ToolJet

ToolJet External API

The ToolJet External API provides REST endpoints for managing users, workspaces, applications (export/import), and user role assignments across a ToolJet instance. It is enabled via environment variables and secured with a static access token using Basic authentication.

GitHub OpenAPI

Documentation

📖
Documentation
https://docs.tooljet.com/docs/tooljet-api/

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/tooljet/refs/heads/main/openapi/tooljet-tooljet-external-api-openapi.yml

Schemas & Data

📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/tooljet/refs/heads/main/json-schema/tooljet-user-schema.json
📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/tooljet/refs/heads/main/json-schema/tooljet-group-schema.json

Other Resources

🔗
JSONLDContext
https://raw.githubusercontent.com/api-evangelist/tooljet/refs/heads/main/json-ld/tooljet-context.jsonld
🔗
Vocabulary
https://raw.githubusercontent.com/api-evangelist/tooljet/refs/heads/main/vocabulary/tooljet-vocabulary.yml

OpenAPI Specification

tooljet-tooljet-external-api-openapi.yml Raw ↑ 
openapi: 3.0.3
info:
  title: ToolJet External API
  description: >
    The ToolJet External API provides REST endpoints for managing users,
    workspaces, applications (export/import), groups, and user role assignments
    across a ToolJet instance. It is enabled via environment variables and
    secured with a static access token using Basic authentication.
  version: 1.0.0
  contact:
    name: ToolJet
    url: https://tooljet.com/
  license:
    name: AGPL-3.0
    url: https://github.com/ToolJet/ToolJet/blob/main/LICENSE

servers:
  - url: https://{instance}/api/ext
    description: ToolJet instance
    variables:
      instance:
        default: your-tooljet-instance.com
        description: Hostname of the ToolJet deployment

security:
  - BasicAuth: []

tags:
  - name: Users
    description: User management endpoints
  - name: Workspaces
    description: Workspace management endpoints
  - name: Applications
    description: Application export, import, and Git sync endpoints
  - name: Groups
    description: Group and permission management endpoints

paths:
  /users:
    get:
      summary: List all users
      operationId: getAllUsers
      tags:
        - Users
      responses:
        "200":
          description: List of users
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/User"
        "401":
          $ref: "#/components/responses/Unauthorized"
    post:
      summary: Create a user
      operationId: createUser
      tags:
        - Users
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/CreateUserDto"
      responses:
        "201":
          description: User created
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/User"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"

  /user/{id}:
    get:
      summary: Get a user by ID
      operationId: getUser
      tags:
        - Users
      parameters:
        - $ref: "#/components/parameters/UserId"
      responses:
        "200":
          description: User details
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/User"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"
    patch:
      summary: Update a user
      operationId: updateUser
      tags:
        - Users
      parameters:
        - $ref: "#/components/parameters/UserId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UpdateUserDto"
      responses:
        "200":
          description: User updated
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/User"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

  /user/{id}/workspaces:
    put:
      summary: Replace user workspaces
      operationId: replaceUserWorkspaces
      tags:
        - Users
      parameters:
        - $ref: "#/components/parameters/UserId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: array
              items:
                $ref: "#/components/schemas/WorkspaceDto"
      responses:
        "200":
          description: Workspaces replaced
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

  /user/{id}/workspace/{workspaceId}:
    patch:
      summary: Update user workspace membership
      operationId: updateUserWorkspace
      tags:
        - Users
      parameters:
        - $ref: "#/components/parameters/UserId"
        - $ref: "#/components/parameters/WorkspaceId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UpdateGivenWorkspaceDto"
      responses:
        "200":
          description: Workspace membership updated
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

  /workspaces:
    get:
      summary: List all workspaces
      operationId: getAllWorkspaces
      tags:
        - Workspaces
      responses:
        "200":
          description: List of workspaces
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/Workspace"
        "401":
          $ref: "#/components/responses/Unauthorized"

  /update-user-role/workspace/{workspaceId}:
    put:
      summary: Update user role in a workspace
      operationId: updateUserRole
      tags:
        - Workspaces
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/EditUserRoleDto"
      responses:
        "200":
          description: User role updated
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

