Astuto API (v1)
Download OpenAPI specification:Download
The Astuto API allows you to interact programmatically with the feedback space. You can manage Boards, Posts, Comments, Users, Votes, and more.
How to obtain an API key
You can obtain an API key only if you are an administrator or moderator of the feedback space. To get an API key, follow these steps:
- Log in to the feedback space.
- Click on your name in the top right corner and then click on Profile settings.
- In the API key section, click on the Generate API key button.
- Copy the API key and store it in a safe place. It cannot be shown again. If you lose it, you will have to generate a new one.
How to use the API key
To use the API key, you need to pass it in the Authorization header of your requests. The header must be in the following format:
Bearer {your-api-key}
The API endpoint path is /api/v1/.
Note: all API endpoints require authentication, so you must pass the API key in all your requests.
Moderator vs administrator API key
Moderators and administrators can do almost the same operations through the API. Some notable differences are:
- Only administrators can impersonate other users (see the following section).
- Only administrators can create Boards.
- Moderators cannot block administrators, whereas administrators can block moderators.
The impersonation technique
Administrators can impersonate other users through the API. This is useful if you want to submit a post or cast a vote on behalf of another user.
Some endpoints accept an impersonated_user_id parameter. If you pass this parameter, the API will act as if the request was made by the user with the specified ID. For example, if you want to create a post on behalf of a user with ID 123, you can pass impersonated_user_id=123 in the request body.
Since you need to know the ID of the user you want to impersonate, this technique is usually used in combination with the Create/Get user endpoint. This endpoint creates a new user and returns its ID if it does not exist or it just returns the ID of the existing user. You can then use the returned ID to impersonate the user in other requests.
Rate limits
The API has rate limits to prevent abuse. The following limits are in place simultaneously:
- 100 requests every 5 minutes per API key.
- 100 requests every 5 minutes per IP address.
Create board
Create a new board.
Note: requires admin role.
Authorizations:
Request Body schema: application/json
| name required | string Name of the board |
| slug | string or null URL-friendly identifier for the board (optional; if not provided, one will be created automatically from provided board name) |
| description | string or null Description of the board (optional) |
Responses
Request samples
- Payload
{- "name": "string",
- "slug": "string",
- "description": "string"
}Response samples
- 201
- 400
- 401
{- "id": 0
}A Comment can be written to reply to a Post or to another Comment. Moreover, administrators and moderators can mark a Comment as a "Post update": this is usually used to notify Users that some progress has been made in a Post.
List comments
List comments with optional filters. In particular, you may want to filter by post_id to get comments for a specific post. Comments are returned from newest to oldest.
Authorizations:
query Parameters
| post_id | integer Return only comments for the specified post. |
| limit | integer Number of comments to return. Defaults to 100. |
| offset | integer Offset the starting point of comments to return. Defaults to 0. |
Responses
Response samples
- 200
- 401
[- {
- "id": 0,
- "body": "string",
- "post_id": 0,
- "is_post_update": true,
- "user": {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "created_at": "string",
- "updated_at": "string"
}
]Create a comment
Create a new comment.
Authorizations:
Request Body schema: application/json
| body required | string Content of the comment |
| post_id required | integer ID of the post the comment belongs to |
| parent_id | integer or null ID of the parent comment if this is a comment reply |
| is_post_update | boolean or null Whether the comment is a post update or not |
| impersonated_user_id | integer or null ID of the user to impersonate (optional; requires admin role) |
Responses
Request samples
- Payload
{- "body": "string",
- "post_id": 0,
- "parent_id": 0,
- "is_post_update": true,
- "impersonated_user_id": 0
}Response samples
- 201
- 401
- 422
{- "id": 0
}Get a comment
Get a comment by id.
Authorizations:
path Parameters
| id required | integer ID of the comment. |
Responses
Response samples
- 200
- 401
- 404
{- "id": 0,
- "body": "string",
- "post_id": 0,
- "is_post_update": true,
- "user": {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "created_at": "string",
- "updated_at": "string"
}Update a comment
Update a comment by id.
Authorizations:
path Parameters
| id required | integer ID of the comment. |
Request Body schema: application/json
| body required | string Content of the comment |
Responses
Request samples
- Payload
{- "body": "string"
}Response samples
- 200
- 401
- 404
- 422
{- "id": 0
}Mark comment as post update
Mark a comment as a post update.
Note: email notification to post followers will NOT be sent when using this endpoint. To send email notifications, use the "Create a comment" endpoint with the "is_post_update" parameter set to true.
Authorizations:
path Parameters
| id required | integer ID of the comment. |
Responses
Response samples
- 200
- 401
- 404
{- "id": 0
}A Post Status is a label that can be assigned to a Post to indicate its current status (e.g. "In progress", "Completed", etc.).
A Post is a piece of content that can be created by Users. It usually represents ideas, suggestions, feedback or reports from your Users. Posts must be associated with a Board and can have Comments.
List posts
List posts with optional filters. Posts are returned from newest to oldest.
