Skip to main content

Production Base URL

https://api.rapidly.tech/api

Sandbox Base URL

https://sandbox-api.rapidly.tech/api

Auth (Workspace)

Use a Workspace Access Token (OAT) in the Authorization: Bearer header

Auth (Customer Portal)

Use a Customer Access Token created via /api/customer-sessions/

Base URLs

EnvironmentBase URLPurpose
Productionhttps://api.rapidly.tech/apiReal customers & live payments
Sandboxhttps://sandbox-api.rapidly.tech/apiSafe testing & integration work
The sandbox environment is fully isolated—data, users, tokens, and workspaces created there do not affect production. Create separate tokens in each environment.
Read more: Sandbox Environment

Authentication

Workspace Access Tokens (OAT)

Use an OAT to act on behalf of your workspace (manage shares, customers, etc.). 
Authorization: Bearer rapidly_oat_xxxxxxxxxxxxxxxxx
Create OATs in your workspace settings. See: Workspace Access Tokens
Never expose an OAT in client-side code, public repos, or logs. If leaked, it will be revoked automatically by our secret scanning integrations.

Customer Access Tokens

Do not use OATs in the browser. For customer-facing flows, generate a Customer Session server-side, then use the returned customer access token with the Customer Portal API to let a signed-in customer view their own data.

Core API vs Customer Portal API

AspectCore APICustomer Portal API
AudienceYour server / backendOne of your customer
Auth TypeWorkspace Access Token (OAT)Customer Access Token
ScopeFull workspace resources (shares, customers, files)Only the authenticated customer’s data
Typical UseAdmin dashboards, internal tools, automation, provisioningBuilding a custom customer portal or gated app
Token CreationVia dashboard (manual)Via /api/customer-sessions/ (server-side)
Sensitive OperationsYes (create/update shares, manage customers, etc.)No (read/update only what the customer owns)
The Customer Portal API is a restricted surface designed for safe exposure in user-facing contexts (after exchanging a session). It cannot perform privileged workspace-level mutations like creating shares or managing other customers.

Quick Examples

curl https://api.rapidly.tech/api/shares/ \
  -H "Authorization: Bearer $RAPIDLY_OAT" \
  -H "Accept: application/json"

Using the API Directly

You can call the Rapidly API directly using fetch (TypeScript) or httpx (Python). Use the appropriate base URL for your environment: 
// For sandbox: https://sandbox-api.rapidly.tech/api
// For production: https://api.rapidly.tech/api

const response = await fetch("https://api.rapidly.tech/api/shares/", {
  headers: {
    Authorization: `Bearer ${process.env.RAPIDLY_ACCESS_TOKEN!}`,
    Accept: "application/json",
  },
});

const data = await response.json();

Pagination

List endpoints in the Rapidly API support pagination to help you efficiently retrieve large datasets. Use the page and limit query parameters to control pagination.

Query Parameters

ParameterTypeDefaultMaxDescription
pageinteger1-Page number, starting from 1
limitinteger10100Number of items to return per page (window size)
The page parameter works as a window offset. For example, page=2&limit=10 means the API will skip the first 10 elements and return the next 10.

Response Format

All paginated responses include a pagination object with metadata about the current page and total results:
FieldTypeDescription
total_countintegerTotal number of items matching your query across all pages
max_pageintegerTotal number of pages available, given the current limit value

Example

Let’s say you want to fetch shares with a limit of 100 items per page: 
curl https://api.rapidly.tech/api/shares/?page=1&limit=100 \
  -H "Authorization: Bearer $RAPIDLY_OAT" \
  -H "Accept: application/json"
In this example:
  • total_count=250 indicates there are 250 total shares
  • limit=100 means each page contains up to 100 shares
  • max_page=3 means you need to make 3 requests to retrieve all shares (pages 1, 2, and 3)
To retrieve all pages, increment the page parameter from 1 to max_page. Our SDKs provide built-in pagination helpers to automatically iterate through all pages.

Rate Limits

Rapidly API has rate limits to ensure fair usage and maintain performance. The limits are as follows:
  • Default: 500 requests per minute
  • Restricted endpoints (e.g., login, token exchange): 60 requests per minute
If you exceed the rate limit, you will receive a 429 Too Many Requests response. The response will include a Retry-After header indicating how long you should wait before making another request.
Workspaces requiring higher rate limits for production workloads may contact our support team to discuss elevated limits.