API Overview
Services API overview — authentication, base URL, rate limits, and how agents interact with external platforms.
API Overview
The Reeve Services API is the backend that powers connectors, analytics, billing, and brand intelligence. It sits between the Reeve gateway (where agents run) and external platforms (Shopify, Stripe, Meta, etc.).
What the API Does
| Domain | Purpose |
|---|---|
| Connectors | OAuth flows and API key management for external platforms |
| Dashboard | Aggregated analytics across all connected sources |
| Brand Intelligence | Brand analysis, competitor monitoring, ad intelligence |
| Credits & Billing | Credit balance, purchases, tier metering |
| Auth | Session management and authentication |
| Social | Social account management and trend research |
| Apps | App Store registry for Reeve extensions |
Architecture
Cockpit (Frontend)
│
├── /api/connectors/* ──▶ Services API
├── /api/brand/* ──▶ │
├── /api/dashboard/* ──▶ ├── PostgreSQL
├── /api/credits/* ──▶ ├── External APIs
└── /api/auth/* ──▶ └── Stripe
Gateway (Agent Runtime)
│
└── /api/credits/deduct ──▶ Services APIAuthentication
The API uses two authentication methods depending on who's calling:
User Requests (Frontend → API)
All user-facing requests use a session token from the Cockpit:
Authorization: Bearer <session-token>Session tokens are managed by Clerk and are included automatically when you use the Cockpit. They expire and refresh transparently.
Service Requests (Gateway → API)
The gateway communicates with the Services API using a shared service token:
X-Reeve-Services-Token: <shared-secret>This is used for operations like credit deductions during agent sessions. You don't need to configure this manually — it's set up during deployment.
Base URL
| Environment | URL |
|---|---|
| Production | https://services.meetreeve.com |
All endpoints are prefixed with /api/. For example, the connectors list endpoint is GET /api/connectors/list.
Rate Limits
The API applies rate limiting per user to prevent abuse:
| Tier | Requests/Minute | Notes |
|---|---|---|
| Standard | 60 | Most API endpoints |
| Auth | 10 | Login and token endpoints |
| Heavy | 20 | Brand analysis, trend research |
Rate-limited responses return 429 Too Many Requests with a Retry-After header.
How Agents Use the API
Agents don't call the Services API directly. Instead, they use specialized tools that resolve credentials through the gateway:
// Agent uses a tool → gateway resolves credentials → calls Services API
reeve_shopify({ action: "get_overview" })
reeve_ads({ action: "get_performance", platform: "meta" })
reeve_email({ action: "list_campaigns" })
reeve_analytics({ action: "get_summary", period: "30d" })The gateway handles token resolution, refresh, and error handling. Agents never see raw API keys or OAuth tokens.
Error Handling
The API returns standard HTTP status codes:
| Code | Meaning |
|---|---|
200 | Success |
400 | Bad request — check parameters |
401 | Unauthorized — invalid or expired token |
403 | Forbidden — insufficient permissions |
404 | Not found — resource doesn't exist |
429 | Rate limited — wait and retry |
500 | Internal error — contact support |
Error responses include a JSON body with details:
{
"error": "connector_not_found",
"message": "No Shopify connector found for this account",
"status": 404
}Data Privacy
- Live fetching — Data is fetched from external APIs in real time, not cached or stored
- Encrypted credentials — OAuth tokens and API keys are encrypted at rest
- Scoped access — Each user's connectors are isolated; no cross-account data access
- Token refresh — OAuth tokens are refreshed automatically before expiry
The Services API is an internal backend that powers the Cockpit and agent tools. You don't need to call it directly — use the Cockpit for visual access or agent tools for programmatic access.