API Overview
The LOX API is a RESTful API that allows you to programmatically manage backups, storage, and tenant settings.
Base URL
https://backlox.com/apiVersion
v1Auth
Bearer TokenAuthentication
All API requests require authentication using your API key in the Authorization header:
curl https://backlox.com/api/v1/backups \ -H "Authorization: Bearer lox_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
API Key Security
Your API key carries full access to your account. Keep it secret, use environment variables, and never commit it to version control.
Request Format
All requests should use JSON for request bodies and accept JSON responses:
curl -X POST https://backlox.com/api/v1/backups \
-H "Authorization: Bearer lox_xxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"name": "daily-backup",
"size_bytes": 1048576
}'API Endpoints
Backups
| Method | Endpoint | Description |
|---|---|---|
| GET | /v1/backups | List all backups |
| POST | /v1/backups | Create new backup (get upload URL) |
| GET | /v1/backups/:id | Get backup details |
| POST | /v1/backups/:id/complete | Mark upload as complete |
| GET | /v1/backups/:id/download | Get download URL |
| DELETE | /v1/backups/:id | Delete a backup |
Tenant / Account
| Method | Endpoint | Description |
|---|---|---|
| GET | /v1/tenant | Get tenant info |
| PATCH | /v1/tenant | Update tenant settings |
| GET | /v1/tenant/api-keys | List API keys |
| POST | /v1/tenant/api-keys | Create new API key |
| DELETE | /v1/tenant/api-keys/:id | Revoke API key |
Storage
| Method | Endpoint | Description |
|---|---|---|
| GET | /v1/storage | Get storage usage and quota |
| GET | /v1/storage/stats | Get detailed storage statistics |
Common Operations
Create a Backup
Creating a backup is a two-step process: request an upload URL, then upload the file.
# Step 1: Request upload URL
curl -X POST https://backlox.com/api/v1/backups \
-H "Authorization: Bearer lox_xxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"name": "daily-backup-2024-01-15",
"size_bytes": 52428800,
"content_type": "application/gzip",
"metadata": {
"source": "production-server",
"database": "myapp"
}
}'
# Response:
{
"id": "bkp_abc123def456",
"name": "daily-backup-2024-01-15",
"status": "pending",
"upload_url": "https://storage.backlox.com/upload/...",
"upload_expires_at": "2024-01-15T11:00:00Z"
}
# Step 2: Upload the file to the upload URL
curl -X PUT "https://storage.backlox.com/upload/..." \
-H "Content-Type: application/gzip" \
--data-binary @backup.tar.gz
# Step 3: Mark upload as complete
curl -X POST https://backlox.com/api/v1/backups/bkp_abc123def456/complete \
-H "Authorization: Bearer lox_xxxxxxxxxxxx"
# Response:
{
"id": "bkp_abc123def456",
"name": "daily-backup-2024-01-15",
"status": "completed",
"size_bytes": 52428800,
"checksum": "sha256:a1b2c3d4e5f6...",
"created_at": "2024-01-15T10:30:00Z"
}List Backups
# List all backups with pagination
curl "https://backlox.com/api/v1/backups?limit=10&offset=0" \
-H "Authorization: Bearer lox_xxxxxxxxxxxx"
# Filter by status
curl "https://backlox.com/api/v1/backups?status=completed" \
-H "Authorization: Bearer lox_xxxxxxxxxxxx"
# Filter by date range
curl "https://backlox.com/api/v1/backups?created_after=2024-01-01&created_before=2024-01-31" \
-H "Authorization: Bearer lox_xxxxxxxxxxxx"
# Response:
{
"backups": [
{
"id": "bkp_abc123",
"name": "daily-backup-2024-01-15",
"status": "completed",
"size_bytes": 52428800,
"created_at": "2024-01-15T10:30:00Z"
},
// ...more backups
],
"total": 42,
"limit": 10,
"offset": 0
}Download a Backup
# Get download URL
curl https://backlox.com/api/v1/backups/bkp_abc123/download \
-H "Authorization: Bearer lox_xxxxxxxxxxxx"
# Response:
{
"download_url": "https://storage.backlox.com/download/...",
"expires_at": "2024-01-15T11:30:00Z",
"size_bytes": 52428800,
"checksum": "sha256:a1b2c3d4e5f6..."
