Admin REST API

The admin server exposes a REST API over HTTPS (port 443 by default). All endpoints that modify state require a Bearer token in the Authorization header.

Authentication

All /v1/configure/ endpoints require an account token. Volume-scoped endpoints (/v1/volumes/for-token/) accept a volume token. Meta-server endpoints (/v1/volumes/stats, /v1/volumes/retired, /v1/rate-bins) accept a meta store token.

Authorization: Bearer $TOKEN

Configuration CRUD Endpoints

These endpoints provide generic CRUD operations on all admin resource tables. The {table} parameter corresponds to the API name of the resource (e.g., accounts, volumes, block-stores).

List Resources

GET /v1/configure/{table}?key=value&...

Returns a JSON array of all records in the table. Query parameters are used as filters.

Response: 200 OK with JSON array.

Get Resource

GET /v1/configure/{table}/{id}
GET /v1/configure/{table}/{id1}/{id2}

Returns a single record by primary key. Composite-key resources (e.g., regions) use the two-ID form.

Response: 200 OK with JSON object.

Create Resource

POST /v1/configure/{table}
Content-Type: application/json

{ "field": "value", ... }

Creates a new record.

Response: 200 OK with the created JSON object.

Update Resource

PUT /v1/configure/{table}/{id}
PUT /v1/configure/{table}/{id1}/{id2}
Content-Type: application/json

{ "field": "new_value", ... }

Updates an existing record. Only provided fields are modified.

Response: 204 No Content.

Delete Resource

DELETE /v1/configure/{table}/{id}
DELETE /v1/configure/{table}/{id1}/{id2}

Deletes a record. For volumes, this sets the retired_at timestamp rather than removing the row.

Response: 204 No Content.

Available Tables

Table	Primary Key	Description
`accounts`	`id`	User accounts
`block-apis`	`code`	Block store API types (read-only)
`block-stores`	`id`	Block store configurations
`meta-stores`	`id`	Metadata store registrations
`providers`	`code`	Cloud providers
`proxy-groups`	`id`	Proxy groups
`regions`	`provider_code`, `code`	Provider regions (composite key)
`volumes`	`id`	Volumes
`volume-proxy-groups`	`volume_id`, `proxy_group_id`	Volume-to-proxy-group associations
`volume-tokens`	`token`	Volume access tokens

Volume Endpoints

Get Volume Settings (by token)

GET /v1/volumes/for-token/settings
Authorization: Bearer $TOKEN

Returns the volume settings for the token’s associated volume, including block size, compression, encryption, retention, mount flags, and proxy group addresses.

Update Secret ID (by token)

PATCH /v1/volumes/for-token/secret-id
Authorization: Bearer $TOKEN
Content-Type: application/json

{ "secret_id": "xxxxxxxx" }

Registers or updates the encryption secret ID for the volume.

Get Volume Tokens (by name)

GET /v1/volumes/for-name/{volumeName}/tokens
Authorization: Bearer $TOKEN

Returns the list of volume tokens for the named volume.

Delete Volume (by name)

DELETE /v1/volumes/for-name/{volumeName}
Authorization: Bearer $TOKEN

Retires a volume by name.

Delete Volume (by ID)

DELETE /v1/volumes/{volumeID}
Authorization: Bearer $TOKEN

Retires or cleans a volume by ID.

Deploy Endpoints

Install Script

GET /deploy/install-mount.sh

Returns a shell script that downloads and configures the mount client. No authentication required.

Binary Files

GET /deploy/{channel}/{version}/linux/{arch}/mount.flexfs

Serves the mount client binary. Channels are staging and production. No authentication required.

Meta-Server Endpoints

Post Volume Stats

POST /v1/volumes/stats
Authorization: Bearer $TOKEN
Content-Type: application/json

Accepts volume statistics from metadata servers for billing and metering.

Get Retired Volumes

GET /v1/volumes/retired
Authorization: Bearer $TOKEN

Returns volumes retired in the past two weeks for the authenticated metadata server.

Get Rate Bins

GET /v1/rate-bins
Authorization: Bearer $TOKEN

Proxies rate bin data from the stat server.

Status

GET /v1/status

Returns server health status. No authentication required.