rooomSpaces REST-API
The rooomSpaces REST-API is a REST-styled API that gives full control over the entire rooomSpaces platform.
rooomSpaces REST-API allows developers to interact programmatically with their rooom account and services using HTTP requests.
With the API, developers can manage 3d spaces, setup collaboration features, retrieve statistic, and manage the account.
The API supports any programming language or framework that can send HTTP requests.
Overview
Our API is exposed as an HTTP/1 and HTTP/2 service over SSL. All endpoints live under one base url and then generally follow the REST architecture.
https://api.rooom.com
Authentication
An API token are required to authenticate and use the rooomSpaces API. The Authorization
header with a bearer token.
Authorization: Bearer <TOKEN>
You can find out how to create an API token at Authentication.
If authentication is unsuccessful for a request, the error status code 401 is returned.
Server Specs
HTTP and TLS
The API supports HTTP versions 1, 1.1, and 2, although HTTP/2 is preferred.
TLS versions 1.2 and 1.3 are supported, with resumption.
For more information on TLS support, refer to the SSL Labs report.
Security
You will find information on security, the supported ciphers and more here.
Content Type
All requests must be encoded as JSON with the Content-Type: application/json
header. If not otherwise specified, responses from the rooomSpaces API, including errors, are encoded exclusively as JSON as well.
Errors
All API endpoints contain a code and message within the error responses, though some API endpoints extend the error object to contain other information.
More information to errors can be found here.
Rate Limiting
rooomSpaces API is rate limited to prevent abuse that could degrade the service quality for other users. The rate limit is applied to each IP address, and the default rate limit is 20 requests per second.
INFO
If you need a higher rate limit quota, please get in touch with us.
Versioning
All endpoints and examples are designated with the latest version.
The response shape of a certain endpoint is not guaranteed to be fixed over time. In particular, we might add new keys to responses, which will be noted in the changelog.
To ensure the security and correctness of your application, make sure to only read the keys from the response that your application needs. Don't proxy entire responses to third-parties without validation.
When we intend to deprecate, we will notify users in the changelog section.