  /workspace/{workspaceId}/user/{userId}:
    get:
      summary: Get user metadata in workspace
      operationId: getUserMetadata
      tags:
        - Users
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
        - name: userId
          in: path
          required: true
          schema:
            type: string
          description: User UUID
      responses:
        "200":
          description: User metadata
          content:
            application/json:
              schema:
                type: object
                additionalProperties: true
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"
    put:
      summary: Update user metadata in workspace
      operationId: updateUserMetadata
      tags:
        - Users
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
        - name: userId
          in: path
          required: true
          schema:
            type: string
          description: User UUID
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UpdateUserMetadataDto"
      responses:
        "200":
          description: User metadata updated
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

  /workspace/{workspaceId}:
    get:
      summary: List apps in workspace
      operationId: getWorkspaceApps
      tags:
        - Applications
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
      responses:
        "200":
          description: List of apps with versions
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/WorkspaceAppsResponseDto"
        "401":
          $ref: "#/components/responses/Unauthorized"

  /import/{workspaceId}:
    post:
      summary: Import an application into a workspace
      operationId: importApp
      tags:
        - Applications
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/AppImportRequestDto"
      responses:
        "201":
          description: Application imported
          content:
            application/json:
              schema:
                type: object
                properties:
                  message:
                    type: string
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"

  /export/{appId}/{workspaceId}:
    get:
      summary: Export an application
      operationId: exportApp
      tags:
        - Applications
      parameters:
        - name: appId
          in: path
          required: true
          schema:
            type: string
          description: Application UUID
        - $ref: "#/components/parameters/WorkspaceId"
        - name: exportTjdb
          in: query
          schema:
            type: boolean
          description: Include ToolJet database export
        - name: appVersion
          in: query
          schema:
            type: string
          description: Specific version to export
        - name: exportAllVersions
          in: query
          schema:
            type: boolean
          description: Export all versions
      responses:
        "200":
          description: Application export data
          content:
            application/json:
              schema:
                type: object
                additionalProperties: true
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

  /pull-git:
    post:
      summary: Pull app from Git
      operationId: pullGit
      tags:
        - Applications
      parameters:
        - name: createMode
          in: query
          schema:
            type: boolean
          description: Create a new app if not found
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/AppGitPullDto"
      responses:
        "200":
          description: Git pull result
        "401":
          $ref: "#/components/responses/Unauthorized"

  /pull-changes/{appId}:
    post:
      summary: Pull Git changes for an app
      operationId: pullChanges
      tags:
        - Applications
      parameters:
        - name: appId
          in: path
          required: true
          schema:
            type: string
          description: Application UUID
        - name: createMode
          in: query
          schema:
            type: boolean
          description: Create a new app if not found
      responses:
        "200":
          description: Pull changes result
        "401":
          $ref: "#/components/responses/Unauthorized"

  /push-git/{appId}/{versionId}:
    post:
      summary: Push app version to Git
      operationId: pushGit
      tags:
        - Applications
      parameters:
        - name: appId
          in: path
          required: true
          schema:
            type: string
          description: Application UUID
        - name: versionId
          in: path
          required: true
          schema:
            type: string
          description: Version UUID
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/AppGitPushDto"
      responses:
        "200":
          description: Push result
        "401":
          $ref: "#/components/responses/Unauthorized"

  /auto-deploy/{appIdOrSlug}:
    post:
      summary: Auto-deploy an app version
      operationId: autoDeploy
      tags:
        - Applications
      parameters:
        - name: appIdOrSlug
          in: path
          required: true
          schema:
            type: string
          description: Application UUID or slug
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/AutoDeployBodyDto"
      responses:
        "200":
          description: Deployment initiated
        "401":
          $ref: "#/components/responses/Unauthorized"

  /save-version/{appIdOrSlug}:
    post:
      summary: Save a named version of an app
      operationId: saveVersion
      tags:
        - Applications
      parameters:
        - name: appIdOrSlug
          in: path
          required: true
          schema:
            type: string
          description: Application UUID or slug
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/SaveVersionBodyDto"
      responses:
        "200":
          description: Version saved
        "401":
          $ref: "#/components/responses/Unauthorized"

