Skip to content
Select themeSelect language

`GET /api/apps/{id}/backend` -- list the App's declared backend functions (name / operation / argument metadata; never the SQL). Authenticated by EITHER a per-deployment App token (`Bearer scwa_…`) OR a logged-in session (the operator viewing the App-Tab).

GET
/api/apps/{id}/backend
curl --request GET \
--url https://example.com/api/apps/2489E9AD-2EE2-8E00-8EC9-32D5F69181C0/backend \
--header 'Authorization: Bearer <token>'
id
required
string format: uuid

App id

Declared backend functions.

Media typeapplication/json
Array<object>

One declared backend function as exposed to the calling frontend: its name, SQL class (query / execute) and descriptive argument metadata – but never the SQL itself, which stays server-side.

object
name
required

The call key ({function_name} path segment).

string
operation
required

query or execute.

string
params
required

Descriptive positional-argument metadata (labels + optional kind hint).

Array<object>

ADR 0053 – descriptive metadata for one positional argument of a backend function, used by the calling frontend to label inputs. Carries no SQL.

object
kind

Optional input hint: text | number | boolean.

string | null
name
required

Argument label shown in the UI.

string
Examplegenerated
[
{
"name": "example",
"operation": "example",
"params": [
{
"kind": "example",
"name": "example"
}
]
}
]

Missing/invalid App token or session.

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}

App token does not authorize this app.

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}

App not visible in this workspace.

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}