API Reference

The SignalSmith REST API provides programmatic access to all platform resources. Use it to manage warehouses, models, destinations, syncs, audiences, identity graphs, journeys, events, and more.

Base URL

All API requests are made to your SignalSmith instance:

https://your-instance.signalsmith.io/api/v1

The API is versioned via the URL path. The current version is v1.

Request Format

All request bodies must be JSON with Content-Type: application/json
All responses are JSON with Content-Type: application/json
Resource paths follow the pattern /api/v1/workspaces/{workspaceId}/{resource}
Timestamps are ISO 8601 format (e.g., 2024-01-15T09:30:00Z)
IDs are UUIDs (e.g., 550e8400-e29b-41d4-a716-446655440000)

Authentication

Every request requires two headers:

Authorization: Bearer <token>
X-Workspace-ID: <workspace-id>

The Authorization header accepts either a Firebase ID token (for browser/UI clients) or an API key (for server-to-server integrations). See Authentication for details.

Pagination

List endpoints that return large collections support pagination via query parameters:

Parameter	Type	Default	Description
`page`	integer	`1`	Page number (1-indexed)
`page_size`	integer	`20`	Number of items per page (max 100)

Paginated responses include a pagination object:

{
  "data": [...],
  "pagination": {
    "page": 1,
    "page_size": 20,
    "total": 142
  }
}

Rate Limiting

API requests are rate-limited per workspace:

Tier	Limit
Standard	100 requests/minute
Burst	20 requests/second

When rate-limited, the API returns 429 Too Many Requests with a Retry-After header indicating when you can retry.

Error Format

Error responses use a consistent JSON structure:

{
  "error": "human-readable error message"
}

HTTP Status Codes

Code	Meaning	When
`200`	OK	Successful read or update
`201`	Created	Successful resource creation
`400`	Bad Request	Invalid request body, missing required fields, unsupported values
`401`	Unauthorized	Missing or invalid authentication token
`403`	Forbidden	Valid token but insufficient permissions for the requested resource
`404`	Not Found	Resource does not exist or is not accessible in this workspace
`409`	Conflict	Resource already exists (duplicate name, slug, etc.)
`422`	Unprocessable Entity	Request is well-formed but semantically invalid (e.g., referencing a non-existent source)
`429`	Too Many Requests	Rate limit exceeded
`500`	Internal Server Error	Unexpected server error

Common Response Patterns

Successful Deletion

{
  "status": "deleted"
}

Single Resource

{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "workspace_id": "...",
  "name": "...",
  "created_at": "2024-01-15T09:30:00Z",
  "updated_at": "2024-01-15T09:30:00Z"
}

List of Resources

Most list endpoints return a JSON array directly:

[
  { "id": "...", "name": "..." },
  { "id": "...", "name": "..." }
]

Resources

Resource	Base Path	Description
Warehouses	`/api/v1/workspaces/{id}/sources`	Data warehouse connections
Models	`/api/v1/workspaces/{id}/models`	SQL-defined datasets
Destinations	`/api/v1/workspaces/{id}/destinations`	Data write targets
Syncs	`/api/v1/workspaces/{id}/syncs`	Data movement configurations
Traits	`/api/v1/workspaces/{id}/traits`	Computed properties
Audiences	`/api/v1/workspaces/{id}/audiences`	Segmentation queries
Audience Syncs	`/api/v1/workspaces/{id}/audience-syncs`	Audience activation syncs
Identity Graphs	`/api/v1/workspaces/{id}/identity-graphs`	Identity resolution
Journeys	`/api/v1/workspaces/{id}/journeys`	Multi-step workflows
Events	`/api/v1/workspaces/{id}/events`	Real-time event collection
Loaders	`/api/v1/workspaces/{id}/loaders`	Inbound loaders
Govern	`/api/v1/workspaces/{id}/...`	Roles, groups, rules, access filters
Insights	`/api/v1/workspaces/{id}/insights`	Platform analytics
Workspaces	`/api/v1/workspaces`	Multi-tenant workspaces
Organizations	`/api/v1/organizations`	Company-level entities
API Keys	`/api/v1/workspaces/{id}/api-keys`	API key management

Guardrails Authentication