  /workspace/{workspaceId}/groups:
    get:
      summary: List groups in workspace
      operationId: listGroups
      tags:
        - Groups
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
        - name: search
          in: query
          schema:
            type: string
          description: Filter groups by name
        - name: page
          in: query
          schema:
            type: integer
            minimum: 1
            default: 1
          description: Page number
        - name: per_page
          in: query
          schema:
            type: integer
            minimum: 1
            default: 20
          description: Results per page
      responses:
        "200":
          description: List of groups
          content:
            application/json:
              schema:
                type: object
                properties:
                  groups:
                    type: array
                    items:
                      $ref: "#/components/schemas/Group"
                  total:
                    type: integer
        "401":
          $ref: "#/components/responses/Unauthorized"
    post:
      summary: Create a group in workspace
      operationId: createGroup
      tags:
        - Groups
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/CreateGroupExternalDto"
      responses:
        "201":
          description: Group created
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"

  /workspace/{workspaceId}/groups/{groupId}:
    get:
      summary: Get a group by ID
      operationId: getGroup
      tags:
        - Groups
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
        - $ref: "#/components/parameters/GroupId"
      responses:
        "200":
          description: Group details
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Group"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"
    patch:
      summary: Update a group
      operationId: updateGroup
      tags:
        - Groups
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
        - $ref: "#/components/parameters/GroupId"
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/UpdateGroupExternalDto"
      responses:
        "204":
          description: Group updated
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"
    delete:
      summary: Delete a group
      operationId: deleteGroup
      tags:
        - Groups
      parameters:
        - $ref: "#/components/parameters/WorkspaceId"
        - $ref: "#/components/parameters/GroupId"
      responses:
        "204":
          description: Group deleted
        "401":
          $ref: "#/components/responses/Unauthorized"
        "404":
          $ref: "#/components/responses/NotFound"

components:
  securitySchemes:
    BasicAuth:
      type: http
      scheme: basic
      description: >
        Static access token configured via the TOOLJET_SERVICE_TOKEN environment
        variable. Pass the token as the username with an empty password, encoded
        as Base64 in the Authorization header.

  parameters:
    UserId:
      name: id
      in: path
      required: true
      schema:
        type: string
      description: User UUID
    WorkspaceId:
      name: workspaceId
      in: path
      required: true
      schema:
        type: string
        format: uuid
      description: Workspace UUID
    GroupId:
      name: groupId
      in: path
      required: true
      schema:
        type: string
        format: uuid
      description: Group UUID

  responses:
    Unauthorized:
      description: Authentication required or invalid token
      content:
        application/json:
          schema:
            $ref: "#/components/schemas/ErrorResponse"
    NotFound:
      description: Resource not found
      content:
        application/json:
          schema:
            $ref: "#/components/schemas/ErrorResponse"
    BadRequest:
      description: Invalid request body or parameters
      content:
        application/json:
          schema:
            $ref: "#/components/schemas/ErrorResponse"

  schemas:
    ErrorResponse:
      type: object
      properties:
        statusCode:
          type: integer
        message:
          type: string
        error:
          type: string

    Status:
      type: string
      enum:
        - active
        - archived
        - invited

    UserRole:
      type: string
      enum:
        - admin
        - developer
        - viewer
        - end-user

    GroupDto:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string

    WorkspaceDto:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string
        role:
          $ref: "#/components/schemas/UserRole"
        status:
          $ref: "#/components/schemas/Status"
        groups:
          type: array
          items:
            $ref: "#/components/schemas/GroupDto"

    UpdateGivenWorkspaceDto:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string
        status:
          $ref: "#/components/schemas/Status"
        groups:
          type: array
          items:
            $ref: "#/components/schemas/GroupDto"

    CreateUserDto:
      type: object
      required:
        - name
        - email
        - workspaces
      properties:
        name:
          type: string
        email:
          type: string
          format: email
        password:
          type: string
        status:
          $ref: "#/components/schemas/Status"
        defaultOrganizationId:
          type: string
        workspaces:
          type: array
          items:
            $ref: "#/components/schemas/WorkspaceDto"

    UpdateUserDto:
      type: object
      properties:
        name:
          type: string
        email:
          type: string
          format: email
        password:
          type: string
        status:
          $ref: "#/components/schemas/Status"
        defaultOrganizationId:
          type: string

