REST API Reference
Data Island exposes 128+ stateless JSON REST endpoints organized into logical categories. All endpoints are rate-limitable, audited, and secured through the Gatekeeper API gateway.
Base URL
http://localhost:8050/apiAll endpoint paths below are relative to this base URL. In production, replace localhost:8050 with your Gatekeeper address.
Authentication
Every API request must include authentication credentials. Three methods are supported:
| Method | Header / Mechanism | Use Case |
|---|---|---|
| API Key | X-API-Key: st_key_... |
Service-to-service, CI/CD, scripts |
| Bearer Token | Authorization: Bearer st_tok_... |
User sessions, SDK, CLI |
| Session Cookie | Set automatically by login endpoint | Web UI, browser-based access |
Note: The superuser token (SUPERTABLE_SUPERUSER_TOKEN) grants full access to all endpoints. Use scoped API keys in production.
Common Response Format
All endpoints return JSON. Successful responses include a data field; errors include error and message.
{
"status": "ok",
"data": { ... },
"meta": {
"request_id": "req_abc123",
"duration_ms": 42
}
}{
"status": "error",
"error": "NOT_FOUND",
"message": "Table 'nonexistent' does not exist.",
"meta": {
"request_id": "req_def456"
}
}Tables
Create, list, describe, and manage tables in your organization.
| Method | Path | Description |
|---|---|---|
| POST | /api/tables |
Create a new table |
| GET | /api/tables |
List all tables in the organization |
| GET | /api/tables/{name} |
Get table metadata and schema |
| PUT | /api/tables/{name} |
Update table settings or comment |
| DELETE | /api/tables/{name} |
Delete a table and all its data |
| GET | /api/tables/{name}/schema |
Get column-level schema details |
| GET | /api/tables/{name}/stats |
Get row counts, size, and storage stats |
Data Operations
Write, read, and query data. The query endpoint accepts standard SQL.
| Method | Path | Description |
|---|---|---|
| POST | /api/data/write |
Write records to a table (JSON or Arrow IPC) |
| POST | /api/data/query |
Execute a SQL query and return results |
| GET | /api/data/read |
Stream table data as JSON or Arrow IPC |
| POST | /api/data/commit |
Commit a pending write transaction |
| POST | /api/data/compact |
Trigger compaction on a table |
Query Example
curl -X POST http://localhost:8050/api/data/query \
-H "Authorization: Bearer st_tok_..." \
-H "Content-Type: application/json" \
-d '{
"sql": "SELECT sensor_id, AVG(temperature) FROM sensors GROUP BY sensor_id",
"format": "json"
}'Ingestion
Upload files (CSV, Parquet, JSON) for bulk data ingestion.
| Method | Path | Description |
|---|---|---|
| POST | /api/ingestion/upload |
Upload a file for ingestion (multipart) |
| POST | /api/ingestion/commit |
Commit an uploaded file to a table |
| GET | /api/ingestion/status/{id} |
Check ingestion job status |
RBAC & Access Control
Manage roles, users, permissions, and API keys.
| Method | Path | Description |
|---|---|---|
| GET | /api/rbac/roles |
List all roles |
| POST | /api/rbac/roles |
Create a new role with permissions |
| POST | /api/rbac/users |
Create or invite a user |
| PUT | /api/rbac/users/{id}/roles |
Assign roles to a user |
| POST | /api/rbac/api-keys |
Generate a scoped API key |
| DELETE | /api/rbac/api-keys/{id} |
Revoke an API key |
Monitoring
Health checks, metrics, and operational endpoints.
| Method | Path | Description |
|---|---|---|
| GET | /api/monitoring/health |
Platform health check |
| GET | /api/monitoring/metrics |
Prometheus-compatible metrics export |
| GET | /api/monitoring/audit-log |
Query the audit log |
Rate Limiting
The Gatekeeper enforces per-key rate limits. When a limit is exceeded, the API responds with HTTP 429 Too Many Requests and includes a Retry-After header.
HTTP/1.1 429 Too Many Requests
Retry-After: 30
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1706500000