API Overview

Piranya provides two API styles over the same underlying data model and permission system:

• Data API (/PiranyaPlatform/Data/{type}.{format})
• REST API (/PiranyaPlatform/Rest/v1/resources/{type})

Both APIs are dynamic and reflect enabled modules/features on each site.

Which API to choose

• Use REST API for new integrations, OpenAPI-driven tooling, and conventional resource-oriented CRUD.
• Use Data API when you need the existing query-style endpoint model or multi-format output (json, csv, pdf, xml).

Detailed docs:

• Data API
• REST API

Shared semantics

Both APIs share:

• Authentication model (Authorization with Basic or Bearer)
• Elevation/impersonation model (mode / elevation)
• Underlying entity schema and validation behavior
• Type/field availability based on enabled modules and features

Authentication

Use the Authorization HTTP header:

• Basic (username/password)
• Bearer (access token)

Request elevation

Requests run in an elevation context. The following values are ordered from least elevated to most elevated:

• Public
• Unauthenticated
• User (must be logged in)
• Client (registered user/account acting as client/customer)
• ClientDepartment (deprecated, use Client)
• ProviderDepartment
• ReaderDepartment
• OwnerDepartment
• Admin

If the authenticated user has access to multiple accounts/departments, scoping can be provided through:

• Authorization-Account / for_account_id
• Authorization-Department / for_department_id

Discovery and compatibility

Because schemas are dynamic, always inspect the target site:

• REST API: /PiranyaPlatform/Rest/v1/openapi.json (or filtered type-specific OpenAPI)
• Data API: inspect concrete type responses and relevant module docs

Compatibility note:

• REST API is primarily a URL/payload style change over the same core capabilities used by Data API.