    User:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string
        email:
          type: string
          format: email
        status:
          $ref: "#/components/schemas/Status"
        defaultOrganizationId:
          type: string
        workspaces:
          type: array
          items:
            $ref: "#/components/schemas/WorkspaceDto"

    Workspace:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string

    EditUserRoleDto:
      type: object
      required:
        - role
      properties:
        role:
          $ref: "#/components/schemas/UserRole"
        userId:
          type: string
          format: uuid

    UpdateUserMetadataDto:
      type: object
      required:
        - userDetails
      properties:
        userDetails:
          type: array
          items:
            type: object
            required:
              - key
              - value
            properties:
              key:
                type: string
              value:
                type: string

    VersionDto:
      type: object
      required:
        - id
        - name
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string
        createdAt:
          type: string
          format: date-time

    AppWithVersionsDto:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string
        slug:
          type: string
        createdAt:
          type: string
          format: date-time
        organizationId:
          type: string
          format: uuid
        versions:
          type: array
          items:
            $ref: "#/components/schemas/VersionDto"
        versionCount:
          type: integer

    WorkspaceAppsResponseDto:
      type: object
      properties:
        apps:
          type: array
          items:
            $ref: "#/components/schemas/AppWithVersionsDto"
        total:
          type: integer

    AppImportRequestDto:
      type: object
      required:
        - tooljet_version
      properties:
        tooljet_version:
          type: string
        app:
          type: array
          items:
            type: object
            properties:
              definition:
                type: object
                additionalProperties: true
        appName:
          type: string
        tooljet_database:
          type: array
          items:
            type: object
            required:
              - id
              - table_name
              - schema
            properties:
              id:
                type: string
                format: uuid
              table_name:
                type: string
              schema:
                type: object
                additionalProperties: true

    AppGitPullDto:
      type: object
      required:
        - appId
        - organizationId
      properties:
        appId:
          type: string
        organizationId:
          type: string

    AppGitPushDto:
      type: object
      required:
        - commitMessage
      properties:
        commitMessage:
          type: string

    AutoDeployBodyDto:
      type: object
      properties:
        versionId:
          type: string
          format: uuid
        versionName:
          type: string

    SaveVersionBodyDto:
      type: object
      properties:
        name:
          type: string
          maxLength: 25

    WorkspacePermissionsDto:
      type: object
      properties:
        appCreate:
          type: boolean
        appDelete:
          type: boolean
        folderCreate:
          type: boolean
        folderDelete:
          type: boolean
        orgConstantCRUD:
          type: boolean
        workflowCreate:
          type: boolean
        workflowDelete:
          type: boolean
        dataSourceCreate:
          type: boolean
        dataSourceDelete:
          type: boolean
        appPromote:
          type: boolean
        appRelease:
          type: boolean

    GranularPermissionDto:
      type: object
      required:
        - type
        - applyToAll
        - resources
        - permissions
      properties:
        type:
          type: string
          enum:
            - app
            - data_source
            - folder
            - workflow
        applyToAll:
          type: boolean
        resources:
          type: array
          items:
            type: string
        permissions:
          type: object
          additionalProperties: true

    CreateGroupExternalDto:
      type: object
      required:
        - name
      properties:
        name:
          type: string
          maxLength: 50
          description: Group name (alphanumeric, spaces, hyphens, underscores only)
        permissions:
          $ref: "#/components/schemas/WorkspacePermissionsDto"
        granularPermissions:
          type: array
          items:
            $ref: "#/components/schemas/GranularPermissionDto"

    UpdateGroupExternalDto:
      type: object
      properties:
        name:
          type: string
          maxLength: 50
          description: Group name (alphanumeric, spaces, hyphens, underscores only)
        permissions:
          $ref: "#/components/schemas/WorkspacePermissionsDto"
        granularPermissions:
          type: array
          items:
            $ref: "#/components/schemas/GranularPermissionDto"

    Group:
      type: object
      properties:
        id:
          type: string
          format: uuid
        name:
          type: string
        permissions:
          $ref: "#/components/schemas/WorkspacePermissionsDto"
        granularPermissions:
          type: array
          items:
            $ref: "#/components/schemas/GranularPermissionDto"