The Fluxbase HTTP API provides RESTful endpoints for authentication, storage, database operations, multi-tenancy management, edge functions, background jobs, and more. All endpoints are prefixed with /api/v1/ unless otherwise noted.
http://localhost:8080/api/v1
Most endpoints require authentication via JWT bearer tokens or service keys. Include the token in the Authorization header:
curl -H " Authorization: Bearer YOUR_ACCESS_TOKEN " \
http://localhost:8080/api/v1/auth/user
For multi-tenant deployments, specify the tenant context via the X-FB-Tenant header:
curl -H " Authorization: Bearer <service-key> " \
-H " X-FB-Tenant: acme-corp " \
http://localhost:8080/api/v1/tables/posts
When using a tenant-scoped service key, the tenant context is embedded in the key and the header is optional.
Endpoints for user registration, login, and session management.
Method Endpoint Description GET/auth/configGet auth configuration GET/auth/csrfGet CSRF token GET/auth/captcha/configGet CAPTCHA configuration POST/auth/captcha/checkCheck if CAPTCHA is required POST/auth/signupRegister a new user POST/auth/signinSign in with email/password POST/auth/signin/idtokenSign in with ID token POST/auth/refreshRefresh access token POST/auth/magiclinkRequest magic link POST/auth/magiclink/verifyVerify magic link token POST/auth/password/resetRequest password reset email POST/auth/password/reset/verifyVerify password reset token POST/auth/password/reset/confirmConfirm password reset POST/auth/verify-emailVerify email address POST/auth/verify-email/resendResend email verification POST/auth/2fa/verifyVerify 2FA (TOTP) code POST/auth/otp/signinSend OTP code POST/auth/otp/verifyVerify OTP code POST/auth/otp/resendResend OTP code
Method Endpoint Description POST/auth/signoutSign out current session GET/auth/userGet current user PATCH/auth/userUpdate current user POST/auth/reauthenticateReauthenticate current session GET/auth/user/identitiesList linked identities POST/auth/user/identitiesLink an identity DELETE/auth/user/identities/{id}Unlink an identity
Method Endpoint Description POST/auth/2fa/setupSet up TOTP 2FA POST/auth/2fa/enableEnable 2FA after setup POST/auth/2fa/disableDisable 2FA GET/auth/2fa/statusGet 2FA status
Method Endpoint Description POST/auth/impersonateStart impersonating a user POST/auth/impersonate/anonStart anonymous impersonation POST/auth/impersonate/serviceStart service impersonation DELETE/auth/impersonateStop impersonation GET/auth/impersonateGet active impersonation GET/auth/impersonate/sessionsList impersonation sessions
Method Endpoint Description GET/auth/oauth/providersList available OAuth providers GET/auth/oauth/{provider}/authorizeStart OAuth authorization flow GET/auth/oauth/{provider}/callbackOAuth callback GET/auth/oauth/{provider}/tokenGet OAuth provider token POST/auth/oauth/{provider}/logoutInitiate OAuth provider logout GET/auth/oauth/{provider}/logout/callbackOAuth logout callback
Method Endpoint Description GET/auth/saml/providersList SAML providers GET/auth/saml/metadata/{provider}Get SAML SP metadata GET/auth/saml/login/{provider}Initiate SAML login POST/auth/saml/acsSAML Assertion Consumer Service POST/auth/saml/sloSAML Single Logout (POST) GET/auth/saml/sloSAML Single Logout (GET) GET/auth/saml/logout/{provider}Initiate SAML logout
Endpoints for file storage operations.
Method Endpoint Description GET/storage/objectDownload file via signed URL (public, token-auth) GET/storage/config/transformsGet image transformation configuration GET/storage/bucketsList all buckets POST/storage/buckets/{bucket}Create bucket PUT/storage/buckets/{bucket}Update bucket settings DELETE/storage/buckets/{bucket}Delete bucket GET/storage/{bucket}List files in bucket POST/storage/{bucket}/{key}Upload file GET/storage/{bucket}/{key}Download file HEAD/storage/{bucket}/{key}Get file metadata DELETE/storage/{bucket}/{key}Delete file POST/storage/{bucket}/multipartMultipart file upload POST/storage/{bucket}/stream/{key}Streaming file upload POST/storage/{bucket}/sign/{key}Generate signed URL POST/storage/{bucket}/{key}/shareShare file with another user DELETE/storage/{bucket}/{key}/share/{user_id}Revoke file share GET/storage/{bucket}/{key}/sharesList file shares POST/storage/{bucket}/chunked/initInitialize chunked upload PUT/storage/{bucket}/chunked/{uploadId}/{chunkIndex}Upload a chunk POST/storage/{bucket}/chunked/{uploadId}/completeComplete chunked upload GET/storage/{bucket}/chunked/{uploadId}/statusGet chunked upload status DELETE/storage/{bucket}/chunked/{uploadId}Abort chunked upload
A full GraphQL API auto-generated from your database schema.
