API Overview
Overview of the Laizy CMS API — base URL, authentication, request format, and available endpoints.
API Overview
The Laizy CMS API is built on tRPC and provides type-safe endpoints for managing content models, content data, and developer operations. The API is used internally by the generated TypeScript client and the CLI, but you can also call it directly for advanced use cases.
Base URL
All API requests go through the tRPC endpoint:
https://laizycms.com/api/trpcFor local development:
http://localhost:3000/api/trpcAuthentication
Every API request requires two headers:
Authorization: Bearer laizy_eyJhbGciOiJIUzI1NiIs...
x-laizy-project: <project-id>| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer token with laizy_ prefix |
x-laizy-project | Yes | Project ID to scope requests |
Token Types
| Type | Scope | Access Level |
|---|---|---|
| Admin token | admin | Full CRUD on schema, content, and project settings |
| Frontend token | content:read | Read-only access to published content |
Generate tokens from the dashboard at /dashboard/developer.
For details on token structure, security, and generation, see Authentication.
Request Format
The API uses tRPC's HTTP batch link with SuperJSON as the serialization transformer. This means:
- Queries use GET requests with encoded input in query parameters
- Mutations use POST requests with JSON body
- Responses are JSON with SuperJSON encoding (supports
Date,Map,Set, etc.)
For most use cases, you should use the generated TypeScript client or the ManagementClient instead of making raw HTTP calls. They handle serialization, authentication, and error handling automatically.
Available Endpoints
Content Data
CRUD operations for content entries. These are the endpoints used most often by applications.
| Endpoint | Method | Description |
|---|---|---|
contentData.list | Query | List content entries for a model |
contentData.get | Query | Get a single entry by ID |
contentData.create | Mutation | Create a new content entry |
contentData.update | Mutation | Update an existing entry |
contentData.delete | Mutation | Delete an entry |
contentData.count | Query | Count entries for a model |
Content Models
Schema management endpoints for defining and updating content models.
| Endpoint | Method | Description |
|---|---|---|
contentModel.list | Query | List all content models |
contentModel.get | Query | Get a model by name |
contentModel.create | Mutation | Create a new model |
contentModel.update | Mutation | Update a model's schema |
contentModel.delete | Mutation | Delete a model |
contentModel.exists | Query | Check if a model exists |
Developer
Token management and identity verification.
| Endpoint | Method | Description |
|---|---|---|
developer.getIdentity | Query | Verify token and get user/org info |
developer.generateToken | Mutation | Generate a new admin API token |
developer.generateFrontendToken | Mutation | Generate a read-only frontend token |
Schema Sync
Schema synchronization endpoints used by the CLI.
| Endpoint | Method | Description |
|---|---|---|
schemaSync.getSchemaState | Query | Get current remote schema state |
schemaSync.getContentImpact | Query | Analyze content impact of changes |
schemaSync.executeMigration | Mutation | Execute a migration plan |
schemaSync.validateMigration | Query | Validate a plan without executing |
Projects
Project management endpoints.
| Endpoint | Method | Description |
|---|---|---|
project.list | Query | List accessible projects |
project.getById | Query | Get project details |
project.create | Mutation | Create a new project |
project.update | Mutation | Update project settings |
Error Handling
The API returns standard tRPC error codes:
| Code | Description |
|---|---|
BAD_REQUEST | Invalid input parameters |
UNAUTHORIZED | Missing or invalid authentication |
NOT_FOUND | Resource does not exist |
CONFLICT | Resource already exists (e.g., duplicate model name) |
INTERNAL_SERVER_ERROR | Server-side error |
Error responses include a message field with a human-readable description:
{
"error": {
"code": "NOT_FOUND",
"message": "Content model 'BlogPost' not found"
}
}Using the ManagementClient
Instead of making raw HTTP calls, use the ManagementClient which handles all tRPC details:
import { ManagementClient } from '@/lib/management-client';
const client = new ManagementClient({
baseUrl: 'https://laizycms.com',
apiToken: process.env.LAIZY_API_TOKEN!,
projectId: 'your-project-id',
});
// Content operations
const entries = await client.listContentData({ modelName: 'BlogPost' });
const entry = await client.getContentData('entry-id');
const created = await client.createContentData({
modelName: 'BlogPost',
data: { title: 'Hello', content: 'World', slug: 'hello' },
status: 'published',
});
const count = await client.countContentData({ modelName: 'BlogPost' });
// Model operations
const models = await client.listContentModels();
const model = await client.getContentModel('BlogPost');
// Identity verification
const identity = await client.getIdentity();The ManagementClient provides convenience methods that map directly to the tRPC endpoints with proper typing and error handling.
Next Steps
- Authentication -- Token types, scopes, and security
- Content Data -- CRUD endpoint reference
- Generated Client -- Use the typed client instead of raw API calls