX

GET /checks HTTP/1.1
Host: api.pingdom.com
Authorization: Basic b2ZPaEsxOENhNnc0U19YbUluR3YwUVBrcWx5LXJiUkJCb0hzcF8yRkVINVFuSWJIMFZaaFJQTzN0bHZyak1JS1EzNlZhcFg6

The base server address is: https://api.pingdom.com

Please note that HTTPS is required. You will not be able to connect through unencrypted HTTP.

GET requests should provide their parameters as a query string, part of the URL.

POST, PUT and DELETE requests should provide their parameters as a JSON. This should be part of the request body. Remember to add the proper content type header to the request: Content-Type: application/json.

We still support providing parameters as a query string for POST, PUT and DELETE requests, but we recommend using JSON going forward. If you are using query strings, they should be part of the body, URL or a combination. The encoding of the query string should be standard URL-encoding, as provided by various programming libraries.

When using requests library for Python, use json parameter instead of data. Due to the inner mechanisms of requests.post() etc. some endpoints may return responses not conforming to the documentation when dealing with data body.

The HTTP status code returned by a successful API request is defined in the documentation for that method. Usually, this will be 200 OK.

If something goes wrong, other codes may be returned. The API uses standard HTTP/1.1 status codes defined by RFC 2616.

All responses are sent JSON-encoded. The specific responses (successful ones) are described in the documentation section for each method.

However, if something goes wrong, our standard JSON error message (together with an appropriate status code) follows this format:

{
    "error": {
        "statuscode": 403,
        "statusdesc": "Forbidden",
        "errormessage":" Something went wrong! This string describes what happened."
    }
}

See http://en.wikipedia.org/wiki/Json for more information on JSON.

Please note that all attributes of a method response are not always present. A client application should never assume that a certain attribute is present in a response.

The Pingdom API has usage limits to avoid individual rampant applications degrading the overall user experience. There are two layers of limits, the first cover a shorter period of time and the second a longer period. This enables you to "burst" requests for shorter periods. There are two HTTP headers in every response describing your limits status.

The response headers are:

• Req-Limit-Short
• Req-Limit-Long

An example of the values of these headers:

• Req-Limit-Short: Remaining: 394 Time until reset: 3589
• Req-Limit-Long: Remaining: 71994 Time until reset: 2591989

In this case, we can see that the user has 394 requests left until the short limit is reached. In 3589 seconds, the short limit will be reset. In similar fashion, the long limit has 71994 requests left, and will be reset in 2591989 seconds.

If limits are exceeded, an HTTP 429 error code with the message "Request limit exceeded, try again later" is sent back.

Responses can be gzip-encoded on demand. This is nice if your bandwidth is limited, or if big results are causing performance issues.

To enable gzip, simply add the following header to your request:

Accept-Encoding: gzip

If you are building a web page using the Pingdom API, we recommend that you do all API request on the server side, and if possible cache them. If you get any substantial traffic, you do not want to call the API each time you get a page hit, since this may cause you to hit the request limit faster than expected. In general, whenever you can cache data, do so.

Some HTTP clients omit the authentication header, and make a second request with the header when they get a 401 Unauthorized response. Please make sure you send the credentials directly, to avoid unnecessary requests.

Should be simple enough. For example, don't check for the status of a check every other second. The highest check resolution is one minute. Checking more often than that won't give you much of an advantage.

Networks in general are unreliable, and particularly one as large and complex as the Internet. Your application should not assume it will get an answer. There may be timeouts.

"This is too much to read. I just want to get started right now! Give me a simple example!"

Here is a short example of how you can use the API with PHP. You need the cURL extension for PHP.

The example prints the current status of all your checks. This sample obviously focuses on Pingdom API code and does not worry about any potential problems connecting to the API, but your code should.

Code:

<?php
    // Init cURL
    $curl = curl_init();
    // Set target URL
    curl_setopt($curl, CURLOPT_URL, "https://api.pingdom.com/api/3.1/checks");
    // Set the desired HTTP method (GET is default, see the documentation for each request)
    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "GET");
    // Add header with Bearer Authorization
    curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Bearer 907c762e069589c2cd2a229cdae7b8778caa9f07"));
    // Ask cURL to return the result as a string
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    // Execute the request and decode the json result into an associative array
    $response = json_decode(curl_exec($curl), true);
    // Check for errors returned by the API
    if (isset($response['error'])) {
        print "Error: " . $response['error']['errormessage'] . "\n";
        exit;
    }
    // Fetch the list of checks from the response
    $checksList = $response['checks'];
    // Print the names and statuses of all checks in the list
    foreach ($checksList as $check) {
        print $check['name'] . " is " . $check['status'] . "\n";
    }
?>

Example output:

Ubuntu Packages is up
Google is up
Pingdom is up
My server 1 is down
My server 2 is up

If you are running PHP on Windows, you need to be sure that you have installed the CA certificates for HTTPS/SSL to work correctly. Please see the cURL manual for more information. As a quick (but unsafe) workaround, you can add the following cURL option to ignore certificate validation.

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);

There are two types of transaction checks:

• script: the legacy TMS check created with predefined commands in the Pingdom UI or via the public API
• recording: the TMS check created by recording performed actions in WPM recorder. More information about how to use it can be found in the WPM recorder documentation

Commands

Actions to be performed for the script TMS check

Validations

Verify the state of the page

Example steps

  "steps": [
  {
    "fn": "go_to",
    "args": {
      "url": "pingdom.com"
    }
  },
  {
    "fn": "click",
    "args": {
      "element": "START FREE TRIAL"
    }
  },
  {
    "fn": "url",
    "args": {
      "url": "https://www.pingdom.com/sign-up/"
    }
  }
  ]

Each of check steps contains:

• fn: function name of the step
• args: function arguments
• guid: automatically generated identifier
• contains_navigate: recorder sets it on true if the step would trigger a page navigation

Commands

Actions to be performed for the recording TMS check

Validations

Verify the state of the page

Metadata

Recording checks contain metadata which is automatically generated by the WPM recorder. Modify with caution!