Our REST API gives you access to most of Cobot’s features. If you need more endpoints let us know.
The Cobot API is a (somewhat) RESTful API, where resources can be accessed by their URLs. All data is returned as JSON. When you POST or PUT data to the API we expect either form encoded data or JSON with the appropriate content type header (application/json). Publicly available information can be accessed without any authentication. For private information you have to authenticate using OAuth 2.
If you have problems accessing our API, again, please ask us.
As a starting point take a look at the source code of our example applications on Github.
You can try out most of these apps from the add-ons directory.
OAuth is "an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.". "OAuth 2.0 is the next evolution of the OAuth protocol [..]. OAuth 2.0 focuses on client developer simplicity [...]. It is supported by many popular sites such as Facebook and there are client libraries available for many programming languages.
For information about OAuth2 see the oauth website.
For OAuth2 you need a client id and secret. In order to get those you have to register your application.
OAuth2 defines scopes to restrict access to certain resources.
The required scope for each resource can be found within the documentation for each endpoint.
Please note that a user's scope can be limited when they access the API as an admin of a space and some of their admin permissions have been revoked.
In general, the rate limit for an endpoint is 60 requests per minute per user. If applicable, alternative limits are given in the documentation for particular endpoints.
If you've exceeded the limit, Cobot will return a 429 status code and a JSON error message. The response will also contain a Retry-After header, this denotes the number of seconds to wait before your client may retry.