Aiven is a modern fully-managed open source data platform for streaming, storing, and analyzing data on any public cloud. On Aiven Platform, you can operate your data infrastructure with a few devops tools: Aiven Console, Aiven Terraform Provider, Aiven CLI, and Aiven Operator for Kubernetes. All of them are built on an open secure powerful REST API for integration with custom tooling.

The Aiven REST API provides programmatic access to Aiven.io services. To call the Aiven API, you can use either CLI tools (for example, cURL or Aiven CLI client) or GUI tools, such as the Aiven public API Postman collection.

This Aiven API documentation will help you operate your Aiven organization, projects, or services programmatically by integrating your applications and processes with Aiven.

Aiven's APIs (Application Programming Interfaces) power its platform for data management. Aiven has a number of REST APIs that can help you build strong and robust data infrastructure for your applications.

The Aiven API is organized around core resources. Each core resource has multiple endpoints, which can be interacted with using different HTTP methods.

Platform APIs

Account

Operations on the organization level related to accounts, projects, teams, users, invites, billing groups, payment methods, credit cards, authentication methods, and more

User

Operations related to users and users' profiles, access, authentication, authorization, user management, and more

Project

General operations on projects related to users, VPCs, invitations, alerts, peering connections, and more

BillingGroup

Operation on invoices, billing groups' credits and events

Support ticket

Operations on support tickets: listing, creating, looping users in

Services APIs

Service

All general (non-service-specific) operations on the service level: service creation, termination, configuration, updates, information retrieval, reset, and more

Service Integrations

Operations related to integrating services and managing service integrations

Service: ClickHouse

ClickHouse-specific operations on queries and databases

Service: Flink

Operations on Flink queries, jobs, and applications

Service: Kafka

Kafka and Kafka Connect specific operations on connectors, ACL entries, quotas, topics, topic messages, schema registry, and more

Service: Kafka MirrorMaker

Operations on replication flows

Service: MySQL

Fetching service query statistics

Service: OpenSearch

Operations on ACL configuration, security administration and configuration

Service: PostgreSQL

Operations on extensions, service query statistics, and connection pools

There are multiple ways you can interact with the Aiven API over HTTP. You can access it by sending requests from a client (for example, a web browser) to the Aiven's server. In this API reference, you'll find code examples of how to do that using cURL and a few different client libraries (programming languages).

To send an API request, you need to specify the following:

• HTTP method

• Path

• Request headers

  Typically, content-type needs to be set to application/json: content-type: application/json. There are a few exceptions though.

• Path, query, or body parameters (either required or optional).

curl --request POST \
  --url https://api.aiven.io/v1/project/{project}/vpcs \
  --header 'Authorization: aivenv1 REPLACE_BEARER_TOKEN' \
  --header 'content-type: application/json' \
  --data
     '{
        "cloud_name": "string",
        "network_cidr": "string",
        "peering_connections": [
          {
            "peer_azure_app_id": "string",
            "peer_azure_tenant_id": "string",
            "peer_cloud_account": "string",
            "peer_region": "string",
            "peer_resource_group": "string",
            "peer_vpc": "string",
            "user_peer_network_cidrs": [
              "string"
            ]
          }
        ]
      }'

Upon receiving and processing a request, the Aiven API returns the response status code, response headers, and a response body in the JSON format. Response bodies include different properties, which can be either required or optional, for example, the message property, which is an optional human-readable information on the result of the action (deleted, created, or updated).

{
    "cloud_name": "string",
    "create_time": "string",
    "message": "string",
    "network_cidr": "string",
    "peering_connections": [
        { ... }
    ],
    "pending_build_only_peering_connections": "string",
    "project_vpc_id": "string",
    "state": "ACTIVE",
    "update_time": "string"
}

A successful API response returns an HTTP result code between 200 and 299.

Example of the created response

  {
      "service": {
          "service_name": "foobar",
          ...
      }
  }

A failed API response returns a HTTP code greater or equal to 400. Additionally, the response may return a list of errors in the response body as JSON, for example

{
  "errors": [
    {
      "error_code": "authentication_failed",
      "message": "Authentication failed",
      "status": 403,
      "metadata": {
        ...
      }
    }
  ],
  "message": "Authentication failed"
}

For information on errors' properties and error codes, check Errors.

Check out how to start using the Aiven API either in API quick start or Your first API call.

When working with the Aiven API, you may encounter different error responses when you attempt to perform operations that can fail. For example, trying to enable writes for a database that has been powered off would lead to the following error response:

{
  "errors": [
    {
      "error_code": "not_powered",
      "message": "Database not powered on",
      "status": 409
    }
  ],
  "message": "Database not powered on"
}

If a request fails with a HTTP code greater or equal to 400, it returns a list of errors in the response body as JSON. errors objects are embedded in the failed API responses.

{
  "errors": [
    {
      "error_code": "account_not_found",
      "message": "Account does not exist",
      "status": 404
    }
  ],
  "message": "Account does not exist"
}

In an API response, one or more errors may be included in the errors array of objects. Each error object may contain a few properties:

• status (required) is an HTTP error code, which can be used to programmatically identify the error type.

  • 200 <= status< 300 means a successful request.
  • 300 <= status <= 500 means a failed request.

  errors can have the following HTTPS status codes:

  • 200 - OK
  • 201 - Created
  • 400 - Bad Request
  • 401 - Unauthorized
  • 403 - Forbidden
  • 404 - Not found
  • 405 - Method Not Allowed
  • 409 - Conflict
  • 500 - Internal Server Error

• message (required) is human-readable information on the error.

