API Overview

REST API reference for TMA Cloud backend.

Base URL

All API endpoints are prefixed with /api unless otherwise specified.

Authentication

Most endpoints require JWT token sent as httpOnly cookie. Rate limiting: 25 attempts per 15 minutes for login/signup.

API Sections

Authentication - Login, signup, sessions
Sessions - Session management
Files - File operations
Sharing - Share links
Users - User management
OnlyOffice - Document editing
Monitoring - Health and metrics
Errors - Error handling
Examples - Code examples

Rate Limiting

The API employs rate limiting to prevent abuse and ensure service stability. Different limits are applied to authentication, file uploads, and general API endpoints. For detailed information, see the Rate Limits reference.

Response Format

Success responses return the requested data directly as a JSON object or array.

Error Response

{
  "message": "Error message"
}

For validation errors, the response includes a details field:

{
  "message": "Validation failed",
  "details": [{ "field_name": "Specific error message" }]
}

HTTP Status Codes

200 - Success
400 - Bad Request
401 - Unauthorized
403 - Forbidden
404 - Not Found
422 - Unprocessable Entity (Validation Error)
500 - Server Error
503 - Service Unavailable

Authentication - Authentication concepts
API Examples - Code examples
Error Codes - Error reference

Base URL​

Authentication​

API Sections​

Rate Limiting​

Response Format​

Error Response​

HTTP Status Codes​

Related Topics​