API Overview
Authentication By Cookie
For most clients, authentication is performed by session cookie. Logging in to the platform sets a client's c3d_session_v5
cookie to their new session ID. The value of this cookie is used to authenticate subsequent requests.
Authentication By Domain API Key
For clients authenticating with a Domain API Key, use the Authorization
header.
Anti-CSRF
For clients authenticating with a session cookie, a csrf token must be sent with any request that is not a GET
request.
Authentication Overview
Header Name | Header Value |
---|---|
Authorization | APIKEY:DOMAIN <api key goes here> |
c3d-csrf | <csrf token goes here> |
Cookie Name | Cookie Value |
---|---|
c3d_session_v5 | <session ID> |
Content Types
Most requests accept only JSON or do not expect a request body at all. The expected JSON request formats are documented where possible. Endpoints that upload raw files instead expect raw binary data and a content type that accurately reflects the file being uploaded. Similarly, endpoints that serve raw files will serve them with the content type they were uploaded with. All other routes return JSON or do not return with a response body.
Authorization
Endpoint access is generally based on access to a given project, organization, or domain. Typical users that are not superadmins have roles on a per domain, per organization, per project basis. Most endpoints that require authorization require a capability in the same way: they require a capability on a domain, organization, or project.
All organizations belong to a single parent domain, and access to that domain provides access to that domain's organizations.
All projects belong to a single parent organization, and access to that organization provides access to that organization's projects.
Users cannot have capabilities on a scene or a scene version level, but both scenes and scene versions also exist in the same hierarchy. Any endpoint that operates on a scene or scene version expects the user to have access to that scene's parent project.
Entity | Has User Roles |
---|---|
Domain | Yes |
Organization | Yes |
Project | Yes |
Scene | No |
Scene Version | No |
Additional API Documentation
For more comprehensive access to our API documentation and routes, please contact us.
If you have a question or any feedback about our documentation please use the Intercom button (purple circle) in the lower right corner of any web page.