NIN Connect Docs
REST API

REST API Overview

Complete HTTP API reference for the NIN Connect — both the v1 runtime API and the dashboard management API.

Two API Surfaces

NIN Connect exposes two groups of endpoints:

Runtime API (/api/v1/*)

Used by the SDK and your application to list plugins/tools, manage end-user connections, and execute tools. Authenticated with API keys (nk_live_*).

EndpointMethodDescription
/api/v1/connections/initiatePOSTGenerate a hosted connect URL for end-users
/api/v1/connectionsPOSTSubmit credentials directly (no redirect)
/api/v1/connectionsGETList a user's active connections
/api/v1/connectionsDELETEDisconnect a user from a plugin
/api/v1/pluginsGETList active plugins
/api/v1/toolsGETList enabled tools
/api/v1/tools/executePOSTExecute a tool
/api/v1/oauth/callbackGETOAuth callback (internal, not called directly)

Dashboard API (/api/dashboard/*)

Used by the dashboard UI to manage plugins, tools, auth methods, categories, API keys, connections, and logs. Authenticated with Firebase tokens (admin or developer role).

These endpoints are documented inline in the Dashboard section pages.

Authentication

API Key Auth (v1 endpoints)

All /api/v1/* endpoints require a valid API key:

Authorization: Bearer nk_live_...

The withApiKey middleware validates the key by SHA-256 hashing it and comparing against stored hashes. On success, the developer ID is injected into the handler context.

Firebase Auth (dashboard endpoints)

Dashboard endpoints use Firebase token verification:

  • Admin routes (requireAdmin) — plugins, tools, auth methods, categories
  • Developer routes (authenticateDeveloper) — API keys, connections, logs

Error Responses

All endpoints return errors in a consistent format:

{
  "error": "Description of the error"
}

For validation errors (Zod):

{
  "error": "Validation failed",
  "details": {
    "fieldErrors": { "slug": ["Required"] },
    "formErrors": []
  }
}

On this page