Skip to content

Registry API Reference

Served by the standalone registry service (port 4000 internally, 4001 on the host in the bundled docker-compose.yml). Reached via nginx proxy at /registry/... from the main app and /api/... from the standalone community site — this reference uses the service's own paths directly.

Auth (/api/v1/auth)

Method & PathAuthDescription
POST /auth/register{ email, username, password } → creates an account, issues a session cookie, sends (or writes to data/outbox/) a verification email
POST /auth/login{ email, password } → session cookie
POST /auth/logoutsessionClears the session cookie
GET /auth/mesessionCurrent user, or 401
POST /auth/verify-email{ token } from the verification email → marks the account verified
POST /auth/forgot-password{ email } → always 200, regardless of whether the email is registered
POST /auth/reset-password{ token, new_password }
GET /auth/githubRedirects to GitHub OAuth, or 501 GITHUB_OAUTH_NOT_CONFIGURED if the operator hasn't set GITHUB_CLIENT_ID/GITHUB_CLIENT_SECRET/GITHUB_CALLBACK_URL
GET /auth/github/callbackOAuth callback; creates/links the account and redirects to PUBLIC_APP_URL

Sessions are an httpOnly cookie (datacore_session), a JWT valid 30 days.

Plugin listings (/api/v1/registry/plugins)

Method & PathAuthDescription
GET /plugins?q=&tag=List, optionally filtered
GET /plugins/{id}One listing
POST /pluginsverified session{ name, description, version, repo_url, docker_image?, homepage_url?, tags? }author is derived from the logged-in account, not submitted
DELETE /plugins/{id}verified session, owner only403 NOT_OWNER otherwise

DataCore Bundles (/api/v1/registry/bundles)

Method & PathAuthDescription
GET /bundles?q=&trigger_type=List, optionally filtered (matches if any of the bundle's pipelines[] has that trigger_type)
GET /bundles/{id}One bundle, including its full pipelines[] and resources[]
POST /bundlesverified sessionSee shape below
DELETE /bundles/{id}verified session, owner only403 NOT_OWNER otherwise

POST /bundles body — a bundle carries the exporter's entire local pipeline list, not a single pipeline:

json
{
  "name": "Full Warehouse Export",
  "description": "...",
  "pipelines": [
    {
      "name": "Standard Markdown Ingestion",
      "trigger_type": "MARKDOWN",
      "steps": [
        { "plugin_name": "Markdown Summarizer", "plugin_repo_url": "https://github.com/...", "max_attempts": 3 }
      ]
    },
    {
      "name": "GitHub Profile Analysis",
      "trigger_type": "GITHUB_REPO",
      "steps": [
        { "plugin_name": "GitHub Profile Scanner", "plugin_repo_url": "https://github.com/..." }
      ]
    }
  ],
  "resources": [
    { "name": "README", "type": "MARKDOWN", "source_uri": "https://raw.githubusercontent.com/..." },
    { "name": "My GitHub", "type": "GITHUB_REPO", "source_uri": "https://github.com/octocat" }
  ],
  "tags": ["starter"]
}

pipelines must be a non-empty array (max 20), no two entries may share a trigger_type, and each steps[].plugin_repo_url must be a valid http(s) URL. Every resources[].type must match the trigger_type of one of the bundle's pipelines. See Sharing & Importing Bundles for the full user-facing flow.

Common error shape

json
{ "error": { "code": "STRING_CODE", "message": "Human readable message" } }

Notable codes: NOT_AUTHENTICATED (401, no session), EMAIL_NOT_VERIFIED (403), NOT_OWNER (403), RATE_LIMITED (429 — 20 posts/hour or 20 auth attempts/15min per IP), INVALID_LISTING / INVALID_BUNDLE (400).