CredVault Docs
Dashboard

API Reference

The CredVault REST API provides programmatic access to all platform capabilities. This reference documents the available endpoints, authentication methods, request formats, and response structures.

Base URL

All API requests are made to the CredVault API server. For cloud-hosted accounts, the base URL is your regional endpoint. Enterprise customers may have custom endpoints.

Authentication

Every API request must include authentication credentials. CredVault supports two authentication methods.

API Key Authentication

For server-to-server communication, use API key authentication. Include your API key in the request header. This method is recommended for backend applications, scripts, and automation.

API keys are created in your dashboard under Settings. Each key has associated permissions that control what operations it can perform. You can create multiple keys for different applications or environments.

Bearer Token Authentication

For applications acting on behalf of users, use bearer token authentication. Include the token in the Authorization header. Tokens are obtained through the authentication endpoints and expire after a period of time.

This method is appropriate for client-side applications where the end user has logged in. The token represents the user's session and inherits the user's permissions.

Request Format

API requests use standard HTTP methods:

  • GET for retrieving resources
  • POST for creating resources or performing actions
  • PUT for replacing resources entirely
  • PATCH for partial updates
  • DELETE for removing resources

Request bodies should be JSON-encoded. Set the Content-Type header to application/json for requests that include a body.

Response Format

All responses return JSON. Successful responses include the requested data. Error responses include an error code and descriptive message.

Success Responses

Successful operations return HTTP status codes in the 2xx range. The response body contains the requested data, often wrapped in a data field.

Create operations typically return the created resource with its assigned ID. List operations return an array of resources, potentially with pagination information.

Error Responses

Errors return appropriate HTTP status codes:

  • 400 Bad Request — The request was malformed or missing required parameters
  • 401 Unauthorized — Authentication credentials were missing or invalid
  • 403 Forbidden — The authenticated user lacks permission for this operation
  • 404 Not Found — The requested resource doesn't exist
  • 429 Too Many Requests — Rate limit exceeded
  • 500 Internal Server Error — An unexpected error occurred

Error responses include a message explaining what went wrong. Use this information for debugging and user feedback.

Rate Limiting

To ensure fair usage and platform stability, API requests are rate limited. The specific limits depend on your subscription tier.

When rate limited, requests return a 429 status code. The response includes headers indicating when you can retry. Implement exponential backoff in your applications to handle rate limiting gracefully.

API Endpoints

The API is organized around resources. Each resource has endpoints for standard CRUD operations plus any specialized actions.

Authentication Endpoints

These endpoints handle user authentication and session management. Use them for login flows, profile management, and session control.

Cluster Endpoints

Manage your database clusters. List available clusters, view configurations, and monitor status.

Data Endpoints

Perform operations on your data. Query collections, insert documents, update records, and delete data.

Intelligence Engine Endpoints

Access machine learning capabilities. Upload datasets, train models, and run predictions.

Webhook Endpoints

Configure event notifications. Create webhooks, manage subscriptions, and inspect delivery history.

Function Endpoints

Work with serverless functions. Deploy code, execute functions, and retrieve logs.

Backup Endpoints

Protect your data. Create backups, view backup history, and restore from snapshots.

Settings and Administrative Endpoints

Manage your account. Update settings, manage team members, and control API keys.

Pagination

Endpoints that return lists support pagination for handling large result sets. Common parameters include:

  • limit — Maximum number of results to return
  • offset or skip — Number of results to skip
  • cursor — For cursor-based pagination

Paginated responses include metadata about total count and cursors for fetching additional pages.

Filtering and Sorting

Many list endpoints accept query parameters for filtering and sorting results. Filter by field values, date ranges, or status. Sort ascending or descending by specific fields.

The exact parameters vary by endpoint. Refer to individual endpoint documentation for available options.

Versioning

The API uses URL path versioning. The current version is v1. Breaking changes will be introduced in new versions, giving you time to update your integrations.

We maintain backward compatibility within versions. New fields may be added to responses, but existing fields won't be removed or changed.