SlashApi is a web platform to build REST APIs fast without having to write any backend code yourself, you will gain instantly access to a fully operational API.
SlashApi allows you to integrate with all common apps and tools through RESTful API in a few clicks. The process of creating a RESTful API consist of 2 simple steps:
Some of services require a set of credentials e.g PostgreSQL, MySQL, FTP, SFTP, etc to allow us connect with them. You'll need to provide this credentials so SlashApi can connect to and interact with underlying data source. These credentials are stored in the system and encrypted using AES-256 encryption. These credentials are decrypted on-the-fly when SlashApi trying to connect to the destination data source.
Once you've setup your API endpoint, you can start making request to your API. SlashAPI turns any data into something called Restful JSON API. It means you can access your 3rd-party services data in a standard way using simple URLs and HTTP requests.
The host for Web API v1 requests is always https://v1.slashapi.com/
The HTTP verbs comprise a major portion of our “uniform interface” constraint and provide us the action counterpart to the noun-based resource. The primary or most-commonly-used HTTP verbs (or methods, as they are properly called) are POST, GET, PUT, PATCH, and DELETE.
| Verb | Description |
|---|---|
| GET | Retrieve a resource or group of resources |
| POST | Create a new resource |
| PUT | Update an existing resource |
| PATCH | Update an existing resource |
| DELETE | Delete an existing resource |
SlashApi URLs are made up by three components: team, service and identifier
https://v1.slashapi.com/<team>/<service>/<identifier>
Authentication is the way the backend handles user's request and limit which areas of your API they may be used to access.
By default SlashApi has no authentication enabled on your API as this is usually suitable for most use cases (as long as the data isn't sensitive). However, you can setup API authentication on your dashboard.
SlashApi supports the use of API Token. Api Token add an additional layer of security for your API and can be assigned specific permissions to limit which areas of your API they may be used to access. Api Token can be generated in your API endpoint.
To authenticate your requests using API Token, you only need to provide set a plain text header named "X-API-KEY" with the content of the header being "XXX" where XXX is your API Token.
curl -X "GET" "https://v1.slashapi.com/your-team/service/identifier" \
-H "X-API-KEY: Your.API.Key-HERE" \
-H "Content-Type: application/json"
When creating an application, there is always a problem of implementing login and registration. With SlashApi, you get them out of the box.
Bearer authentication is an HTTP authentication scheme that involves security tokens called bearer tokens. The bearer token is a cryptic string, and generated by the server in response to a login request. You must send this token in the Authorization header when making requests to protected resources:
Authorization: Bearer <token>
To get the token, you must setup Authentication API first. SlashAPI use Authentication API to register and login your user.
Once, you get the token from the login request response. You must send this token in the Authorization header when making requests.
curl -X "GET" "https://v1.slashapi.com/your-team/service/identifier" \
-H "Authorization: Bearer Your.Token-HERE" \
-H "Content-Type: application/json"
Before submitting data to the API endpoint, it is important to ensure all required form controls are filled out in the correct format. You can validate the input on the client-side, However, client-side validation should not be considered an exhaustive security measure. Client-side validation is too easy to bypass, so malicious users can still easily send bad data to your API endpoint. Your API should always perform security checks on any submitted data on the server-side.
Looking to the case above, SlashApi provides a way to validate input coming to your API. This custom validation will be useful when you build an API with dynamic fields like Database API (PostgreSQL, MySQL, MongoDB), Google Sheets, Airtable, etc.
Learn more about Data Validation.
An API rate limit is the number of API calls you can make in a given time period. When this limit is reached, any API call made by your front-end will fail until the time period passes.
When these rate limits are exceeded, a 429 'Too many requests' error is returned from the endpoint.
The following table lists the monthly rate limits for SlashApi plans.
| Plan | Rate Limit /month |
|---|---|
| Free | 1,000 |
| Personal | 100,000 |
| Startup | 400,000 |
| Growth | 1,000,000 |
We also limit request for each API per minute. The following table lists the rate limits per minute for SlashApi plans.
| Plan | Rate Limit /minute |
|---|---|
| Free | 60 |
| Personal | 250 |
| Startup | 500 |
| Growth | 1,000 |
Each request contains rate limit information in the HTTP response headers. You can use this HTTP headers in order to understand where the application is at for a given rate limit.
| HTTP Header | Description |
|---|---|
| X-RateLimit-Limit | Total request that can be used in a minute. |
| X-RateLimit-Remaining | Total request remaining for the API in a minute |
| X-RateLimit-Reset | Timestamp (unix epoch) for when the limit will be reset. |
| X-RateLimit-MonthlyLimit | Total request that can be used in a month. |
| X-RateLimit-MonthlyRemaining | Total request remaining for the API in a month |
| X-RateLimit-MonthlyReset | Timestamp (unix epoch) for when the limit will be reset. |
Explore our guides and examples to integrate with SlashApi.
