Introduction
What is the HTTP API?
Our front-facing API is a simple JSON HTTP API that can be used from browsers and backend services.
Authentication
Authentication happens by way of either a publishable key or a secret key. Publishable keys and secret keys are unique for each Bucket environment. You can find the keys in the Settings
tab under Environments
.
Publishable keys are meant to be used in clients where your code is public in some form, for example browser or mobile applications. The secret key should stay secret and only be used on your backend services.
Secret keys can be provided to the API in the Authorization
header as:
Authorization: Bearer <key>
Publishable keys can be either provided in the Authorization
header similar to secret keys or simply as a query parameter:
GET /features/enabled?publishableKey=<key>
Global infrastructure
The HTTP API resides at: https://front.bucket.co/
Request to the front-facing API are automatically routed to a datacenter near you and should thus have a relative low latency regardless of where your customers are. Get in touch if you have many customers who are experiencing >100ms latency and we'd be happy to look into setting up a point of presence closer to you.
Use https://front-eu.bucket.co
if you want to avoid your requests being served by a non-EU server due to regulatory concerns.
API Endpoints
GET /features
Retrieve all features with their respective access rules
GET /features/enabled
Retrieve features that are enabled for the provided user/company
POST /features/events
Send events related to feature access
POST /user
Update user in Bucket
POST /company
Update company in Bucket
POST /event
Send events related to feature usage or user actions
POST /bulk
Send multiple calls in bulk.
Note: For POST requests, the API only accepts JSON. The Content-Type header must be set to application/json
.
GET /features
GET /features
This endpoint lets you get the full list of features along with their access rules. The endpoint is useful for backend SDKs to pull the access rules and evaluate them locally to determine which features should be enabled for a giver user/company instead of using the features/enabled
endpoint for each user/company.
GET /features/enabled
GET /features/enabled
The features/enabled
endpoint lets you get a list of features that are enabled for a specific user/company.
Example
The feature/enabled
HTTP endpoint is a GET
request to ensure that the request can be completed without a CORS Preflight
request to reduce latency.
The context must be flattened and provided as query parameters.
Example
context.company.id=42&context.user.id=99
Second Example
This is a more realistic example of context
that lets you write advanced feature access rules.
Note: The Bucket UI uses the attributes provided in the company
endpoint to determine which companies have which features enabled. Ensure any company
attributes used in the context
are also provided through the company
endpoint.
POST /features/events
POST /features/events
The /features/events
endpoint is used to send "evaluate" and "check" events. These events are used for various purposes in the Bucket UI. An evaluation event should be emitted when an access rule is evaluated. This happens automatically for the /features/enabled
endpoint. A "check" event should be generated whenever code checks for whether a specific feature is enabled.
POST /user
POST /user
The user
endpoint is used to track individual users in your application. This method will create a user if it doesn't exist already. For existing users, it will update it.
userId
should use a unique identifier that won't change, like a database ID.
You can pass along attributes that will be set for the given user. User attributes are not useful in Bucket at this time.
Example
userId
Required
String
attributes
Optional
Object
timestamp
Optional
ISO 8601
POST /company
POST /company
The Company
method is used to track companies (organizations) in your B2B application.
companyId
should use a unique identifier that won't change, like a database ID.
You can associate a user with a company by providing the userId
. This is important as features in Bucket look at company-level data.
In other words, if a user isn't associated with a company, their events will not be included.
The Tracking
tab will let you know if you have unassociated events.
You can send attributes to be associated with a company. In addition to traditional event-based user tracking, you can track feature usage based on attributes.
Example
If you set hasSlackEnabled: true
for specific companies, you can create an Attribute-based feature
in Bucket to track which companies have Slack enabled.
You're also likely to call this method when a user signs in to ensure they are associated with a company.
companyId
Required
String
attributes
Optional
Object
timestamp
Optional
ISO 8601 String
userId
Optional
String
POST /event
POST /event
Events are used to track user interactions within your application. We recommend tracking a handful of key features and features being currently worked on.
To track an event
, call this method when users interact with a feature.
event
Required
String
userId
Required
String
attributes
Optional
Object
timestamp
Optional
ISO 8601
Feedback
You can submit qualitative feedback related to a specific feature to pair your quantitative metrics with qualitative insights.
You can collect a 1-5 satisfaction score, qualitative feedback, or both.
At least one of the optional fields, score
or comment
, must be submitted.
featureId
Required
String
userId
Required
String
companyId
Optional
String
score
Optional
Number (1-5)
comment
Optional
String
Note: You can find the featureId
in under "Settings" for a given feature.
Responses
The API will return a 200
status code when calls are successful and a 400
if there are errors, including an invalid request body.
The response body will contain detailed information on the invalid request which can be used to debug. If you receive a 400 response code, there's no point in retrying without first debugging.
You may receive a 500
status code. If so, you can retry the request. If you send events to Bucket, this can technically result in duplicate entries but this is increasingly rare.
Last updated