Skip to main content
Documentation
Integration & API
REST API Reference

API Reference
Documentation.

The Reliatic API provides programmatic access to all platform features including asset management, risk calculations, inspection workflows, and governance operations. Build integrations with CMMS, ERP, or custom applications.

01. Authentication

Reliatic API uses Supabase Authentication with JWT tokens. All API requests must include a valid access token in the Authorization header.

AUTHENTICATION REQUEST
POST https://api.reliatic.com/auth/login
Content-Type: application/json

{
  "email": "user@company.com",
  "password": "your-secure-password"
}

// Response
{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "refresh_token": "v1.MR5twvbfNy...",
  "expires_in": 3600,
  "user": {
    "id": "uuid-here",
    "email": "user@company.com",
    "tenant_id": "tenant-uuid"
  }
}
USING THE ACCESS TOKEN
GET https://api.reliatic.com/api/assets
Authorization: Bearer eyJhbGciOiJIUzI1NiIs...
Content-Type: application/json

Username/Password

Standard email and password authentication. Returns JWT access token valid for 1 hour.

POST /auth/login

Refresh Token

Exchange refresh token for new access token without re-authenticating.

POST /auth/refresh

API Key (Service Accounts)

Long-lived API keys for server-to-server integrations. Contact support to provision.

Header: X-API-Key

02. Rate Limiting

API requests are rate-limited to ensure platform stability and fair usage across all tenants. Limits are enforced per tenant per endpoint.

Standard

Standard Limit:100 requests / minute
Burst Capacity:200 requests / minute (burst)

Default limit for all authenticated users

Premium

Standard Limit:500 requests / minute
Burst Capacity:1000 requests / minute (burst)

Available for enterprise plans

Bulk Operations

Standard Limit:10 requests / minute
Burst Capacity:20 requests / minute (burst)

Special limit for bulk import/export endpoints

RATE LIMIT HEADERS
HTTP/1.1 200 OK
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 87
X-RateLimit-Reset: 1640995200

// If rate limit exceeded:
HTTP/1.1 429 Too Many Requests
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1640995200
Retry-After: 45

{
  "error": "RATE_LIMIT_EXCEEDED",
  "message": "Rate limit exceeded. Try again in 45 seconds."
}

03. Assets API

GET/api/assets

Retrieve all assets for the authenticated tenant. Supports filtering, sorting, and pagination.

Parameters
  • page: number (default: 1)
  • limit: number (default: 50, max: 100)
  • criticality: string (filter by criticality)
  • type: string (filter by equipment type)
  • search: string (search by tag or name)
Example
GET /api/assets?criticality=high&limit=20

// Response
{
  "data": [
    {
      "id": "uuid-123",
      "tag": "V-102",
      "name": "Crude Stabilizer",
      "type": "pressure_vessel",
      "criticality": "high",
      "design_pressure_psi": 350,
      "design_temp_f": 450,
      "material": "SA-516-70",
      "created_at": "2024-01-15T10:30:00Z"
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 20,
    "total": 143
  }
}
POST/api/assets

Create a new asset. Requires authentication and tenant_id is automatically assigned.

Parameters
  • tag: string (required, unique)
  • name: string (required)
  • type: string (required)
  • criticality: string (optional)
  • design_pressure_psi: number (optional)
  • design_temp_f: number (optional)
  • material: string (optional)
Example
POST /api/assets
Content-Type: application/json

{
  "tag": "V-201",
  "name": "Secondary Separator",
  "type": "pressure_vessel",
  "criticality": "medium",
  "design_pressure_psi": 250,
  "design_temp_f": 350,
  "material": "SA-516-70"
}

// Response
{
  "id": "uuid-456",
  "tag": "V-201",
  "name": "Secondary Separator",
  "created_at": "2024-01-15T11:45:00Z"
}
PUT/api/assets/:id

Update an existing asset. Partial updates supported (send only fields to change).

Parameters
  • id: string (path parameter, asset UUID)
Example
PUT /api/assets/uuid-456
Content-Type: application/json

{
  "criticality": "high",
  "design_pressure_psi": 300
}

// Response
{
  "id": "uuid-456",
  "tag": "V-201",
  "criticality": "high",
  "design_pressure_psi": 300,
  "updated_at": "2024-01-15T12:00:00Z"
}
DELETE/api/assets/:id

Soft-delete an asset (sets deleted_at timestamp). Asset remains in database for audit trail.

