Skip to content
SnaapiDocs
← Back to snaapi.dev

API Endpoints

Snaapi automatically generates a full set of REST API endpoints for every enabled resource. All endpoints live under the /v1/:resourceName namespace and support authentication via session cookies, API keys, or admin tokens.

Base URL

All resource endpoints follow the pattern:

https://your-domain.com/v1/:resourceName

Replace :resourceName with the name of the resource you defined (e.g., posts, comments, orders).

List Records

Retrieve a paginated list of records, optionally filtered and sorted.

GET /v1/:resourceName

Response (200):

{
  "data": [
    {
      "id": "uuid",
      "title": "Hello",
      "created_at": "2026-01-01T00:00:00Z",
      "updated_at": "2026-01-01T00:00:00Z"
    }
  ],
  "meta": {
    "resource": "posts",
    "total": 42,
    "limit": 50,
    "offset": 0
  }
}

See Filtering and Pagination for query parameter details.

Get Single Record

Retrieve a single record by its ID.

GET /v1/:resourceName/:id

Response (200):

{
  "data": {
    "id": "uuid",
    "title": "Hello",
    "created_at": "2026-01-01T00:00:00Z",
    "updated_at": "2026-01-01T00:00:00Z"
  },
  "meta": {
    "resource": "posts"
  }
}

Create Record

Create a new record. Send a JSON body with the fields defined on the resource.

POST /v1/:resourceName

Request body:

{
  "title": "My New Post",
  "body": "Content goes here"
}

Response (200):

{
  "data": {
    "id": "generated-uuid",
    "title": "My New Post",
    "body": "Content goes here",
    "created_at": "2026-01-01T00:00:00Z",
    "updated_at": "2026-01-01T00:00:00Z"
  },
  "meta": {
    "resource": "posts"
  }
}

Update Record (Full Replace)

Replace all fields on an existing record.

PUT /v1/:resourceName/:id

Request body:

{
  "title": "Updated Title",
  "body": "Updated content"
}

Update Record (Partial)

Update only the specified fields on an existing record.

PATCH /v1/:resourceName/:id

Request body:

{
  "title": "Updated Title Only"
}

Delete Record

Delete a record by ID. If the resource has enableSoftDelete: true, the record is soft-deleted (a deleted_at timestamp is set) rather than permanently removed.

DELETE /v1/:resourceName/:id

Response (204 No Content): No response body.

Other Endpoints

Method Path Description
GET /v1/:resourceName/stream Server-Sent Events subscription
GET /v1/:resourceName/schema JSON Schema for the resource
GET /v1/:resourceName/openapi.json OpenAPI 3.1 spec (JSON)
GET /v1/:resourceName/openapi.yaml OpenAPI 3.1 spec (YAML)

Response Classes

Snaapi uses three standard response classes for all API responses.

ApiResponse

The wrapper for all successful responses. Returns JSON with Content-Type: application/json. Status 200 for data responses, 204 when data is null (e.g., after a delete).

ApiError

Returned when an operation fails. Contains a human-readable message, a machine-readable error code, and an optional errors array.

{
  "message": "Resource not found",
  "code": "RESOURCE_NOT_FOUND",
  "errors": []
}

ApiValidationError

Returned with status 400 when request data fails validation. Each entry in the errors array identifies the problematic field.

{
  "message": "Validation failed",
  "code": "INVALID_RESOURCE_DATA",
  "errors": [
    {
      "field": "title",
      "message": "Expected string, received number",
      "type": "string",
      "expected": "string",
      "received": "number"
    }
  ]
}

Error Codes

Client Errors

Code Status Description
NO_RESOURCE_NAME 400 Missing resource name in the URL
INVALID_JSON 400 Request body is not valid JSON
INVALID_FIELDS 400 Field names not allowed for the user's role
INVALID_QUERY_PARAMS 400 Malformed query parameters
INVALID_RESOURCE_DATA 400 Data fails schema validation
RELATION_REFERENCE_ERROR 400 Referenced record not found in foreign table
RESOURCE_NOT_FOUND 404 Resource does not exist or is disabled
RESOURCE_DISABLED 404 Resource is explicitly disabled
FORBIDDEN 403 User's role lacks permission for this action/resource
KEY_PERMISSION_DENIED 403 API key does not have permission for this action
ADMIN_TOKEN_NOT_ALLOWED 403 Admin tokens cannot create or update via resource endpoints

Server Errors

Code Status Description
RESOURCE_FETCH_ERROR 500 Failed to fetch records
RESOURCE_STORE_ERROR 500 Failed to create record
RESOURCE_UPDATE_ERROR 500 Failed to update record
RESOURCE_DELETE_ERROR 500 Failed to delete record
RESOURCE_FIND_ERROR 500 Failed to find record
RESOURCE_SCHEMA_ERROR 500 Failed to retrieve schema

Admin Token Restrictions

Admin tokens are designed for management operations. On resource endpoints, they are restricted to read and delete operations only:

Operation Method Allowed
List / Read GET Yes
Create POST No
Update (full) PUT No
Update (partial) PATCH No
Delete DELETE Yes

Attempting to create or update records with an admin token returns a 403 error with code ADMIN_TOKEN_NOT_ALLOWED. Use the dedicated admin API endpoints for write operations instead.