Skip to main content

API Reference Overview

OpenPrime provides a RESTful API for managing infrastructure environments, credentials, and code generation.

Base URL​

Development: http://localhost:3001/api
Production:  https://api.openprime.dev/api

Authentication​

All API endpoints require authentication via JWT Bearer token obtained from Keycloak.

Authorization: Bearer <access_token>

Obtaining Tokens​

Tokens are obtained through the Keycloak OIDC flow. For programmatic access:

# Get token using client credentials
TOKEN=$(curl -s -X POST \
  "http://localhost:8080/realms/openprime/protocol/openid-connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "client_id=openprime-cli" \
  -d "client_secret=YOUR_SECRET" \
  -d "grant_type=client_credentials" \
  | jq -r '.access_token')

# Use token in API calls
curl -H "Authorization: Bearer $TOKEN" \
  http://localhost:3001/api/environments

Request/Response Format​

Content Type​

Content-Type: application/json
Accept: application/json

Request Headers​

HeaderDescriptionRequired
AuthorizationBearer tokenYes
Content-Typeapplication/jsonYes (for POST/PUT)
X-Request-IDCorrelation ID for tracingNo

Response Format​

Success Response:

{
  "data": { ... },
  "meta": {
    "requestId": "uuid",
    "timestamp": "2024-01-01T00:00:00Z"
  }
}

Error Response:

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Human readable message",
    "details": [ ... ]
  },
  "meta": {
    "requestId": "uuid",
    "timestamp": "2024-01-01T00:00:00Z"
  }
}

HTTP Status Codes​

CodeDescription
200Success
201Created
204No Content (successful deletion)
400Bad Request (validation error)
401Unauthorized (missing/invalid token)
403Forbidden (insufficient permissions)
404Not Found
409Conflict (duplicate resource)
422Unprocessable Entity
429Too Many Requests (rate limited)
500Internal Server Error

Rate Limiting​

X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1699999999

Default limits:

  • 100 requests per 15-minute window per IP
  • 1000 requests per hour per user

Pagination​

List endpoints support pagination:

GET /api/environments?page=1&limit=20

Response includes pagination metadata:

{
  "data": [...],
  "pagination": {
    "page": 1,
    "limit": 20,
    "total": 45,
    "totalPages": 3
  }
}

Filtering​

Use query parameters for filtering:

GET /api/environments?provider=aws&status=active

Sorting​

GET /api/environments?sort=created_at&order=desc

API Endpoints Summary​

Environments​

MethodEndpointDescription
GET/environmentsList environments
POST/environmentsCreate environment
GET/environments/:idGet environment
PUT/environments/:idUpdate environment
DELETE/environments/:idDelete environment
POST/environments/:id/generateGenerate code
GET/environments/:id/exportExport configuration

Credentials​

MethodEndpointDescription
GET/credentialsList credentials
POST/credentialsCreate credential
GET/credentials/:idGet credential
PUT/credentials/:idUpdate credential
DELETE/credentials/:idDelete credential

User​

MethodEndpointDescription
GET/users/meGet current user
PUT/users/meUpdate current user

Health​

MethodEndpointDescription
GET/healthHealth check
GET/health/readyReadiness check

SDK Examples​

JavaScript/TypeScript​

const response = await fetch('http://localhost:3001/api/environments', {
  headers: {
    'Authorization': `Bearer ${token}`,
    'Content-Type': 'application/json'
  }
});

const { data } = await response.json();

Python​

import requests

response = requests.get(
    'http://localhost:3001/api/environments',
    headers={'Authorization': f'Bearer {token}'}
)

data = response.json()['data']

cURL​

curl -X GET \
  "http://localhost:3001/api/environments" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json"

Versioning​

The API is versioned via URL path (planned):

/api/v1/environments
/api/v2/environments

Currently, the API is unversioned (/api/environments). Breaking changes will be communicated before implementation.