Authorizations:
query Parameters
| limit | integer Number of posts to return. Defaults to 20. |
| offset | integer Offset the starting point of posts to return. Defaults to 0. |
| board_id | integer If specified, only posts from this board will be returned. |
| user_id | integer If specified, only posts from this user will be returned. |
Responses
Response samples
- 200
- 401
[- {
- "id": 0,
- "title": "string",
- "description": "string",
- "board": {
- "id": 0,
- "name": "string",
- "slug": "string",
- "description": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "post_status": {
- "id": 0,
- "name": "string",
- "color": "string",
- "show_in_roadmap": true,
- "created_at": "string",
- "updated_at": "string"
}, - "user": {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "approval_status": "string",
- "slug": "string",
- "created_at": "string",
- "updated_at": "string"
}
]Create post
Create a new post.
Authorizations:
Request Body schema: application/json
| title required | string Title of the post |
| description | string Content of the post |
| board_id required | integer ID of the board where the post will be created |
| impersonated_user_id | integer or null ID of the user to impersonate (optional; requires admin role) |
Responses
Request samples
- Payload
{- "title": "string",
- "description": "string",
- "board_id": 0,
- "impersonated_user_id": 0
}Response samples
- 201
- 400
- 401
{- "id": 0
}Get a post
Get a post by id.
Authorizations:
path Parameters
| id required | integer ID of the post. |
Responses
Response samples
- 200
- 401
- 404
{- "id": 0,
- "title": "string",
- "description": "string",
- "board": {
- "id": 0,
- "name": "string",
- "slug": "string",
- "description": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "post_status": {
- "id": 0,
- "name": "string",
- "color": "string",
- "show_in_roadmap": true,
- "created_at": "string",
- "updated_at": "string"
}, - "user": {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "approval_status": "string",
- "slug": "string",
- "created_at": "string",
- "updated_at": "string"
}Update a post
Update a post.
Authorizations:
path Parameters
| id required | integer ID of the post. |
Request Body schema: application/json
| title | string New title of the post |
| description | string New content of the post |
Responses
Request samples
- Payload
{- "title": "string",
- "description": "string"
}Response samples
- 200
- 401
- 404
- 422
{- "id": 0
}Update post board
Move post to another board.
Authorizations:
path Parameters
| id required | integer ID of the post. |
Request Body schema: application/json
| board_id required | integer ID of the new board |
Responses
Request samples
- Payload
{- "board_id": 0
}Response samples
- 200
- 400
- 401
- 404
{- "id": 0
}Update post status
Update post status.
Authorizations:
path Parameters
| id required | integer ID of the post. |
Request Body schema: application/json
| post_status_id required | integer ID of the new post status. Send null if you want to remove current status. |
| impersonated_user_id | integer or null ID of the user to impersonate (optional; requires admin role) |
Responses
Request samples
- Payload
{- "post_status_id": 0,
- "impersonated_user_id": 0
}Response samples
- 200
- 401
- 404
{- "id": 0
}A User is a person who interacts with the feedback space. Users can create and vote Posts, write Comments, and more.
List users
List users with optional filters. Users are returned from newest to oldest.
Authorizations:
query Parameters
| limit | integer Number of users to return. Defaults to 50. |
| offset | integer Offset the starting point of users to return. Defaults to 0. |
Responses
Response samples
- 200
- 401
[- {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}
]Create/get user
Create a new user or, if it already exists, get it.
This endpoint is useful for the impersonation technique.
In the case of creation, a password will be randomly generated so the user will be able to log in using an OAuth provider or by email after resetting the password.
The full_name parameter is optional, but it is recommended to provide it if you are creating a new user.
Authorizations:
Request Body schema: application/json
| email required | string Email of the user |
| full_name | string Full name of the user |
Responses
Request samples
- Payload
{- "email": "string",
- "full_name": "string"
}Response samples
- 200
- 201
- 401
{- "id": 0
}Get user by email
Get a user by email. You can specify email both as a query parameter or in the request body.
Authorizations:
query Parameters
| email required | string User email |
Responses
Response samples
- 200
- 401
- 404
{- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}List votes
List votes with optional filters. In particular, you may want to filter by post_id to get votes for a specific post. Votes are returned from newest to oldest.
Authorizations:
query Parameters
| post_id | integer Return only votes for the specified post. |
| limit | integer Limit the number of votes returned. Defaults to 100. |
| offset | integer Offset the starting point of votes to return. Defaults to 0. |
Responses
Response samples
- 200
- 401
[- {
- "id": 0,
- "post_id": 0,
- "user": {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "created_at": "string",
- "updated_at": "string"
}
]Show a vote
Show a vote by ID.
Authorizations:
path Parameters
| id required | integer ID of the vote to show. |
Responses
Response samples
- 200
- 401
- 404
{- "id": 0,
- "post_id": 0,
- "user": {
- "id": 0,
- "email": "string",
- "full_name": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "created_at": "string",
- "updated_at": "string"
}