This document explains how to use the OpenAPI specification for the SpaceAPI Endpoint.
The SpaceAPI Endpoint API is fully documented using the OpenAPI Specification (OAS) 3.0 standard. The specification file is located at openapi.yaml in the project root.
The easiest way to view and interact with the API documentation is using Swagger UI:
# Start Swagger UI (requires Docker)
make openapi-uiThis will start Swagger UI on http://localhost:8081 where you can:
- Browse all API endpoints
- See request/response schemas
- Try out API calls directly
- View examples
- Go to https://editor.swagger.io/
- Click File → Import file
- Upload the
openapi.yamlfile - The editor will display the documentation and allow you to make changes
For a more polished, read-only documentation view:
# Using Docker
docker run -p 8082:80 \
-e SPEC_URL=https://raw.githubusercontent.com/q30-space/spaceapi-endpoint/main/openapi.yaml \
redocly/redocThen visit http://localhost:8082
Install the OpenAPI (Swagger) Editor extension:
- Open VS Code
- Install "OpenAPI (Swagger) Editor" by 42Crunch
- Open
openapi.yaml - Click the preview icon in the top-right corner
To ensure the OpenAPI specification is valid:
# Using the Makefile (requires Docker)
make openapi-validateThis uses the OpenAPI Generator CLI Docker image which is publicly available and doesn't require any authentication or npm dependencies.
You can generate client libraries in various programming languages using the OpenAPI Generator:
# Using npm
npm install -g @openapitools/openapi-generator-cli
# Using Docker (no installation needed)
# See examples belowdocker run --rm \
-v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/openapi.yaml \
-g typescript-fetch \
-o /local/clients/typescriptdocker run --rm \
-v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/openapi.yaml \
-g python \
-o /local/clients/pythondocker run --rm \
-v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/openapi.yaml \
-g go \
-o /local/clients/godocker run --rm \
-v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/openapi.yaml \
-g java \
-o /local/clients/javaView all available client generators:
docker run --rm openapitools/openapi-generator-cli listYou can also generate server stubs in various frameworks:
# Node.js/Express server
docker run --rm \
-v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/openapi.yaml \
-g nodejs-express-server \
-o /local/server-stubs/nodejs
# Spring Boot server
docker run --rm \
-v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/openapi.yaml \
-g spring \
-o /local/server-stubs/springTo generate a standalone HTML documentation file:
# Using redoc-cli
npm install -g redoc-cli
redoc-cli bundle openapi.yaml -o api-documentation.html
# Or using Docker
docker run --rm \
-v ${PWD}:/spec \
redocly/redoc-cli bundle /spec/openapi.yaml \
-o /spec/api-documentation.htmlGET /- Get SpaceAPI data (root endpoint)GET /api/space- Get SpaceAPI dataGET /health- Health check
All POST endpoints require authentication via the X-API-Key header:
POST /api/space/state- Update space open/closed statePOST /api/space/people- Update people countPOST /api/space/event- Add an event
Protected endpoints require an API key passed in the X-API-Key header:
curl -X POST \
-H "X-API-Key: your_api_key_here" \
-H "Content-Type: application/json" \
-d '{"open": true}' \
http://localhost:8080/api/space/stateSet your API key in the .env file:
SPACEAPI_AUTH_KEY=your_generated_key_here
Failed authentication attempts are rate limited:
- Limit: 5 failed attempts within 15 minutes
- Block Duration: 1 hour
- Response: HTTP 429 with
Retry-Afterheader - Scope: Per IP address
| Status | Description | Response Body |
|---|---|---|
| 400 | Invalid JSON | "Invalid JSON" |
| 401 | Missing/invalid API key | "Invalid API key" |
| 403 | Access forbidden | "Access forbidden" |
| 429 | Rate limited | "Too many failed authentication attempts..." |
# Get space status
curl http://localhost:8080/api/space
# Update state (requires auth)
curl -X POST \
-H "X-API-Key: your_key" \
-H "Content-Type: application/json" \
-d '{"open": true, "message": "Space is open"}' \
http://localhost:8080/api/space/state// Get space status
fetch('http://localhost:8080/api/space')
.then(response => response.json())
.then(data => console.log(data));
// Update state (requires auth)
fetch('http://localhost:8080/api/space/state', {
method: 'POST',
headers: {
'X-API-Key': 'your_key',
'Content-Type': 'application/json'
},
body: JSON.stringify({
open: true,
message: 'Space is open'
})
})
.then(response => response.json())
.then(data => console.log(data));import requests
# Get space status
response = requests.get('http://localhost:8080/api/space')
data = response.json()
print(data)
# Update state (requires auth)
headers = {
'X-API-Key': 'your_key',
'Content-Type': 'application/json'
}
payload = {
'open': True,
'message': 'Space is open'
}
response = requests.post(
'http://localhost:8080/api/space/state',
headers=headers,
json=payload
)
print(response.json())When you modify the API:
- Update
openapi.yamlto reflect the changes - Validate the specification:
make openapi-validate - Test the changes with Swagger UI:
make openapi-ui - Update this documentation if needed
- Regenerate client libraries if you maintain them
- OpenAPI Specification
- Swagger Editor
- Swagger UI
- Redoc
- OpenAPI Generator
- Spectral (OpenAPI Linter)
- SpaceAPI v15 Specification
When contributing to the API:
- Ensure all changes are reflected in
openapi.yaml - Validate the OpenAPI spec before committing
- Update examples in the specification
- Update this documentation
- Test generated client libraries if applicable