Parameters
  • id: string (path parameter, asset UUID)
Example
DELETE /api/assets/uuid-456

// Response
{
  "success": true,
  "message": "Asset deleted successfully",
  "deleted_at": "2024-01-15T12:30:00Z"
}

04. Risks API

GET/api/risks

Retrieve all risk assessments (RBI results) for tenant assets.

Parameters
  • asset_id: string (filter by specific asset)
  • min_risk: number (filter by minimum risk score)
  • max_risk: number (filter by maximum risk score)
Example
GET /api/risks?min_risk=75

// Response
{
  "data": [
    {
      "id": "risk-uuid-1",
      "asset_id": "uuid-123",
      "pof": 4.2,
      "cof": 85.3,
      "risk_score": 358.26,
      "risk_category": "high",
      "calculated_at": "2024-01-15T09:00:00Z"
    }
  ]
}
POST/api/risks/calculate

Trigger risk calculation for specific assets or all assets in tenant.

Parameters
  • asset_ids: array (optional, calculate for specific assets)
  • methodology: string (optional, 'api_581' or 'iso_31000')
Example
POST /api/risks/calculate
Content-Type: application/json

{
  "asset_ids": ["uuid-123", "uuid-456"],
  "methodology": "api_581"
}

// Response
{
  "job_id": "calc-job-789",
  "status": "processing",
  "assets_queued": 2,
  "estimated_time_seconds": 120
}

05. Workflows API

GET/api/workflows

Retrieve workflow instances (actions, inspections, decisions).

Parameters
  • type: string (filter: 'action', 'inspection', 'fmea')
  • status: string (filter by workflow status)
  • owner_id: string (filter by assigned owner)
Example
GET /api/workflows?type=action&status=in_progress

// Response
{
  "data": [
    {
      "id": "workflow-uuid-1",
      "type": "action",
      "status": "in_progress",
      "title": "Replace corroded piping section",
      "owner_id": "user-uuid-1",
      "created_at": "2024-01-10T08:00:00Z",
      "due_date": "2024-02-15T17:00:00Z"
    }
  ]
}
POST/api/workflows/:id/transition

Trigger a state transition for a workflow (requires valid state machine transition).

Parameters
  • id: string (workflow UUID)
  • target_state: string (required)
  • justification: string (required)
Example
POST /api/workflows/workflow-uuid-1/transition
Content-Type: application/json

{
  "target_state": "completed",
  "justification": "All corroded sections replaced and pressure tested"
}

// Response
{
  "id": "workflow-uuid-1",
  "previous_state": "in_progress",
  "current_state": "completed",
  "transitioned_at": "2024-01-15T14:00:00Z"
}

06. Error Codes

401
UNAUTHORIZED

Missing or invalid authentication token. Check Authorization header.

403
FORBIDDEN

Authenticated but not authorized. User lacks required permissions for this operation.

404
NOT_FOUND

Requested resource does not exist or has been deleted.

422
VALIDATION_ERROR

Request payload failed validation. Check error details for specific field errors.

429
RATE_LIMIT_EXCEEDED

Too many requests. Wait for rate limit reset (see Retry-After header).

500
INTERNAL_SERVER_ERROR

Unexpected server error. Contact support if error persists.

503
SERVICE_UNAVAILABLE

Service temporarily unavailable. Retry with exponential backoff.

ERROR RESPONSE FORMAT
HTTP/1.1 422 Unprocessable Entity
Content-Type: application/json

{
  "error": "VALIDATION_ERROR",
  "message": "Validation failed",
  "details": [
    {
      "field": "tag",
      "message": "Tag already exists",
      "code": "DUPLICATE_TAG"
    },
    {
      "field": "design_pressure_psi",
      "message": "Must be greater than 0",
      "code": "INVALID_VALUE"
    }
  ]
}
PreviousAnalytics Events
NextCMMS Integration
Reliatic — Asset Integrity Governance Platform