Metadata API
Last updated
Was this helpful?
Last updated
Was this helpful?
The Metadata API (Beta) enables you to interact with your Xano workspace schema and content programmatically. The Metadata API includes a comprehensive collection of API endpoints designed to add and modify database tables, schemas, and more.
The Metadata API is also used in some cases to facilitate an integration with Xano by providing the integration partner with your Metadata API access token.
An access token is required for any request you send to the Metadata API.
Generating an access token requires giving it specific permissions regarding what it can access. Make sure to review available scopes before proceeding. Token Scopes Reference
By default, Xano will revoke your Metadata API access token after 7 days, which means if you need to access the API again, you would have to generate a new token.
You can choose your own expiry duration; anything from 1 hour to never expire.
Use caution when defining extended expiry or setting tokens to never expire. Token rotation is good security practice.
You can always revoke a token at any time.
The scopes tell Xano what this token has access to. Each scope has 4 options:
C (Create) - Determines whether or not this token can create new data
R (Read) - Determines whether or not this token can read existing data
U (Update) - Determines whether or not this token can update existing data
D (Delete) - Determines whether or not this token can delete data.
Each scope has their own API endpoints associated with them. If you aren't sure which scopes you need for this token, use the reference below for additional information.
Database
Access any of the content in your Xano database
Content
Access any content outside of the database or function stacks, such as branches, data sources, and realtime
Live Data Source
Access the data inside of your currently live data source
API Groups
Access API Groups and APIs
Functions
Access custom functions
Addons
Access addons
Task
Access background tasks
Files
Access file storage
Request History
Access request history
The token should be sent as a header in the following format:
When you access the metadata API panel, you can review all of your currently issued tokens and their scopes.
The Account API allows you access to various settings and information about your Xano account.
Please use extreme caution when sharing your Metadata API access tokens, as they can provide access to all of your Xano data.
The Instance API allows you to access data inside of your Xano instances, such as your database, files, and function stacks.
The Metadata API is flexible regarding sending input values. You only need to send the values required to process your request. For example, if you are updating a schema and want to just update the name, then you only need to send the updated name and the other metadata of the schema will remain unchanged.
For partners wanting an easier way to integrate, it may be useful to start out with the Account API. This way the only prompt from the user will be to get their access token, and then you can use the Account API to get a list of the user's instances, leading to the Instance API for workspaces, tables, and APIs.
By choosing a token and clicking you can immediately revoke that token from use.