Individual Account API Documentation
Individual Account APIs
Welcome to the RiverGen Individual Account API documentation. This documentation covers all APIs available for personal accounts and individual users.
Individual accounts are designed for personal use and self-management. When you sign up for an Individual account, RiverGen automatically creates a personal organization and workspace for you.
Quick Navigation
Available APIs
Shared APIs
These APIs are available to both Individual and Organization accounts. For Individual accounts, these APIs work with your personal organization and workspace that are automatically created when you sign up.
How Shared APIs Work for Individual Accounts:
- Authentication - Register, login, and manage your personal account. Social login automatically creates a personal organization for you.
- Sessions - Manage your personal login sessions across devices.
- MFA - Secure your individual account with multi-factor authentication.
- WebAuthn - Use hardware keys and biometrics for passwordless login to your personal account.
- Devices - Trust devices to skip MFA for your personal account.
- Personal Access Tokens - Create tokens scoped to your personal organization for API access.
- OAuth Applications - Register OAuth apps for your personal organization (useful for personal projects and integrations).
- OAuth2 - Use OAuth 2.0 flows for third-party applications accessing your personal account.
Available Shared APIs:
- Authentication - User registration, login, OAuth, password management, and profile operations (24 endpoints)
- Sessions - Session lifecycle and monitoring (2 endpoints)
- MFA - Multi-factor authentication setup and management (10 endpoints)
- WebAuthn - Passwordless authentication using hardware keys and biometrics (6 endpoints)
- Devices - Trusted device management for "remember device" functionality (4 endpoints)
- Personal Access Tokens - Personal access token management for programmatic API access (4 endpoints)
- OAuth Applications - OAuth 2.0 application management (7 endpoints)
- OAuth2 - OAuth 2.0 authorization flows for third-party applications (6 endpoints)
Platform APIs (Sprint 3)
These APIs enable data operations and are available to both Individual and Organization accounts:
- Data Sources [NEW] - Connect, manage, and query data across 30+ data sources (12 endpoints)
- Storage [NEW] - Upload, manage, and access files securely (9 endpoints)
- Policies [NEW] - Data governance policies including row-level security and data masking (8 endpoints)
- Prompt Studio [NEW] - Query data using natural language and manage prompts (15 endpoints)
Quick Start
- Get Started: Review the Authentication API to understand how to register and authenticate
- Secure Your Account: Set up Multi-Factor Authentication for enhanced security
- Connect Data: Use Data Sources API to connect to your databases, warehouses, and files
- Query Data: Use Prompt Studio API to query data using natural language
- Create Access Tokens: Generate Personal Access Tokens for API access
Base URL
All API endpoints are prefixed with /api/v1
Authentication
Most endpoints require authentication via JWT Bearer token:
Authorization: Bearer <your_access_token>
Response Format
All API responses follow a consistent structure:
{
"success": true,
"data": { ... },
"message": "Operation successful"
}
Error responses:
{
"success": false,
"error": {
"code": "ERROR_CODE",
"message": "Human-readable error message"
}
}
Status Codes
200- Success201- Created204- No Content400- Bad Request401- Unauthorized403- Forbidden404- Not Found409- Conflict422- Validation Error429- Too Many Requests500- Internal Server Error
Rate Limiting
Some endpoints have rate limiting:
- Login: 5 attempts per 15 minutes
- Signup: 3 attempts per 5 minutes
- Password reset: 3 requests per hour