Skip to content

REST API overview

Everything the DataSquares UI does goes through the REST API, and a curated developer subset of it is documented here — the endpoint groups you need to integrate, automate, and embed. All endpoints live under /api/ on your DataSquares host and speak JSON.

Requests carry a bearer token:

Terminal window
curl https://<your-datasquares-host>/api/dashboards \
-H "Authorization: Bearer <token>"

Two ways to get one:

  • API keys — for integrations. An admin creates one under Admin → API Keys with a scope (read, read/write, or admin). The key is shown once at creation.
  • Session tokens — sign in via the Auth endpoints with user credentials; you’ll receive the same JWT the web app uses.

Permissions follow the caller: an API key is bounded by its scope, a user token by the user’s role.

  • List endpoints paginate with limit and offset query parameters.
  • Errors return conventional status codes (400 validation, 401 unauthenticated, 403 forbidden, 404 not found, 409 conflict) with a JSON body describing the problem.
  • Query endpoints are read-only — only SELECT/WITH SQL is accepted, matching the product’s SQL editor rules.
Group Covers
Auth sign-in, tokens, MFA, SSO
API Keys programmatic credentials
Data Sources connections: create, test, sync
Query run read-only SQL
Saved Queries the SQL library
Dashboards dashboards and cards
Sharing share links
Embedding embed tokens and domains
Reports reports and schedules
Themes workspace themes

This reference is generated from the API’s OpenAPI specification, so it stays in lock-step with the deployed surface. Endpoint groups beyond this subset (admin, internal) exist but aren’t documented publicly — if you need one for an integration, ask.