Shipwreck ExD API v1.0.0
Enterprise-grade RESTful API with built-in security, automated rate-limiting, and real-time webhook support. All endpoints support asynchronous execution and background job management.
Core Endpoints
Users Management
CRUD operations for user accounts with role-based access controls
GET
/api/v1/users
Retrieve list of all users. Requires 'admin' scope.
200 OK - Successful request
POST
/api/v1/users
Create a new user with provided credentials
{
"username": "string",
"email": "string",
"password": "string",
"role": "user|admin"
}
GET
/api/v1/users/{id}
Retrieve details for a specific user
404 Not Found if user doesn't exist
Resource Management
Secure handling of application resources with fine-grained permissions
DELETE
/api/v1/resources
Delete multiple resources in batch operation
// Requires admin rights
PATCH
/api/v1/resources
Update specific fields of resources
204 No Content when successful
Authentication
All endpoints require JWT Bearer authentication with appropriate scopes
Get Access Token
curl -X POST 'https://auth.shipwreckexd.co/v1/token' \
-H 'Content-Type: application/json' \
-d '{
"client_id": "your_client_id",
"client_secret": "your_secret",
"grant_type": "client_credentials"
}'
Response includes:
- access_token
- refresh_token
- token_type (Bearer)
- expires_in (seconds)
Authenticated Requests
Basic Authorization Header:
Authorization: B
Required scopes:
- read:users
- write:resources
- admin:full-access
Version Migration
From v0.x
- • Authentication now requires client_credentials grant
- • Endpoints moved to /api/v1/ prefix
- • All responses now include request_id header
To v1.x
- • Use new PATCH method for partial updates
- • Rate limits increased to 10,000 requests/minute
- • Rate limit headers now include X-RateLimit-Remaining