Changelog

This page tracks every notable change to the Raster REST API. The format follows Keep a Changelog.

REST versioning is per-request via the Api-Version header — date strings, e.g. Api-Version: 2026-05-20. The header is required on every request. Every response carries Vary: Api-Version so caches key bodies per version. Pin a version in your client; existing integrations keep working against their pinned version until they choose to migrate.

2026-05-20 — Initial Alpha release

Added

• REST transport at https://api.raster.app/organizations/..., mirroring the GraphQL surface over the same data and the same API keys.
• Api-Version request header (required) and Vary: Api-Version response header on every reply.
• { data } / { error: { code, message } } response envelope on every endpoint, including auth rejections and unknown-path 404s.
• GET /:orgId/libraries — list libraries in an organization.
• GET /:orgId/libraries/:libraryId/assets — list assets, with page, pageSize, and tags filters (repeatable or comma-separated).
• GET /:orgId/libraries/:libraryId/tags — list tags with limit.
• POST /:orgId/libraries/:libraryId/assets — multipart upload (files field), returns each new asset including a permanent CDN url.
• DELETE /:orgId/libraries/:libraryId/assets — batch delete by id.
• Timestamps on the wire are unix milliseconds (number). Internal Firestore shapes never leak through the REST envelope.

Security

• Bearer-token authentication on every endpoint.
• Per-library access levels (Read / Write) enforced before any data-layer function runs.
• Only 5xx responses are reported to Sentry — 4xx client mistakes never generate alerting noise.