• error_code is a machine-readable information on the error (see Error codes).

Machine-readable error_code fields are progressively added to Aiven endpoints to allow you to identify different failure cases programmatically. Currently, the supported values are the following:

• account_already_exists
• account_already_has_organization
• account_and_project_do_not_match
• account_and_project_must_belong_same_tenant
• account_cannot_be_own_ancestor
• account_must_have_enabled_authentication_method
• account_not_found
• account_team_not_found
• account_unit_cannot_create_for_personal_tier
• account_unit_cannot_have_billing_group
• account_with_child_accounts_cannot_be_deleted
• account_with_projects_cannot_be_deleted
• action_forbidden_for_managed_users
• action_forbidden_for_marketplace_users
• action_forbidden_on_application_users
• action_forbidden_on_scim_users
• action_forbidden_on_topic_request
• action_forbidden_on_unmanaged_users
• approval_forbidden_on_topic_request
• auth_token_max_age_too_low
• authentication_method_disable_current_not_allowed
• authentication_method_does_not_allow_auto_join_user_group
• authentication_method_limit_reached
• authentication_method_not_found
• backup_failed
• billing_address_not_found
• billing_group_not_found
• billing_group_organization_active_trial
• billing_group_owning_account_must_be_organization
• cannot_delete_active_managed_users
• cannot_delete_users_with_organizations_memberships
• cannot_move_project_not_assigned_to_organization
• cannot_remove_managed_users_from_organization
• credit_card_not_found
• custom_cloud_environment_internal
• decline_reason_was_not_provided_when_declining_request
• feature_not_enabled
• free_trial_extensions_not_available
• free_trial_max_extended
• free_trial_not_active
• free_trial_not_available
• governance_group_not_found
• idp_no_domains_linked
• internal_server_error
• invalid_claim_user_group
• invalid_date_format
• invalid_governance_group_provided
• invalid_kafka_topic_request_type
• invitation_expired
• invitation_not_found
• kafka_governance_not_available
• kafka_governance_not_enabled
• kafka_partition_reassignment_in_progress
• kafka_service_unavailable
• kafka_topic_already_exists
• kafka_topic_invalid_config
• kafka_topic_not_found
• kafka_topic_queued_for_deletion
• kafka_topic_reserved
• mfa_required_by_organization
• mp_account_with_active_subscription_deleted
• mp_account_with_commitment_deleted
• mp_account_with_support_contract_deleted
• mp_subscription_not_found
• nested_account_cannot_have_authentication_method
• nested_account_cannot_have_user_groups
• node_prune_version_not_updated
• not_powered
• optimization_failed
• organization_aiven_enterprise_contract_denied
• organization_aiven_enterprise_contract_feature_denied
• organization_aiven_enterprise_denied
• organization_aiven_enterprise_organization_required
• organization_cannot_exist_without_root_account
• organization_domain_already_linked
• organization_domain_not_found
• organization_domain_verification_failed
• organization_kafka_topics_invalid_filters
• organization_mismatch
• organization_must_have_one_super_admin
• organization_not_found
• organization_tier_downgrade_not_allowed
• orphaned_project_not_allowed
• parent_account_cannot_be_own_ancestor
• parent_account_not_found
• parent_account_tenant_invalid
• parent_account_too_deep
• project_account_not_active
• project_belongs_to_account_billing_group_must_use_api
• project_has_no_such_user
• project_limitation_not_found
• project_not_found
• project_without_billing_group_must_be_assigned_from_account
• query_validation_failed
• request_already_exists
• request_forbidden
• request_not_found
• resource_managed_by_governance
• resource_managed_by_scim
• resource_not_managed_by_scim
• root_account_required
• same_organization_required
• service_acl_not_found
• service_acl_too_many
• service_integration_endpoint_not_found
• service_integration_not_found
• signup_welcome_invalid_key
• stripe_customer_owning_account_must_be_organization
• support_contract_and_account_must_be_in_same_organization
• support_contract_must_have_billing_group
• team_limit_exceeded
• team_names_must_be_unique
• tenant_mismatch
• topic_not_found
• unable_to_parse_query
• unit_cannot_be_moved_out_of_organization
• user_already_in_organization
• user_already_invited_to_organization
• user_config_2fa_otp_verification_failed
• user_deactivated
• user_domain_does_not_belong_to_organization_or_no_linked_auth_method
• user_group_names_must_be_unique
• user_group_not_found
• user_groups_belong_to_different_accounts
• user_groups_must_be_from_same_account
• user_has_no_access_to_billing_info
• user_has_no_access_to_project_with_current_authentication_method
• user_has_to_sign_in_with_non_account_authentication_method
• user_has_too_many_disk_addition_requests
• user_not_account_owner
• user_not_account_owner_of_billing_group
• user_not_account_owner_of_parent_account
• user_not_admin_of_account_billing_group
• user_not_found
• user_not_managed_by_organization
• user_not_organization_admin
• user_not_signed_in_with_account_authentication_method
• user_oauth_authentication_method_not_allowed
• user_password_authentication_method_not_allowed
• user_personal_token_allowed_authentication_methods_cannot_be_disabled
• user_personal_token_not_allowed
• user_personal_tokens_cannot_be_disabled
• user_role_not_allowed_to_perform_operation
• user_saml_authentication_method_not_allowed
• user_weblink_action_expired
• users_belong_to_different_tenant_from_user_group_account