API Overview & Authentication
The API is optional — everything can be done from the dashboard. Use it when your own system should talk to RagSystem directly (send chat messages, receive orders, push catalog updates).
Base URL
https://api.qubiqai.space/api/v1
Authentication
Create an API key in the dashboard under Admin → API keys, and send it on every request:
X-API-Key: rsk_xxxxxxxxxxxxxxxx
The key is scoped to your workspace (tenant): you can only ever see and modify your own data. Keep it secret; rotate it from the same page if it leaks.
| Endpoint group | Auth |
|---|---|
POST /widget/query (chat) |
X-API-Key |
GET/PATCH /orders |
X-API-Key |
POST /catalog/import |
X-API-Key |
GET /usage/status, POST /usage/report |
X-API-Key |
/admin/* (dashboard) |
JWT only — not for integrations |
Response envelope
Success:
{ "data": { ... } }
Paginated:
{ "data": [ ... ], "meta": { "total": 42, "page": 1, "limit": 20 } }
Error:
{ "error": { "code": 400, "message": "human-readable reason" } }
Limits
- Chat requests are rate-limited and counted against your plan's message quota
- Catalog imports: 10 MB per file, 5,000 rows, IP rate-limited
- Order decisions are idempotent — a second decision on the same order returns
409