API Overview
Base URLs, authentication, pagination, rate limits, and the difference between the Core API and the Customer Portal API
https://api.rapidly.tech/api
Use a Workspace Access Token (OAT) in the Authorization: Bearer header
Use a Customer Access Token created via /api/customer-sessions/
Base URLs
| Environment | Base URL | Purpose |
|---|---|---|
| Production | https://api.rapidly.tech/api | Real customers & live payments |
Authentication
Workspace Access Tokens (OAT)
Use an OAT to act on behalf of your workspace (manage shares, customers, etc.).
Authorization: Bearer rapidly_oat_xxxxxxxxxxxxxxxxxCreate OATs in your workspace settings. See: Workspace Access Tokens
Never expose an OAT in client-side code, public repos, or logs. If leaked, it will be revoked automatically by our secret scanning integrations.
Customer Access Tokens
Do not use OATs in the browser. For customer-facing flows, generate a Customer Session server-side, then use the returned customer access token with the Customer Portal API to let a signed-in customer view their own data.
Core API vs Customer Portal API
| Aspect | Core API | Customer Portal API |
|---|---|---|
| Audience | Your server / backend | One of your customer |
| Auth Type | Workspace Access Token (OAT) | Customer Access Token |
| Scope | Full workspace resources (shares, customers, files) | Only the authenticated customer’s data |
| Typical Use | Admin dashboards, internal tools, automation, provisioning | Building a custom customer portal or gated app |
| Token Creation | Via dashboard (manual) | Via /api/customer-sessions/ (server-side) |
| Sensitive Operations | Yes (create/update shares, manage customers, etc.) | No (read/update only what the customer owns) |
The Customer Portal API is a restricted surface designed for safe exposure in user-facing contexts (after exchanging a session). It cannot perform privileged workspace-level mutations like creating shares or managing other customers.
Quick Examples
curl https://api.rapidly.tech/api/shares/ \
-H "Authorization: Bearer $RAPIDLY_OAT" \
-H "Accept: application/json"curl https://api.rapidly.tech/api/customer-portal/ \
-H "Authorization: Bearer $RAPIDLY_CUSTOMER_TOKEN" \
-H "Accept: application/json"Using the API Directly
You can call the Rapidly API directly using fetch (TypeScript) or httpx (Python). Use the appropriate base URL for your environment:
const response = await fetch("https://api.rapidly.tech/api/shares/", {
headers: {
Authorization: `Bearer ${process.env.RAPIDLY_ACCESS_TOKEN!}`,
Accept: "application/json",
},
});
const data = await response.json();
import os
import httpx
client = httpx.Client(
base_url="https://api.rapidly.tech",
headers={"Authorization": f"Bearer {os.environ['RAPIDLY_ACCESS_TOKEN']}"},
)
response = client.get("/api/shares/")
data = response.json()Pagination
List endpoints in the Rapidly API support pagination to help you efficiently retrieve large datasets. Use the page and limit query parameters to control pagination.
Query Parameters
| Parameter | Type | Default | Max | Description |
|---|---|---|---|---|
page | integer | 1 | - | Page number, starting from 1 |
limit | integer | 10 | 100 | Number of items to return per page (window size) |
The page parameter works as a window offset. For example, page=2&limit=10
means the API will skip the first 10 elements and return the next 10.
Response Format
All paginated responses include a pagination object with metadata about the current page and total results:
| Field | Type | Description |
|---|---|---|
total_count | integer | Total number of items matching your query across all pages |
max_page | integer | Total number of pages available, given the current limit value |
Example
Let's say you want to fetch shares with a limit of 100 items per page:
curl https://api.rapidly.tech/api/shares/?page=1&limit=100 \
-H "Authorization: Bearer $RAPIDLY_OAT" \
-H "Accept: application/json"{
"items": [
{
"id": "...",
"name": "Product 1",
...
},
...
],
"pagination": {
"total_count": 250,
"max_page": 3
}
}In this example:
total_count=250indicates there are 250 total shareslimit=100means each page contains up to 100 sharesmax_page=3means you need to make 3 requests to retrieve all shares (pages 1, 2, and 3)
To retrieve all pages, increment the page parameter from 1 to max_page.
Our SDKs provide built-in pagination helpers to automatically iterate through
all pages.
Rate Limits
Rapidly API has rate limits to ensure fair usage and maintain performance. The limits are as follows:
- Default: 500 requests per minute
- Restricted endpoints (e.g., login, token exchange): 60 requests per minute
If you exceed the rate limit, you will receive a 429 Too Many Requests response. The response will include a Retry-After header indicating how long you should wait before making another request.
Workspaces requiring higher rate limits for production workloads may contact our support team to discuss elevated limits.