API overview
Authenticate, manage patterns, deploy automations, and monitor executions through the DRAGOPS REST API.
The DRAGOPS REST API gives you programmatic access to every feature available in the dashboard. You can create and manage patterns, deploy them, trigger executions, configure webhooks, and more.
Base URL
All API requests use the following base URL:
https://your-domain/apiReplace your-domain with the hostname of your DRAGOPS instance.
Authentication
Most endpoints require a Bearer token in the Authorization header. Obtain a token by calling the login endpoint.
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...Public endpoints such as GET /api/auth/providers and webhook ingestion do not require authentication.
Request format
Send request bodies as JSON with the Content-Type: application/json header.
curl -X POST https://your-domain/api/patterns \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name": "My Pattern"}'Response format
Successful responses return JSON with a success flag and a data object:
{
"success": true,
"data": { ... },
"timestamp": "2026-03-05T12:00:00.000Z"
}List endpoints include a meta object with pagination details:
{
"success": true,
"data": [ ... ],
"meta": {
"page": 1,
"limit": 20,
"total": 47,
"totalPages": 3
}
}Error format
Error responses include a human-readable message and a machine-readable error code:
{
"error": "Pattern not found",
"code": "PATTERN_NOT_FOUND"
}Some endpoints wrap errors in a structured object:
{
"success": false,
"error": {
"code": "VALIDATION",
"message": "name is required"
}
}HTTP status codes
| Code | Meaning |
|---|---|
200 | Request succeeded |
201 | Resource created |
202 | Request accepted (async processing) |
204 | Request succeeded with no response body |
400 | Invalid request parameters or body |
401 | Missing or invalid authentication token |
403 | Insufficient permissions |
404 | Resource not found |
409 | Conflict (duplicate resource) |
422 | Validation failed (e.g., transpilation errors) |
429 | Rate limit exceeded |
500 | Internal server error |
504 | Execution timed out |
Rate limiting
Rate limits vary by endpoint category. When you exceed a limit, the API returns a 429 status code. The response headers include Retry-After to indicate when you can retry.
- Authentication endpoints have stricter limits to prevent brute-force attacks.
- Webhook ingestion allows up to 100 requests per minute per IP address.
- General API endpoints have separate limits for read and write operations.
Pagination
List endpoints accept page and limit query parameters:
| Parameter | Type | Default | Description |
|---|---|---|---|
page | integer | 1 | Page number (1-indexed) |
limit | integer | 20 | Items per page (max 100) |
Resources
Authentication
Register, log in, refresh tokens, and manage OAuth.
Patterns
Create, update, delete, import, export, and version patterns.
Deployments
Deploy patterns, manage lifecycle, and trigger executions.
Executions
View execution history, logs, and performance metrics.
Webhooks
Receive external events and inspect webhook request logs.
Connections
Manage OAuth connections and API key credentials.
Nodes
Browse the node library and inspect node definitions.