API Documentation

Welcome to DEV ENVIRONMENT API v2.51

DEV ENVIRONMENT is an online architectural space-planning application that lets users virtually inhabit a 3D world of their creation. Its intuitive tools are user-friendly for professionals, as well as novices.

The DEV ENVIRONMENT API enables third party apps and services to interact with the Space Designer database remotely to create tight integration with your website or application. This documentation will get you started coding quickly and make sure you always find what you're looking for.

Need Help? For technical support or partnership inquiries, please contact us.

Authentication

All API endpoints require a partnerId (Unique Partner ID) for authentication. You can obtain multiple partnerIds for different apps and services you provide.

Backward Compatibility: All endpoints support legacy parameter names for existing integrations:

partnerId (modern) / upid (legacy)
userKey (modern) / key (legacy)
projectKey (modern) / key (legacy)

Both modern and legacy parameter names are accepted and work identically.

SECURITY WARNING: This is a server-side API. The partnerId is a secret credential and must NEVER be exposed to client-side code (JavaScript, mobile apps, etc.). Always implement API calls from your backend server to protect your credentials.

Rate Limiting: API calls are rate-limited to prevent abuse. Current limit: 60 requests per minute per partner/IP combination.

Server-Side Code Examples

Important: These examples show server-side implementations. Never expose your partnerId in client-side code.

Node.js Example - User Signup

const axios = require('axios');
const FormData = require('form-data');

// User signup example (using production URL)
async function signupUser() {
    const apiUrl = 'https://dev.us-east-1.spacedesigner3d.com/api2/signup';
    
    const formData = new FormData();
    formData.append('partnerId', process.env.PARTNER_ID); // Store in environment variables
    formData.append('username', 'newuser123');
    formData.append('email', 'user@example.com');
    formData.append('password', 'secure_password');
    formData.append('firstName', 'John');
    formData.append('lastName', 'Doe');
    formData.append('planId', '1');
    
    try {
        const response = await axios.post(apiUrl, formData, {
            headers: {
                ...formData.getHeaders(),
                'Content-Type': 'multipart/form-data'
            },
            timeout: 30000
        });
        
        if (response.data.error) {
            throw new Error(response.data.error);
        }
        
        console.log('Success! User ID:', response.data.data.id);
        return response.data.data;
    } catch (error) {
        console.error('API Error:', error.message);
        throw error;
    }
}

// Project list example
async function getProjectList(userKey) {
    const apiUrl = 'https://dev.us-east-1.spacedesigner3d.com/api2/projectList';
    
    const formData = new FormData();
    formData.append('partnerId', process.env.PARTNER_ID);
    formData.append('userKey', userKey);
    
    try {
        const response = await axios.post(apiUrl, formData, {
            headers: formData.getHeaders()
        });
        
        if (response.data.error) {
            throw new Error(response.data.error);
        }
        
        return response.data.data;
    } catch (error) {
        console.error('Failed to fetch projects:', error.message);
        throw error;
    }
}

PHP Example - User Signup

<?php
// User signup example (using production URL)
function signupUser() {
    $apiUrl = 'https://dev.us-east-1.spacedesigner3d.com/api2/signup';
    
    // Prepare data (store partnerId in environment variables or config)
    $postData = [
        'partnerId' => $_ENV['PARTNER_ID'], // Never hardcode this!
        'username' => 'newuser123',
        'email' => 'user@example.com',
        'password' => 'secure_password',
        'firstName' => 'John',
        'lastName' => 'Doe',
        'planId' => 1
    ];
    
    // Initialize cURL
    $curl = curl_init($apiUrl);
    curl_setopt_array($curl, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => $postData,
        CURLOPT_HTTPHEADER => [
            'Content-Type: application/x-www-form-urlencoded'
        ],
        CURLOPT_TIMEOUT => 30,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_SSL_VERIFYPEER => true
    ]);
    
    // Execute request
    $response = curl_exec($curl);
    $httpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
    $error = curl_error($curl);
    curl_close($curl);
    
    // Handle response
    if ($error) {
        throw new Exception("cURL Error: " . $error);
    }
    
    $data = json_decode($response, true);
    if ($httpCode !== 200 || $data['error']) {
        throw new Exception("API Error: " . ($data['error'] ?? 'Unknown error'));
    }
    
    return $data['data'];
}

// Project list example
function getProjectList($userKey) {
    $apiUrl = 'https://dev.us-east-1.spacedesigner3d.com/api2/projectList';
    
    $postData = [
        'partnerId' => $_ENV['PARTNER_ID'],
        'userKey' => $userKey
    ];
    
    $curl = curl_init($apiUrl);
    curl_setopt_array($curl, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => $postData,
        CURLOPT_TIMEOUT => 30
    ]);
    
    $response = curl_exec($curl);
    $httpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
    curl_close($curl);
    
    $data = json_decode($response, true);
    
    if ($httpCode !== 200 || $data['error']) {
        throw new Exception("Failed to fetch projects: " . ($data['error'] ?? 'Unknown error'));
    }
    
    return $data['data'];
}

// Usage examples
try {
    $user = signupUser();
    echo "User created with ID: " . $user['id'] . "\n";
    
