API Reference

This page documents the API families used by the current DartStream app. DartStream is microservice-based, so production uses separate service hosts instead of one monolithic API.

Service Hosts

Service Production Development

Frontend app

https://app.dartstream.io

https://dartstream-prod—​development-14g1ykj5.web.app

Auth

https://apiauth.dartstream.io

https://dev-apiauth.dartstream.io

Billing

https://apibilling.dartstream.io

https://dev-apibilling.dartstream.io

Platform services

https://apiplatform.dartstream.io

https://dev-apiplatform.dartstream.io

Persistence

https://apipersistence.dartstream.io

https://dev-apipersistence.dartstream.io

Reactive dataflow

https://apireactivedataflow.dartstream.io

https://dev-apireactive.dartstream.io

Authentication Headers

Protected dashboard API calls use Firebase ID token bearer authentication.

Authorization: Bearer <Firebase ID token>
Content-Type: application/json
X-Tenant-ID: <active tenant ID>

X-Tenant-ID is required for tenant-scoped calls. Auth bootstrap endpoints may not require it because they establish tenant context.

Server-to-server integrations use OAuth2 client credentials. Create an OAuth2 client in the DartStream app under Settings → OAuth2, save the client secret when it is shown, then exchange it for a short-lived access token through the billing API.

curl -u '<client_id>:<client_secret>' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'grant_type=client_credentials&scope=projects:read flags:read' \
  https://apibilling.dartstream.io/api/v1/oauth2/token

Response:

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "flags:read projects:read"
}

Use the returned token for scoped platform API calls. The token carries tenant context, so a separate Firebase user session is not required for server integrations.

Authorization: Bearer <OAuth2 access token>
Content-Type: application/json

Supported scopes include auth:read, auth:write, projects:read, projects:write, flags:read, flags:write, flags:evaluate, experience:read, experience:write, reactive:read, reactive:write, persistence:read, persistence:write, platform:read, and platform:write. Requested scopes must be a subset of the scopes saved on the OAuth2 client.

Auth API

Base host:

POST /api/v1/auth/signup

Bootstrap a newly created Firebase account.

{
  "idToken": "firebase_id_token",
  "email": "user@example.com",
  "password": "optional_password_context"
}

POST /api/v1/auth/login

Bootstrap an existing Firebase session.

{
  "idToken": "firebase_id_token"
}

POST /api/v1/auth/signin/google

Bootstrap a federated Firebase session.

{
  "idToken": "firebase_id_token",
  "providerName": "google"
}

Successful responses include user, active tenant, role, subscription, and memberships.

POST /api/v1/auth/logout

Log out the current backend session. The frontend also clears local Firebase and browser storage.

Billing API

Base host:

GET /api/v1/billing/subscription

Returns the active tenant billing snapshot and entitlement limits.

Example response shape:

{
  "tenantId": "tenant-id",
  "tenantName": "Workspace",
  "subscription": {
    "plan": "standard",
    "status": "active",
    "billingCycle": "annual",
    "customerId": "cus_...",
    "externalId": "sub_..."
  },
  "limits": {
    "auth_providers": 1,
    "database_connections": 1,
    "storage_gb": 5,
    "feature_flags": 25,
    "projects": 1,
    "environments": 2,
    "team_members": 3,
    "flutter_apps": 2,
    "game_projects": 1,
    "telemetry_events_monthly": 100000,
    "ai_runtime": 0
  },
  "features": {
    "auth_providers": true,
    "database_connections": true,
    "feature_flags": true,
    "ai_runtime": false
  }
}

GET /api/v1/billing/features/{feature}/check

Checks whether the active tenant can use a feature.

Example:

GET /api/v1/billing/features/auth_providers/check

Example response:

{
  "isValid": true,
  "failureReason": null,
  "hasWarning": false,
  "warningMessage": null,
  "used": 0,
  "limit": 1,
  "percentUsed": 0.0
}

POST /api/v1/billing/checkout

Creates a Stripe Checkout session for a subscription or routes an existing Stripe subscription to a targeted portal flow when applicable.

{
  "type": "subscription",
  "planId": "standard",
  "successUrl": "https://app.dartstream.io/membership/membership-paid?checkout=success&plan=standard",
  "cancelUrl": "https://app.dartstream.io/membership"
}

Response:

{
  "checkoutUrl": "https://checkout.stripe.com/c/pay/...",
  "type": "subscription"
}

POST /api/v1/billing/portal

Creates a Stripe Billing Portal session.

{
  "returnUrl": "https://app.dartstream.io/settings/billing"
}

Response:

{
  "portalUrl": "https://billing.stripe.com/p/session/..."
}

Enterprise API

Base host:

POST /api/v1/enterprise/enterprise-signup

Submits an Enterprise request from the membership flow.

The form captures use cases such as Flutter app runtime, Flame game backend, live-ops telemetry, Unity/native bridge planning, Dart FFI, AI runtime integration, private deployment, governance, security, compliance, and SLA needs.

Platform Health

GET /health

Each backend service exposes a health endpoint. Example:

GET https://apiplatform.dartstream.io/health

Status Values

Subscription status values include:

  • active

  • trialing

  • pendingCancel

  • cancelled

  • incomplete

  • inactive

Notes

Feature flag authoring and OpenFeature provider details belong primarily to IntelliToggle documentation. DartStream documents the feature and entitlement checks that the DartStream app uses.