Rosti API


Company in Rosti is something like a team. You have an account to access our system with a single set of email/password or token in case of the API. Each account has access to one or more companies. It means you can use different companies for your customers and give them and your teammates separate access to these companies.

You have access to multiple companies with a single access token. All API endpoints require company_id as a part of their URL. That's how you choose the company you want to work with.

When you register to our system your first company is created automatically and it has same name as your account. It's your default company.

Use companies list endpoint to gather list of companies you are registered in.


API token can be generated only in web interface and it's implemented as the HTTP header called Authorization. The header looks like this:

Authorization: Token YOUR_TOKEN

Code deploying

Every application is just a description of the environment. But the environment itself is created by containers. Right now, each application has one container, but the API is ready to support more containers within a single application.

If you want to deploy a new code to your application, there are SSH connections, one for each container assigned to your application. You can connect to these SSH servers and upload anything you want there. You can use standard tools like rsync, tar or scp or you can use your own way to do deploys.

SSH access is full, but limited by local system user which is not root. You can run your scripts, use standard Linux tools, but it's not possible to use standard system package manager to install the new stuff. If you need a new stuff feel free to build it your self or use static linked version of tools you want.


Storage is something what holds your data. Right now it's used for databases and we support MariaDB and PostgreSQL. We generate name of the database and username to access the database, but password is set by you.

You can change the password anytime you want through this API or web interface. Passwords are managed by databases itself.


Every application can be snapshot. It means the data of the application are backed up into our S3-like storage and later you can use this snapshot to restore you application or to create a completely new application. It can be used for archiving the app or backing the app up.


Time intensive jobs, like snapshoting or restoring from snapshots, are run asynchronously. It means the job is registered, API returns info about that but it can take a lot of time to finish the job. Jobs endpoint helps you to find what tasks are running, which ones are done and which ones not.

# Install the command line client
$ pip install coreapi-cli
<!-- Load the JavaScript client library -->
<script src="/static/rest_framework/js/coreapi-0.1.1.js"></script>
<script src="/api/schema.js"></script>
# Install the Python client library
$ pip install coreapi