Method Endpoint Description POST/graphqlExecute GraphQL queries and mutations
See the GraphQL API documentation for complete details on queries, mutations, filtering, and SDK usage.
Auto-generated CRUD endpoints for your PostgreSQL tables.
Method Endpoint Description GET/tables/{table}List records with filtering POST/tables/{table}Create record(s) PATCH/tables/{table}Batch update records DELETE/tables/{table}Batch delete records GET/tables/{table}/{id}Get record by ID PUT/tables/{table}/{id}Replace record PATCH/tables/{table}/{id}Update record DELETE/tables/{table}/{id}Delete record POST/tables/{table}/bulkBulk insert PATCH/tables/{table}/bulkBulk update DELETE/tables/{table}/bulkBulk delete GET/tables/{table}/exportExport table data (CSV/JSON)
Manage tenants in multi-tenant deployments. Requires admin, instance_admin, or tenant_admin role.
Method Endpoint Description GET/admin/tenantsList all tenants GET/admin/tenants/mineList tenants for current user GET/admin/tenants/deletedList soft-deleted tenants POST/admin/tenantsCreate tenant GET/admin/tenants/{id}Get tenant details PATCH/admin/tenants/{id}Update tenant DELETE/admin/tenants/{id}Soft delete tenant (?hard=true for hard delete) POST/admin/tenants/{id}/recoverRecover soft-deleted tenant POST/admin/tenants/{id}/migrateMigrate tenant to latest schema POST/admin/tenants/{id}/repairRepair tenant (re-run bootstrap + FDW)
Method Endpoint Description GET/admin/tenants/{id}/membersList tenant members POST/admin/tenants/{id}/membersAdd member to tenant DELETE/admin/tenants/{id}/members/{user_id}Remove member from tenant GET/admin/tenants/{id}/adminsList tenant admins POST/admin/tenants/{id}/adminsAssign tenant admin DELETE/admin/tenants/{id}/admins/{user_id}Remove tenant admin
Method Endpoint Description GET/admin/tenants/{id}/settingsGet tenant settings PATCH/admin/tenants/{id}/settingsUpdate tenant settings DELETE/admin/tenants/{id}/settings/{key}Delete a tenant setting GET/admin/tenants/{id}/settings/{key}Get a specific tenant setting
Method Endpoint Description GET/admin/tenants/{id}/schemaGet schema status POST/admin/tenants/{id}/schema/applyApply schema from filesystem GET/admin/tenants/{id}/schema/contentGet stored schema SQL POST/admin/tenants/{id}/schema/contentUpload schema SQL POST/admin/tenants/{id}/schema/content/applyUpload and apply schema SQL DELETE/admin/tenants/{id}/schema/contentDelete stored schema
Manage API service keys. Scoped to the current tenant context via X-FB-Tenant.
Method Endpoint Description GET/admin/service-keysList service keys POST/admin/service-keysCreate service key GET/admin/service-keys/{id}Get service key details PUT/admin/service-keys/{id}Update service key DELETE/admin/service-keys/{id}Delete service key POST/admin/service-keys/{id}/disableDisable service key POST/admin/service-keys/{id}/enableEnable service key POST/admin/service-keys/{id}/revokeRevoke service key POST/admin/service-keys/{id}/deprecateDeprecate key with grace period POST/admin/service-keys/{id}/rotateRotate service key GET/admin/service-keys/{id}/revocationsGet revocation history
Manage client keys for key-based authentication.
Method Endpoint Description GET/client-keysList client keys GET/client-keys/{id}Get a client key POST/client-keysCreate a client key PATCH/client-keys/{id}Update a client key DELETE/client-keys/{id}Delete a client key POST/client-keys/{id}/revokeRevoke a client key
Method Endpoint Description GET/functionsList functions POST/functionsCreate function GET/functions/{name}Get function details PUT/functions/{name}Update function DELETE/functions/{name}Delete function POST/functions/{name}/invokeInvoke function (POST) GET/functions/{name}/invokeInvoke function (GET, for health checks) GET/functions/{name}/executionsGet function execution history GET/functions/sharedList shared modules GET/functions/shared/{path}Get a shared module POST/functions/sharedCreate a shared module PUT/functions/shared/{path}Update a shared module DELETE/functions/shared/{path}Delete a shared module
Method Endpoint Description POST/jobs/submitSubmit a new job GET/jobsList jobs GET/jobs/{id}Get job details by ID POST/jobs/{id}/cancelCancel a job POST/jobs/{id}/retryRetry a job GET/jobs/{id}/logsGet job logs
Method Endpoint Description GET/rpc/proceduresList available RPC procedures POST/rpc/{namespace}/{name}Invoke an RPC procedure GET/rpc/executions/{id}Get RPC execution status GET/rpc/executions/{id}/logsGet RPC execution logs
Manage database branches for isolated dev/test environments. All routes require admin, instance_admin, tenant_admin, or service_role.