}
# Download the file
curl -o backup.tar.gz "https://storage.backlox.com/download/..."Get Storage Info
curl https://backlox.com/api/v1/storage \
-H "Authorization: Bearer lox_xxxxxxxxxxxx"
# Response:
{
"used_bytes": 1073741824,
"quota_bytes": 5368709120,
"used_percentage": 20.0,
"backup_count": 15,
"oldest_backup": "2024-01-01T00:00:00Z",
"newest_backup": "2024-01-15T10:30:00Z"
}Pagination
List endpoints support pagination using limit and offset:
| Parameter | Default | Description |
|---|---|---|
| limit | 20 | Number of items per page (max 100) |
| offset | 0 | Number of items to skip |
Error Handling
The API uses standard HTTP status codes and returns error details in JSON:
{
"error": {
"code": "validation_error",
"message": "Invalid request body",
"details": {
"name": "Name is required",
"size_bytes": "Must be a positive integer"
}
}
}HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Success |
| 201 | Created successfully |
| 400 | Bad request - invalid parameters |
| 401 | Unauthorized - invalid or missing API key |
| 403 | Forbidden - insufficient permissions |
| 404 | Not found - resource doesn't exist |
| 429 | Rate limited - too many requests |
| 500 | Server error - try again later |
Rate Limiting
The API implements rate limiting to ensure fair usage and protect system stability. When you exceed the rate limit, you'll receive a 429 Too Many Requests response.
| Endpoint Type | Limit | Window |
|---|---|---|
| General API | 1000 requests | per minute |
| Upload endpoints | 100 requests | per minute |
| Download endpoints | 200 requests | per minute |
Rate limit headers are included in all responses:
X-RateLimit-Limit: 1000 X-RateLimit-Remaining: 995 X-RateLimit-Reset: 1704288000 Retry-After: 30 # Only on 429 responses
Error Codes
| Code | Description |
|---|---|
| validation_error | Request body validation failed |
| authentication_error | Invalid or expired API key |
| quota_exceeded | Storage quota limit reached |
| rate_limited | Too many requests, retry after delay |
| upload_expired | Upload URL has expired |
| backup_not_found | Backup with given ID not found |
Rate Limiting
The API implements rate limiting to ensure fair usage. Rate limit headers are included in all responses:
X-RateLimit-Limit: 100 X-RateLimit-Remaining: 95 X-RateLimit-Reset: 1705320000
| Plan | Requests/minute | Requests/hour |
|---|---|---|
| Free | 60 | 1,000 |
| Pro | 300 | 10,000 |
| Enterprise | 1,000 | Unlimited |
Webhooks
Configure webhooks to receive notifications when backups complete or fail:
# Webhook payload for backup.completed event
{
"event": "backup.completed",
"timestamp": "2024-01-15T10:30:00Z",
"data": {
"id": "bkp_abc123",
"name": "daily-backup",
"status": "completed",
"size_bytes": 52428800,
"checksum": "sha256:a1b2c3d4..."
}
}
# Webhook payload for backup.failed event
{
"event": "backup.failed",
"timestamp": "2024-01-15T10:30:00Z",
"data": {
"id": "bkp_abc123",
"name": "daily-backup",
"status": "failed",
"error": "Upload timeout exceeded"
}
}Webhook Verification
All webhook requests include a X-LOX-Signature header with an HMAC-SHA256 signature. Verify this signature using your webhook secret.
SDKs & Tools
Use our official SDKs for easier integration: