The primary public API for reading and writing instance data. Used by users, devices, and external scripts that should not connect to PostgreSQL directly.
| Aspect | Detail |
|---|---|
| Protocol | JSON-RPC 2.0 over HTTPS |
| Scope | Instance → project → object → data |
| Auth | Individual API key (user or device) |
| Authorization | Same permission model as the GUI |
| Docs | Postman collection |
Every request is evaluated in the context of a concrete instance and project. The API exposes data tables through object operations, not the raw structure design view.
API keys can be restricted below the owner’s full permissions.
A non-public host API that produces data for RexArcView online views. Operates against instance/project data.
These are not meant for end users. See System → Internal API.
| API | Location | Purpose |
|---|---|---|
| Catalog API | Host (iot-api) |
DB connection details for third-party services |
| Internal API | DBM | Node registration, sync, orchestration |
| Node API | Host (iot-node-manager) |
Local service routing data |
| Gateway API | DBM | Global routing table for Nginx generation |
Third-party integration: Use Catalog API to get PostgreSQL connection details for external tools.
Each API key belongs to an individual identity (user or device) inside an instance.
Devices let you run autonomous scripts and services without embedding a personal user key. Operations are attributed to the device identity, which improves audit trails and limits blast radius.