Method Endpoint Description GET/admin/branchesList branches POST/admin/branchesCreate branch GET/admin/branches/{id}Get branch details DELETE/admin/branches/{id}Delete branch POST/admin/branches/{id}/resetReset branch GET/admin/branches/{id}/activityGet branch activity GET/admin/branches/activeGet active branch POST/admin/branches/activeSet active branch DELETE/admin/branches/activeReset active branch GET/admin/branches/stats/poolsGet branch pool stats GET/admin/branches/{id}/accessList branch access grants POST/admin/branches/{id}/accessGrant branch access DELETE/admin/branches/{id}/access/{user_id}Revoke branch access GET/admin/branches/github/configsList GitHub webhook configs POST/admin/branches/github/configsUpsert GitHub webhook config DELETE/admin/branches/github/configs/{repository}Delete GitHub webhook config
Method Endpoint Description GET/webhooksList webhooks POST/webhooksCreate webhook GET/webhooks/{id}Get webhook details PATCH/webhooks/{id}Update webhook DELETE/webhooks/{id}Delete webhook POST/webhooks/{id}/testTest webhook delivery GET/webhooks/{id}/deliveriesList webhook deliveries
Method Endpoint Description GET/admin/migrationsList migrations POST/admin/migrationsCreate migration GET/admin/migrations/{name}Get migration details POST/admin/migrations/{name}/applyApply migration POST/admin/migrations/{name}/rollbackRollback migration POST/admin/migrations/apply-pendingApply all pending migrations POST/admin/migrations/syncSync migrations (batch upload)
Manage secrets for edge functions and background jobs.
Method Endpoint Description GET/secretsList secrets GET/secrets/statsGet secrets stats POST/secretsCreate a secret GET/secrets/{id}Get secret by ID PUT/secrets/{id}Update secret by ID DELETE/secrets/{id}Delete secret by ID GET/secrets/{id}/versionsGet secret versions by ID POST/secrets/{id}/rollback/{version}Rollback secret to version GET/secrets/by-name/{name}Get secret by name PUT/secrets/by-name/{name}Update secret by name DELETE/secrets/by-name/{name}Delete secret by name GET/secrets/by-name/{name}/versionsGet secret versions by name POST/secrets/by-name/{name}/rollback/{version}Rollback secret by name
Method Endpoint Description GET/chatbotsList chatbots POST/chatbotsCreate chatbot GET/chatbots/{id}Get chatbot details PUT/chatbots/{id}Update chatbot DELETE/chatbots/{id}Delete chatbot POST/chatbots/{id}/chatSend message (WebSocket upgrade or HTTP) GET/knowledge-basesList knowledge bases POST/knowledge-basesCreate knowledge base GET/knowledge-bases/{id}Get knowledge base details PUT/knowledge-bases/{id}Update knowledge base DELETE/knowledge-bases/{id}Delete knowledge base POST/knowledge-bases/{id}/documentsUpload document GET/knowledge-bases/{id}/documentsList documents DELETE/knowledge-bases/{id}/documents/{doc_id}Delete document POST/knowledge-bases/{id}/searchSearch knowledge base
WebSocket endpoint for realtime subscriptions:
ws://localhost:8080/realtime
Channels: table:{schema}.{table}, presence:{room}, broadcast:{channel}
Method Endpoint Description GET/realtime/statsGet realtime connection statistics POST/realtime/broadcastBroadcast message to connected clients
Public settings endpoints (no authentication required).
Method Endpoint Description GET/settingsList all settings GET/settings/{key}Get a setting POST/settings/batchBatch get settings
Authenticated user settings management.
Method Endpoint Description GET/settings/user/listList user’s own settings GET/settings/user/own/{key}Get user’s own setting GET/settings/user/system/{key}Get system setting (public info) GET/settings/user/{key}Get a user setting PUT/settings/user/{key}Set a user setting DELETE/settings/user/{key}Delete a user setting
Authenticated user secrets management.
Method Endpoint Description POST/settings/secretCreate a user secret GET/settings/secretList user secrets GET/settings/secret/{path}Get a user secret PUT/settings/secret/{path}Update a user secret DELETE/settings/secret/{path}Delete a user secret
System monitoring endpoints. Requires authentication.
