Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.oleria.com/llms.txt

Use this file to discover all available pages before exploring further.

Programmatic access to your Oleria workspace, secured with OAuth 2.0 Client Credentials. The Oleria API is a REST API - all endpoints use standard HTTP methods and return JSON bodies. Versioning is part of the URL path so breaking changes can ship without disrupting your existing integrations.

Environments

Your API base URL is shown in the API URL field when you create an OAuth application in Settings → Manage APIs. It follows the pattern: 
https://devx.YOUR_TENANT.oleria.io
Use this URL as the base for all API calls.

Authentication

The API uses the OAuth 2.0 Client Credentials grant. You exchange a client_id and client_secret for a short-lived JWT, then send it as a Bearer credential in the Authorization header on every request. 
Authorization: Bearer <access_token>
Tokens are typically valid for one hour. Cache the token in your client and refresh it just before expiry rather than minting one per request. See Generate an API Token for the full flow, response shape, troubleshooting, and rotation guidance.

Conventions

ConventionDetail
VersioningVersion is part of the URL path - currently /v1/. Breaking changes will ship under a new path prefix.
TimestampsISO 8601, UTC (for example, 2026-05-12T17:32:00Z).
EncodingUTF-8.

Errors

Oleria uses conventional HTTP status codes to indicate success or failure. Error responses include a stable JSON body with code and message fields you can branch on.
StatusMeaning
200Request succeeded.
201A new resource was created.
400Bad Request - the request body or parameters are invalid.
401Unauthorized - missing, expired, or malformed access token.
403Forbidden - the credential is not permitted on this resource.
404Not Found - the resource does not exist or is not visible to this credential.
429Too Many Requests - rate limit exceeded.
5xxServer error on Oleria’s side.

Rate limits

The Oleria API enforces per-tenant rate limits to protect platform stability. When you exceed your limit, the API returns 429 Too Many Requests with a Retry-After response header (in seconds). Implement exponential back-off in your client to avoid compounding pressure on the gateway.

Example request

Once you have an access token (see Generate an API Token), call the API by passing the token as a Bearer credential. For example, to start a CSV export of the identity inventory: 
curl -X POST https://devx.YOUR_TENANT.oleria.io/v1/downloads \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "context": "accessInventoryIdentitiesV2" }'

Next steps

Generate an API token

Walk through the OAuth 2.0 Client Credentials flow end-to-end, with troubleshooting and token-rotation guidance.
The full endpoint reference - request schemas, response shapes, and copy-ready samples - is in the sidebar under Downloads.

Contact us

For questions about the API, contact us at support@oleria.com.