Devices
The Devices API provides access to the full inventory of endpoints, servers, and network assets enrolled under HomeBase management — including health status, OS posture, and active alerts.
The device object
json
{
"id": "dev_01hxyz",
"tenant_id": "ten_01hxyz",
"hostname": "ACME-WIN-0042",
"platform": "windows",
"os_version": "Windows 11 23H2",
"agent_version": "3.2.1",
"status": "online",
"compliance_status": "compliant",
"risk_score": 12,
"last_seen_at": "2025-06-01T14:58:00Z",
"enrolled_at": "2025-01-20T08:00:00Z",
"labels": ["finance", "privileged"],
"open_alerts": 0
}List devices
bash
GET /v1/devices| Name | Type | Required | Description |
|---|---|---|---|
| filter[tenant_id] | string | No | Scope to a specific tenant. |
| filter[platform] | string | No | windows | macos | linux | ios | android |
| filter[status] | string | No | online | offline | isolated | decommissioned |
| filter[compliance_status] | string | No | compliant | non_compliant | unknown |
| filter[label] | string | No | Filter by device label. |
Get a device
bash
GET /v1/devices/:idIsolate a device
bash
POST /v1/devices/:id/isolate
{
"reason": "Suspected ransomware activity — isolating pending investigation."
}Warning:Isolation cuts the device off from the network immediately. The HLD agent maintains a management-only channel for de-isolation. Use this endpoint with care — always provide a reason for the audit trail.
De-isolate a device
bash
POST /v1/devices/:id/deisolateRun a live query
Execute an osquery-compatible SQL query against a specific device or a fleet segment.
bash
POST /v1/devices/:id/query
{
"query": "SELECT name, version FROM programs WHERE name LIKE '%chrome%';"
}json
{
"query_id": "qry_01hxyz",
"status": "running",
"estimated_seconds": 3
}
// Poll for result
GET /v1/devices/queries/qry_01hxyz