Method Endpoint Description GET/monitoring/metricsGet system metrics GET/monitoring/healthGet system health status GET/monitoring/logsGet system logs
Public invitation endpoints (token-based, no auth required).
Method Endpoint Description GET/invitations/{token}/validateValidate invitation token POST/invitations/{token}/acceptAccept invitation
Built-in JSON-RPC 2.0 endpoint for AI assistant integration. The base path is configurable (default: /mcp).
Method Endpoint Description POST/mcpMCP JSON-RPC requests GET/mcpMCP SSE stream GET/mcp/healthMCP health check
See MCP Server Guide for details.
OAuth 2.0 endpoints for MCP authentication. All endpoints are public (no auth required).
Method Endpoint Description GET/mcp/.well-known/oauth-authorization-serverOAuth authorization server metadata GET/mcp/.well-known/oauth-protected-resourceOAuth protected resource metadata GET/mcp/.well-known/oauth-protected-resource/mcpOAuth protected resource metadata for MCP POST/mcp/oauth/registerDynamic client registration GET/mcp/oauth/authorizeOAuth authorization POST/mcp/oauth/authorizeOAuth authorization consent POST/mcp/oauth/tokenOAuth token exchange POST/mcp/oauth/revokeOAuth token revocation
Admin-only management of custom MCP tools and resources. Requires admin role.
Method Endpoint Description GET/mcp/configGet MCP configuration GET/mcp/toolsList custom MCP tools POST/mcp/toolsCreate custom MCP tool POST/mcp/tools/syncSync custom MCP tool (upsert) GET/mcp/tools/{id}Get custom MCP tool PUT/mcp/tools/{id}Update custom MCP tool DELETE/mcp/tools/{id}Delete custom MCP tool POST/mcp/tools/{id}/testTest custom MCP tool GET/mcp/resourcesList custom MCP resources POST/mcp/resourcesCreate custom MCP resource POST/mcp/resources/syncSync custom MCP resource (upsert) GET/mcp/resources/{id}Get custom MCP resource PUT/mcp/resources/{id}Update custom MCP resource DELETE/mcp/resources/{id}Delete custom MCP resource POST/mcp/resources/{id}/testTest custom MCP resource
Admin sync endpoints for loading definitions from filesystem or database. Requires admin, instance_admin, or service_role role.
Method Endpoint Description POST/admin/functions/syncSync functions from filesystem POST/admin/jobs/syncSync jobs from filesystem POST/admin/ai/chatbots/syncSync AI chatbots from filesystem POST/admin/rpc/syncSync RPC procedures from database
Public endpoint for GitHub webhook integration (no auth, uses HMAC signature verification).
Method Endpoint Description POST/webhooks/githubGitHub webhook for branch automation
Admin dashboard authentication endpoints. All endpoints are public (no auth required for setup/login, unified auth for authenticated endpoints).
Method Endpoint Description GET/admin/setup/statusGet dashboard setup status POST/admin/setupInitial dashboard setup POST/admin/loginDashboard admin login POST/admin/refreshRefresh dashboard token POST/admin/logoutDashboard admin logout GET/admin/meGet current admin user
Public health check endpoints (no auth required).
Method Endpoint Description GET/Root health check GET/healthDetailed health check with database status
Table endpoints support PostgREST-compatible query parameters:
Parameter Description Example selectColumns to return ?select=id,name,emailorderSort order ?order=created_at.desclimitMax results ?limit=10offsetPagination offset ?offset=20{column}.{op}Column filter ?name.eq=John&age.gt=18
Operator Description Example eqEqual ?status.eq=activeneqNot equal ?status.neq=deletedgtGreater than ?age.gt=18gteGreater than or equal ?age.gte=18ltLess than ?price.lt=100lteLess than or equal ?price.lte=100likePattern match ?name.like=John%ilikeCase-insensitive pattern ?name.ilike=john%inIn list ?status.in=(active,pending)isIs null/not null ?deleted_at.is.null
Header Description AuthorizationBearer token for authentication (Bearer <jwt>) X-Client-KeyClient key for key-based authentication X-FB-TenantTenant slug for multi-tenant context X-Fluxbase-BranchBranch name for database branching context Content-TypeRequest body format (application/json, multipart/form-data) PreferResponse preferences (return=representation, count=exact)
A live OpenAPI 3.0 specification is available at:
This specification is generated dynamically based on your database schema and includes all available endpoints with their request/response schemas.
Errors return JSON: {"error": "description"}. Standard HTTP status codes apply (400, 401, 403, 404, 409, 429, 500, 503).
