API Reference
API Overview
The ChangeVault REST API lets you log and query changes programmatically.
Base URL
https://app.changevault.dev/apiAuthentication
All API requests (except /api/health) require an API key passed in the x-api-key header.
curl https://app.changevault.dev/api/changes \
-H "x-api-key: cvk_prod_your_key_here"See Authentication for how to create an API key.
Rate limiting
API keys are limited to 60 requests per minute using a sliding window. If you exceed this limit you will receive a 429 Too Many Requests response with a Retry-After: 60 header.
Endpoints
| Method | Path | Auth | Description |
|---|---|---|---|
GET | /api/health | None | Service health check |
GET | /api/changes | API key | List changes |
GET | /api/changes/:id | API key | Get a specific change |
POST | /api/changes | API key | Create a change |
PATCH | /api/changes/:id | API key | Update a change |
DELETE | /api/changes/:id | API key | Delete a change |
GET | /api/services | API key | List services |
GET | /api/services/:id | API key | Get a specific service |
POST | /api/services | API key | Create a service |
GET | /api/hosts | API key | List hosts |
GET | /api/hosts/:id | API key | Get a specific host |
POST | /api/hosts | API key | Create a host |
GET | /api/activity | Session | List activity log entries |
Response format
All responses return JSON. Successful responses include a data key:
{
"data": { ... }
}List endpoints also include pagination metadata:
{
"data": [...],
"count": 42,
"page": 1,
"per_page": 25,
"total_pages": 2
}Error responses
Error responses return an error key with an HTTP 4xx or 5xx status:
{
"error": "Unauthorized"
}| Status | Meaning |
|---|---|
400 | Invalid JSON body |
401 | Missing or invalid API key |
403 | Forbidden — resource belongs to another organization |
404 | Resource not found |
409 | Conflict — duplicate name |
422 | Validation error |
429 | Rate limit exceeded |
500 | Internal server error |
503 | Service degraded |