I think the answer is that there is no non-public API. It’s documented at GitHub - discourse/discourse: A platform for community discussion. Free, open, simple. and if you don’t know how to read that, you can always Reverse engineer the Discourse API.
I really hate bogus security spam.