Developers
Everything in InsightBase is reachable over a REST API — the app itself is just a client of it.
The full REST API — every endpoint, request/response shape, and auth requirement — is documented live from the backend's own handler annotations at /docs (Swagger UI). It's always in sync with the deployed API, since it's generated directly from the code that serves it.
Two ways to authenticate a request, depending on who's calling:
Authorization: Bearer header, obtained from /api/v1/auth/login.Authorization: Bearer ibk_....ibk_3kf9...) are stored. If you lose it, revoke it and create a new one.curl https://app.insightbase.io/api/v1/dashboards \
-H "Authorization: Bearer ibk_3kf9aZ1mP7qXv2..."InsightBase exposes an MCP endpoint so AI assistants like Claude Desktop can query your dashboards and datasources directly as tools, authenticated with an API key. Enable it from Settings, then point your MCP client at your organization's MCP endpoint using an API key as the credential.
Authentication endpoints (login, register, invite-accept) are rate-limited per IP to protect against brute-force and spam. If you're building an integration that authenticates frequently on behalf of many users, use a long-lived API key instead of re-authenticating with a password each time.