    $projects = getProjectList($user['key']);
    echo "Found " . count($projects) . " projects\n";
} catch (Exception $e) {
    echo "Error: " . $e->getMessage() . "\n";
}
?>

cURL Examples

# User Signup
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/signup' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'username=newuser123' \
  -d 'email=user@example.com' \
  -d 'password=secure_password' \
  -d 'firstName=John' \
  -d 'lastName=Doe' \
  -d 'planId=1'

# Project List
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/projectList' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'userKey=USER_KEY_FROM_SIGNUP'

# Create Project with File Upload
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/createProject' \
  -F 'partnerId=YOUR_PARTNER_ID_HERE' \
  -F 'userKey=USER_KEY_FROM_SIGNUP' \
  -F 'projectKey=MY_CUSTOM_PROJECT_KEY' \
  -F 'title=My New Project' \
  -F 'providerCode=SD4' \
  -F 'dataType=sd_mesh' \
  -F 'file=@/path/to/your/model.glb'

# Get Project Info (Public Access - For Sharing/Previews)
# Full project data with files and JSON
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/getProjectInfo' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'projectKey=PROJECT_KEY_FROM_CREATE'

# Summary only (better performance for listings)
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/getProjectInfo' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'projectKey=PROJECT_KEY_FROM_CREATE' \
  -d 'summary=true'

# Public projects (no authorization needed)
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/getProjectInfo' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'projectKey=PUBLIC_PROJECT_KEY'

# Legacy format (still supported)
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/getProjectInfo' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'upid=YOUR_PARTNER_ID_HERE' \
  -d 'key=PROJECT_KEY_FROM_CREATE'

# Read Project (Authenticated Access - For Management)
# Full project data including sensitive fields
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/readProject' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'projectKey=PROJECT_KEY_FROM_CREATE'

# Minimal project data (metadata only)
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/readProject' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'projectKey=PROJECT_KEY_FROM_CREATE' \
  -d 'minimal=true'

# Delete Project
curl -X POST 'https://dev.us-east-1.spacedesigner3d.com/api2/deleteProject' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'partnerId=YOUR_PARTNER_ID_HERE' \
  -d 'userKey=USER_KEY_FROM_SIGNUP' \
	-d 'projectKey=PROJECT_KEY_TO_DELETE'

Security Note: Use getProjectInfo for public-facing features and readProject for authenticated management operations. Never expose readProject responses to unauthorized users.

When to Use Which Endpoint

Use Case	Recommended Endpoint	Parameters
Public project gallery/showcase	`getProjectInfo`	`projectKey` only
Project listings/previews	`getProjectInfo`	`summary=true` for performance
Authorized project viewing	`getProjectInfo`	`partnerId + projectKey`
Project management interface	`readProject`	`partnerId + projectKey`
Admin dashboard metadata	`readProject`	`minimal=true`
Legacy integrations	`getProjectInfo`	`key + upid` (legacy format)

HTTP Status Codes & Error Handling

Response Format: All API responses return JSON with a consistent structure:
{"data": {...}, "error": null} for success

{"data": null, "error": {"code": 401, "desc": "Authorization Error", "detail": "You are not authorized to perform this action."}}

for errors

Code	Description	Details & Examples
200	Success	Request completed successfully. Check `error` field for API-level errors.
400	Bad Request	Malformed request or missing required parameters. Example: Missing partnerId, invalid JSON format
401	Unauthorized	Authentication failed or user not authorized for action. Example: `{ "data": null, "error": { "code": 401, "desc": "Authorization Error", "detail": "You are not authorized to perform this action." } }`
403	Validation Error	Input validation failed. Response includes structured error format: `{ "data": null, "error": { "code": 403, "desc": "Post Data Validation Error", "detail": { "username": ["required field"], "email": [ "well formed email required", "required field" ], "password": ["minimum 6 characters"] } } }`
404	Not Found	Requested resource does not exist. Example: `{ "data": null, "error": { "code": 404, "desc": "Project Not Found", "detail": "The project with the given key does not exist." } }`
409	Conflict	Resource already exists or operation conflicts with current state. Examples: "Email already registered", "Username taken"
413	Payload Too Large	File upload exceeds size limit. Example: "File too large. Maximum size: 50MB"
415	Unsupported Media Type	File type not supported for upload. Example: "Unsupported file type. Allowed: GLB, GLTF, JPG, PNG"
429	Rate Limited	Too many requests. Current limit: 60 requests per minute per partner/IP. Solution: Wait before making more requests
500	Internal Server Error	Database error or server malfunction. Examples: "Database connection failed" "Duplicate entry 'user@example.com' for key 'email'" "File processing error"
503	Service Unavailable	API temporarily unavailable due to maintenance or high load. Solution: Retry with exponential backoff

💡 Best Practices

Always check both HTTP status code AND the error field in the JSON response
Implement retry logic for 429 (rate limit) and 503 (service unavailable) errors
Validate input client-side to reduce 403 validation errors
Handle file uploads gracefully with progress indicators and size checks
Store and reuse userKey after successful authentication to avoid repeated logins
Use HTTPS in production to protect sensitive data like partnerIds and userKeys