Edit

Platform API Reference

Flashback API v0.0.60

Find categories, code samples, example requests and responses. Select a language for code samples of API calls in the tabs or the mobile navigation menu.

Flashback provides a unified API to seamlessly manage cloud storage across diverse platforms, including:

  • Major providers: AWS S3, Google Cloud Storage (GCS), Azure Blob Storage (more soon)

  • Decentralized and compatible services: StorJ, Akave, and other S3/GCS-compatible systems

Through the API, developers and system administrators can:

  • Provision and manage storage buckets

  • Configure repositories with automated backup and mirroring

  • Monitor performance and usage metrics in real time

  • Control access securely with API keys

  • Gain visibility into storage health and availability

API Reference Index

Check the additional information for a full understanding of your management options in this section.

This documentation is structured into functional categories for ease of navigation:

Category
Description

Authentication

Have your authentication needs with Flashback’s versatile Auth API:

  • Initiate OAuth flows with Google or GitHub, or authenticate via email/password in a single call.

  • Exchange codes or credentials to receive JWT access and refresh tokens.

  • Refresh or revoke tokens to maintain session continuity and security.

User Account

Cover your user account.

  • Secure API access using JWT tokens for user sessions or OAuth2 for delegated identity management.

  • Access Flashback environments via dedicated endpoints for development and production use.

MFA (multi-factor authentication)

Cover your multi-factor authentication (MFA) needs with Flashback’s secure, flexible MFA API:

  • Initiate MFA enrollment, deliver QR codes or challenges, verify setup, and enable methods in just a few calls.

  • After primary login, trigger MFA challenges, accept TOTP codes (Google Authenticator), one-time Magic Links, or WebAuthn passkeys, and grant full access upon success.

  • List, add or remove methods, set your primary MFA, and reset configurations to maintain control.

Organization

Parametrize your organization management needs with Flashback’s Org API:

  • Create, update, or delete organizations and configure settings in a single call.

  • Add, remove, or list organization users and assign roles programmatically.

  • Have access to role-based access control (USER, BILLING, WORKSPACES, ADMINISTRATOR, OWNER) for every operation.

Workspace

Manage your workspace management needs with Flashback’s Workspace API:

  • Create, list, update, and delete workspaces to group users and resources within your organization.

  • Assign READ, WRITE, and ADMIN permissions; Organization Owners, Administrators, and Workspace Managers can create workspaces, while Workspace Admins manage users, settings, and deletion (if empty).

Bucket

Create and manage storage buckets across different providers.

  • Supports unified creation/configuration for AWS S3, GCP Google Cloud Storage, Mircrosoft Azure Blob, and S3/GCS-compatible services

  • Enables provider-specific configuration such as regions, replication settings, and lifecycle rules

  • Manage permissions, encryption, and storage classes

Repository

Set up and control repositories used for backup, mirroring, and synchronization workflows.

  • Link multiple buckets under a logical repository

  • Define sync schedules, mirror configurations, and data redundancy policies

  • Monitor repository health and ensure consistency across providers

API Keys

Manage access credentials for secure interaction with the Flashback API.

  • Generate API keys with scoped permissions with repositories (read, write, admin)

  • Enable or disable keys without deleting them

  • Use keys for fine-grained control over repository-level access

Bridge Node Registration

Use for your node registration and organization key management needs with Flashback’s Node API:

  • Register bridge nodes via cryptographic signatures—no auth needed—and manage node metadata, health checks, and status in a few calls.

Bridge Node Status

Access details about Flashback’s node infrastructure and availability.

  • View metadata and health of nodes deployed across AWS, GCP, Azure, and other locations

Performance Statistics

Fetch detailed usage and performance metrics.

  • Retrieve daily summaries or minute-level usage data

  • Metrics include: storage volume, read/write operations, latency, and error rates

Additional Services

Utility endpoints and auxiliary services.

  • Includes feedback submission (email integration)

  • Experimental or non-core service features may appear here

Check the real-time and historical status of Flashback services.

  • Includes uptime records, incident history, and component-level status

  • Authenticated endpoints to verify service identity and readiness

Device/Session management

Manage your device and session management needs with Flashback’s Device & Session API:

  • View and manage registered devices and control trust levels in a few calls.

  • Monitor active sessions across devices and revoke sessions for security purposes.

Settings

Configure your settings management needs with Flashback’s Settings API:

  • Retrieve, fully replace, partially update, or delete user and organization preferences in just a few calls.

  • Use dedicated endpoints for User Settings and Organization Settings.

HTTP Bearer Authentication

Flashback uses HTTP Bearer Authentication with JWT (JSON Web Tokens). To authenticate your requests, first obtain a JWT from the appropriate login or OAuth endpoint. Then include it in the Authorization header of every API call like this:

Authorization: Bearer <your-jwt-token>

This token confirms your identity and grants access to protected resources. Be sure to keep it secure.

Additional Information

Authentication

This API supports three authentication mechanisms:

  1. Internal Authentication - Email/password based authentication with JWT tokens

  2. Google OAuth - Google OAuth 2.0 authentication

  3. GitHub OAuth - GitHub OAuth 2.0 authentication

Account Validation

  • New user registrations require email verification

  • Verification tokens expire after 24 hours

  • Write operations (create/update/delete) are blocked until email verification is complete

  • Read operations remain available for unverified accounts

Base URL

Rate Limits

  • 100 requests per minute per IP

  • 1000 requests per hour per user

File Upload Limits

  • Feedback emails: Maximum 10MB per file, 25MB total

  • Storage operations: 100MB per file (handled by external nodes)

Quota Management

The platform uses a subscription-based quota system. When quotas are exceeded:

  • Repository operations are automatically disabled

  • Read operations remain available

  • Quotas reset based on your subscription period

Error Handling

All endpoints return consistent error responses with:

  • success: boolean indicating operation status

  • message: human-readable error description

  • error_code: machine-readable error code (when applicable)

Common error codes

  • QUOTA_EXCEEDED: Organization has reached its limits

  • NAME_ALREADY_USED: Resource name already exists

  • NOT_FOUND: Requested resource doesn't exist

  • VALIDATION_ERROR: Request data is invalid

Support

For questions or issues, use the feedback system APIs, in your Flashback platform interface or contact Flashback Support.

PreviousStart Vibe‑CodingNextAuthentication

Last updated

Was this helpful?