Docs · API

API reference.

Two surfaces: ingest (write events, traces, source maps) and query (read events, list projects, manage rules). OTLP-compatible alias at /v1/otlp.

Base URLs

  • Ingest: https://ingest.coderadar.app
  • Query: https://api.coderadar.app
  • CDN: https://cdn.coderadar.app (browser SDK + static assets)

Auth

Ingest uses the public DSN — no Authorization header needed. The DSN's public key encodes the project. Optional Bearer token for "server-only" DSNs.

Query uses Clerk session cookies (when called from the dashboard) or a Bearer token (when called from a script). Tokens are issued at app.coderadar.app/settings/keys → Personal access token. Scoped to specific projects.

POST /v1/events

Capture one or more events.

POST https://ingest.coderadar.app/v1/events
Content-Type: application/json
X-CodeRadar-Auth: dsn=PUBLIC_KEY,project=12

{
  "events": [
    {
      "event_id":    "ev_01HZRX4D2KQ7",
      "timestamp":   "2026-04-26T14:22:08.421Z",
      "level":       "error",
      "environment": "production",
      "release":     "[email protected]",
      "exception":   { ... },
      "user":        { ... },
      "trace_id":    "...",
      "tags":        { ... },
      "breadcrumbs": [ ... ]
    }
  ]
}

Response: 202 Accepted with { "accepted": N, "dropped": [{event_id, reason}] }. Idempotent on event_id.

POST /v1/traces

Capture one or more spans. Same auth and shape; OTLP-compat alias at /v1/otlp/traces.

POST /v1/sourcemaps

Upload a source map for a release.

POST https://ingest.coderadar.app/v1/sourcemaps
Content-Type: multipart/form-data
Authorization: Bearer $CODERADAR_TOKEN

project=truecom
[email protected]
url=/static/js/main.abc123.js
sourcemap=@dist/static/js/main.abc123.js.map

POST /v1/releases

POST https://api.coderadar.app/v1/releases
Authorization: Bearer $CODERADAR_TOKEN
Content-Type: application/json

{
  "project": "truecom",
  "release": "[email protected]",
  "commit":  "a8c2f11d3...",
  "deployed_at": "2026-04-26T14:00:00Z",
  "url":     "https://github.com/RelayOne/truecom/releases/v0.18.2"
}

GET /v1/query

GET https://api.coderadar.app/v1/query
  ?project=truecom
  &q=level:error in:5m
  &limit=100
Authorization: Bearer $CODERADAR_TOKEN

Returns paginated event list. cursor for pagination.

GET /v1/issues

Like /v1/query but grouped by fingerprint. Returns one row per issue with first_seen, last_seen, count, user_count.

GET /v1/projects

Returns the list of projects you have access to. [{id, slug, name, quota: {events, traces}, retention_days, ...}].

POST /v1/alerts/rules

Create a rule. Same shape as the YAML format. PUT to update, DELETE to remove.

GET /v1/alerts/firings

Returns the recent alert firings (when, which rule, group key, channels notified, response statuses).

SSE: GET /v1/stream

GET https://api.coderadar.app/v1/stream?project=truecom&q=level:error
Accept: text/event-stream
Authorization: Bearer $CODERADAR_TOKEN

Streams matching events in real time as event: event\ndata: { ... } messages.

Rate limits

  • Ingest: Per-project quota (configured in dashboard).
  • Query: 60 r/m per personal access token (more on request).
  • SSE: 4 simultaneous streams per token.

Errors

  • 202 — ingest accepted.
  • 400 — malformed body.
  • 401 — auth failed.
  • 403 — auth ok, but not allowed for this project.
  • 413 — body too large.
  • 429 — over quota / rate-limited.
  • 5xx — server fault. SDK should retry with backoff.