REST API Reference

Every NaijaBase project exposes a REST API automatically. No setup required — create a table and the API is live instantly.

Base URL

https://api.naijabase.dev/v1/YOUR_PROJECT_ID

Find your Project ID on the API tab of your project dashboard.

Authentication

Include your API key as a Bearer token in every request:

curl https://api.naijabase.dev/v1/PROJECT_ID/data/products \
  -H "Authorization: Bearer YOUR_ANON_KEY"

Use your anon key for client-side requests. Use your service_role key for server-side admin operations (never expose it in browsers).

Select rows

# All rows
GET /data/{table}

# Specific columns
GET /data/{table}?select=id,name,price

# Filter: status equals 'active'
GET /data/{table}?status=eq.active

# Filter: price greater than 10000
GET /data/{table}?price=gt.10000

# Combined filters with limit
GET /data/{table}?category=eq.electronics&price=gt.5000&limit=10

# Order by created_at descending
GET /data/{table}?order=created_at.desc

# Pagination
GET /data/{table}?limit=10&offset=20

Filter operators

Operator	Meaning	Example
`eq`	equals	`?status=eq.active`
`neq`	not equals	`?status=neq.deleted`
`gt`	greater than	`?price=gt.1000`
`gte`	greater than or equal	`?price=gte.1000`
`lt`	less than	`?stock=lt.5`
`lte`	less than or equal	`?stock=lte.5`
`like`	LIKE pattern	`?name=like.shoe`
`ilike`	case-insensitive LIKE	`?name=ilike.shoe`
`is`	IS NULL	`?deleted_at=is.null`

Insert rows

POST /data/{table}
Authorization: Bearer YOUR_ANON_KEY
Content-Type: application/json

{"name": "Chidi", "email": "chidi@gmail.com", "city": "Lagos"}

Insert multiple rows by posting an array:

POST /data/{table}
Content-Type: application/json

[
  {"name": "Chidi", "email": "chidi@gmail.com"},
  {"name": "Amaka", "email": "amaka@gmail.com"}
]

Update rows

PATCH /data/{table}?id=eq.ROW_UUID
Authorization: Bearer YOUR_ANON_KEY
Content-Type: application/json

{"name": "Chidi Okeke", "city": "Abuja"}

Delete rows

DELETE /data/{table}?id=eq.ROW_UUID
Authorization: Bearer YOUR_ANON_KEY

Auth endpoints

# Sign up
POST /auth/signup
{"email": "user@example.com", "password": "password123", "full_name": "Amaka Obi"}

# Sign in
POST /auth/login
{"email": "user@example.com", "password": "password123"}

# Get current user (requires Bearer token)
GET /auth/me

# Sign out
POST /auth/logout

Storage endpoints

# Upload file
POST /storage/v1/object/{bucket}/{path}
Content-Type: multipart/form-data

# Get public URL (no auth required for public buckets)
GET /storage/v1/object/public/{bucket}/{path}

# List files
GET /storage/v1/object/list/{bucket}?prefix=users/

# Delete file
DELETE /storage/v1/object/{bucket}/{path}

Health check

GET /health

# Response
{"status": "ok", "service": "naijabase-api", "timestamp": "2026-06-17T..."}

Response format

All successful responses return JSON. Errors return a JSON object with an error field:

{"error": "Unauthorized"}

HTTP status codes follow standard conventions: 200 OK, 201 Created, 400 Bad Request, 401 Unauthorized, 404 Not Found, 500 Server Error.

Base URL​

Authentication​

Select rows​

Filter operators​

Insert rows​

Update rows​

Delete rows​

Auth endpoints​

Storage endpoints​

Health check​

Response format​