REST API v1

Automate the Steada control plane.

The dashboard and customer integrations use the same versioned API. Browse all 29 operations below, including their access requirements and safety boundaries.

Base URL https://api.steada.dev/v1

Before your first request

Authentication

Send the session token or API key in the authorization header. Never place credentials in a URL or query string.

Request header
Authorization: Bearer <session-or-api-key>
/

29 endpoints

Resource group

Authentication

Create an interactive session with a magic link or passkey.

POST /auth/magic-links

Request a sign-in link

Public

Sends a one-time sign-in link to an invited email address.

POST /auth/magic-links/verify

Verify a sign-in link

Public

Exchanges a valid one-time token for an interactive session.

POST /auth/passkeys/authentication/options

Start passkey authentication

Public

Creates a short-lived WebAuthn authentication ceremony.

POST /auth/passkeys/authentication/verify

Finish passkey authentication

Public

Verifies the passkey assertion and creates an interactive session.

POST /auth/passkeys/registration/options

Start passkey registration

Session

Creates registration options for the signed-in user.

POST /auth/passkeys/registration/verify

Finish passkey registration

Session

Verifies and stores the new passkey.

Resource group

Workspaces

Discover accessible workspaces and inspect control-plane state.

GET /memberships

List workspace memberships

Session

Returns every workspace the signed-in user can access and their role in each one.

GET /workspaces/{workspace_id}

Get a workspace

Session

Returns databases, credentials, alerts, support requests, billing state, and audit evidence.

POST /workspaces/{workspace_id}/events

Record an activation event

Session

Records an allowlisted customer lifecycle event.

Resource group

Databases

Provision and manage workspace databases.

POST /workspaces/{workspace_id}/databases

Provision a database

Client admin

Creates the database record and its asynchronous provisioning job.

POST /workspaces/{workspace_id}/databases/{database_id}/resize

Resize a database

Client admin

Changes the requested memory and connection limits.

POST /workspaces/{workspace_id}/databases/{database_id}/durability-request

Request durable storage

Client admin

Requests the durable-storage upgrade workflow.

GET /workspaces/{workspace_id}/databases/{database_id}/usage

Read usage telemetry

Session or API key

Returns a bounded usage series for 1h, 24h, 7d, or 30d. API keys require usage:read.

DELETE /workspaces/{workspace_id}/databases/{database_id}

Decommission a database

Interactive admin

Decommissions the database. API keys cannot perform this operation.

Resource group

Credentials

Issue and control database credentials without exposing stored secrets.

POST /workspaces/{workspace_id}/database-credentials

Create a database credential

Client admin

Returns a new credential secret once. Only its hash is retained.

POST /workspaces/{workspace_id}/database-credentials/{credential_id}/rotate

Rotate a database credential

Client admin

Issues a replacement secret and updates the credential version.

POST /workspaces/{workspace_id}/database-credentials/{credential_id}/status

Change credential status

Client admin

Suspends, re-enables, or revokes a database credential.

Resource group

Operations

Manage alerting, support, and portable usage exports.

POST /workspaces/{workspace_id}/alerts

Create an alert rule

Client admin

Creates a threshold alert for a workspace database.

POST /workspaces/{workspace_id}/alerts/{alert_id}/enabled

Enable or disable an alert

Client admin

Changes whether an existing alert rule is evaluated.

DELETE /workspaces/{workspace_id}/alerts/{alert_id}

Delete an alert rule

Client admin

Permanently removes an alert rule.

POST /workspaces/{workspace_id}/support-requests

Open a support request

Session

Creates a support request connected to the workspace audit trail.

GET /workspaces/{workspace_id}/exports/prometheus

Export Prometheus metrics

Session

Returns the current workspace metrics in Prometheus text exposition format.

GET /workspaces/{workspace_id}/exports/usage.csv

Export usage CSV

Session

Returns workspace usage telemetry as CSV.

Resource group

Billing

Inspect subscription state and enter Stripe-hosted billing flows.

GET /workspaces/{workspace_id}/billing/summary

Read billing summary

Interactive admin

Returns the workspace subscription, tier, and enforcement state.

POST /workspaces/{workspace_id}/billing/checkout-session

Create a checkout session

Interactive admin

Creates a short-lived Stripe Checkout URL for the selected tier.

POST /workspaces/{workspace_id}/billing/portal-session

Create a billing portal session

Interactive admin

Creates a short-lived Stripe Billing Portal URL.

Resource group

API keys

Create independently scoped machine credentials for integrations.

POST /workspaces/{workspace_id}/api-keys

Create an API key

Interactive admin

Returns the key secret once. The secret is stored as a one-way hash.

POST /workspaces/{workspace_id}/api-keys/{key_id}/rotate

Rotate an API key

Interactive admin

Creates an overlapping replacement so callers can cut over without downtime.

DELETE /workspaces/{workspace_id}/api-keys/{key_id}

Revoke an API key

Interactive admin

Immediately revokes the selected machine credential.

From reference to running database

Ready to automate your workspace?

Create a workspace, provision Valkey, and issue scoped credentials from the dashboard.

Open the dashboard

Last reviewed