Skip to main content
The Babel REST API is a JSON-over-HTTP API. All requests and responses use Content-Type: application/json. The frontend communicates with the API through an axios client that automatically attaches your JWT token to every request.
Most endpoints require authentication. You must include a valid Bearer token in the Authorization header. The only endpoints that do not require authentication are the account registration, login, confirmation, and password-reset flows.

Base URL

The API base URL is configured via the VITE_API_URL environment variable in the frontend. Set this to the root of your API server: 
VITE_API_URL=https://api.yourdomain.com
All endpoint paths in this reference are relative to that base URL.

Authentication

The API uses JWT Bearer token authentication. After a successful login, you receive a token string. The frontend stores this token in localStorage under the key AUTH_TOKEN and sends it with every request in the Authorization header: 
Authorization: Bearer <token>
Storing tokens in localStorage exposes them to JavaScript running on the same origin. If your deployment has strict security requirements, consider the XSS risk and evaluate whether httpOnly cookies are a better fit for your environment.

Request and response format

PropertyValue
Request formatJSON (Content-Type: application/json)
Response formatJSON
Auth mechanismBearer token in Authorization header
Token storagelocalStorage key: AUTH_TOKEN
HTTP methods usedGET, POST, PUT, DELETE, PATCH

Error responses

All error responses return a JSON object with a single error field: 
{
  "error": "Descriptive error message"
}
Use the HTTP status code to determine the category of failure (e.g., 400 for validation errors, 401 for unauthenticated requests, 403 for authorization failures, 404 for missing resources).

Authenticated request example

curl -X GET https://api.yourdomain.com/projects \
  -H "Authorization: Bearer <your-token>"

Endpoint index

Auth

Account registration, login, email confirmation, and password management.POST /auth/create-account
POST /auth/login
POST /auth/confirm-account
POST /auth/request-code
POST /auth/forgot-password
POST /auth/validate-token
POST /auth/update-password/:token
GET /auth/user
POST /auth/check-password
PUT /auth/profile
POST /auth/update-password

Projects

Create, read, update, and delete data science projects.GET /projects
POST /projects
GET /projects/:id
PUT /projects/:id
DELETE /projects/:id

Tasks

Manage tasks within a project, including status, phase, assignment, and notes.GET /projects/:id/tasks
POST /projects/:id/tasks
GET /projects/:id/tasks/:taskId
PUT /projects/:id/tasks/:taskId
DELETE /projects/:id/tasks/:taskId
POST /projects/:id/tasks/:taskId/status
PATCH /projects/:id/tasks/:taskId/phase
PATCH /projects/:id/tasks/:taskId/completed
PATCH /projects/:id/tasks/:taskId/reassign
POST /projects/:id/tasks/:taskId/notes
DELETE /projects/:id/tasks/:taskId/notes/:noteId

Team

Add and remove team members, search for users by email or query.GET /projects/:id/team
POST /projects/:id/team
DELETE /projects/:id/team/:userId
POST /projects/:id/team/find
GET /projects/:id/team/search?q=

Traceability

Track datasets, experiments, and decisions linked to a project.GET /POST /projects/:id/datasets
DELETE /projects/:id/datasets/:id
GET /POST /projects/:id/experiments
DELETE /projects/:id/experiments/:id
GET /POST /projects/:id/decisions
DELETE /projects/:id/decisions/:id

Report

Generate a consolidated project report.GET /projects/:id/report

Build docs developers (and LLMs) love

Get started for freeTalk to us