Skip to content
Orbit

API Reference

API Reference

This document provides a complete reference for all API endpoints in Orbit.

Authentication

Login

POST /api/collections/users/auth-with-password

Request Body:

{
  "identity": "[email protected]",
  "password": "password123"
}

Response:

{
  "token": "JWT_TOKEN",
  "record": {
    "id": "USER_ID",
    "email": "[email protected]",
    // other user fields
  }
}

Refresh Token

POST /api/collections/users/auth-refresh

Organizations

Create Organization

POST /api/collections/organizations/records

Request Body:

{
  "name": "Organization Name",
  "description": "Organization Description"
}

List Organizations

GET /api/collections/organizations/records

Update Organization

PATCH /api/collections/organizations/records/{id}

Invitations

Create Invitation

POST /api/collections/invitations/records

Request Body:

{
  "email": "[email protected]",
  "organization": "ORG_ID",
  "role": "member"
}

Accept Invitation

POST /api/accept-invite

Request Body:

{
  "token": "INVITATION_TOKEN"
}

Calendar Events

Create Event

POST /api/collections/events/records

Request Body:

{
  "title": "Event Title",
  "start": "2023-01-01T10:00:00Z",
  "end": "2023-01-01T11:00:00Z",
  "description": "Event Description"
}

List Events

GET /api/collections/events/records

Update Event

PATCH /api/collections/events/records/{id}

Notifications

Get Notification Settings

GET /api/collections/notification_settings/records

Update Notification Settings

PATCH /api/collections/notification_settings/records/{id}

Request Body:

{
  "email_enabled": true,
  "teams_enabled": true,
  "webhook_url": "https://teams.webhook.url"
}

Error Responses

All endpoints may return the following error responses:

400 Bad Request

{
  "code": 400,
  "message": "Invalid request",
  "data": {}
}

401 Unauthorized

{
  "code": 401,
  "message": "Authentication required",
  "data": {}
}

403 Forbidden

{
  "code": 403,
  "message": "Insufficient permissions",
  "data": {}
}

404 Not Found

{
  "code": 404,
  "message": "Record not found",
  "data": {}
}

Rate Limiting

API requests are limited to:

  • 100 requests per minute for authenticated users
  • 20 requests per minute for unauthenticated users

Authentication Headers

Include the authentication token in the Authorization header:

Authorization: Bearer YOUR_JWT_TOKEN

Query Parameters

Common query parameters for list endpoints:

  • page: Page number (default: 1)
  • perPage: Items per page (default: 30)
  • sort: Sort field and direction (e.g., -created,name)
  • filter: Filter query (e.g., created >= "2023-01-01")

Webhook Events

Available webhook event types:

  • user.created
  • organization.created
  • invitation.sent
  • invitation.accepted
  • event.created
  • event.updated
  • event.deleted