API reference

Everything you can do in the Backup dashboard is also available via API.

Where to find the Swagger UI

The Swagger UI is served at /swagger/ on the Backup service host. The host is exposed via the PUBLIC_SNAPDB_SERVICE_BACKEND environment variable in the JDS dashboard repo, or via your account settings.

(The backend service is still internally named snapdb; customer-facing branding is "Backup".)

Authentication

Authorization: Bearer <JWT>

Tokens are minted with a Backup-specific audience via the auth service. See Platform → Tokens for the OAuth2 flow.

Resource groups

• Data sources – CRUD (including delete with cascade), credentials, and connection verify.
• Backup policies – CRUD on reusable schedule / retention / destination templates.
• Attachments – attach a policy to a data source; toggle enabled; detach. Duplicate attachments of the same policy to the same data source are rejected.
• Backup jobs – list jobs per data source or across the org, generate short-lived download links, delete a backup file, and trigger an ad-hoc run-now.
• Storage destinations – full CRUD. Includes both Norcube-managed destinations (POST /storage-destinations/managed/ensure) and bring-your-own (BYO) destinations (POST /storage-destinations with customer-provided bucket + IAM role).
• Restore – endpoints are registered but currently return 501 Not Implemented. Restore from backup files is on the roadmap.
• Audit log – read-only feed of every sensitive operation (data source created, credentials set, backup job started/completed/failed, destination updated, etc.). Supports filters by action, target type, target ID, actor IDs, and time range.

Pagination

List endpoints use cursor-based pagination. Pass cursor and limit query parameters; responses include cursors.next (or null when you've reached the end).

Errors

{
  "code": "INVALID_INPUT",
  "message": "scheduleCron must be a valid 5-field cron expression"
}

See Limits and errors for the common codes.