IoT Cloud provides several APIs with different audiences and trust levels.
JSON-RPC is the primary public API for users, devices, and scripts that should not connect directly to PostgreSQL.
Detailed method-level documentation is maintained in Postman:
RexArcView API is a non-public host API used to produce data for RexArcView online views.
It also operates against concrete instance/project data.
Catalog API, Internal API, Gateway API, and Node API are non-public platform-level APIs used by internal infrastructure and deployment automation.
For third-party services: If you are integrating external tools with IoT Cloud, see Internal platform APIs and use the Catalog API section for fetching connection details.
For complete documentation of internals, see Internal API.
Individual API keys belong to an individual identity inside an instance:
The key can be further restricted compared to the owner's full permissions.
Devices are used so users do not need to embed personal API keys into autonomous scripts or services. This also improves audit clarity because operations are attributed to the device identity.