Introduction

Ultra API is a multi-tenant REST and GraphQL API that provides access to approximately 850 database entities used across IndySoft products. It allows you to query, create, update, and delete data through two protocols:

OData (REST) — Full CRUD operations (Create, Read, Update, Delete) with powerful query options.

GraphQL — Read-only queries with flexible filtering, pagination, and the ability to fetch multiple datasets in a single request.

How Authentication Works

Every request to the Ultra API requires an API Key. This key identifies your tenant (customer environment) and determines which database and permissions are used. There is no tenant ID in the URL — the API Key handles everything.

The API Key can be provided in two ways:

Header (recommended): X-API-Key: your-api-key-here

Query parameter (fallback): ?api_key=your-api-key-here

Access Roles

Your API Key is associated with one of two roles:

Reader — Can only read data (GET requests in OData, all queries in GraphQL).

Writer — Full access to read, create, update, and delete data (OData only — GraphQL is always read-only).

How Authentication Works​

Access Roles​

How Authentication Works

Access Roles