API reference
A read-only JSON API over the full NIST 800-53 catalog and CSF 2.0 crosswalk. No authentication for public reads; supply a key for higher rate limits.
The API is not yet functional. Everything on this page is static sample documentation — no request is issued and no live endpoint exists. It previews the shape of a future public JSON API.
Base URL
https://api.nistcontrols.io/v1
Authentication
Authorization: Bearer <key>
Endpoints
GET/controlsList controls with optional filters & pagination
GET/controls/{id}Retrieve a single control by ID (e.g. AC-2)
GET/controls/{id}/crosswalkCSF 2.0 mappings for a control
GET/familiesList the 20 control families
GET/csf/functionsList CSF 2.0 functions & subcategories
Query parameters