Introduction
The RealityConnect API is the single public surface that lets external systems interact with the Prevu3D ecosystem. Use it to read and write content in RealityPlatform, drive RealityTwin workspaces, manage your organization, upload files and datasets, and so much more.
How the API is organized
Section titled “How the API is organized”A few design choices are worth knowing before you start building:
- Regional base URLs. The API runs in multiple regions (US East, EU Central, Asia North, Canada Central). Your organization is provisioned in exactly one of them. Always fetch your base URL from the discovery endpoint instead of hardcoding it. The Getting Started guide shows how.
- Everything is scoped to your organization. A token only sees nodes the service user has been granted access to. Cross-organization calls are not possible.
- Resources live in a content hierarchy. Most operations target a node identified by UUID. Nodes form a tree (organization → division → site → folder → asset) that you can navigate with the
/nodes/{id}/browseendpoint. - Three-layer access control. OAuth scopes, content access, and per-node roles all have to pass for a request to succeed. See the Security Model for how to configure each one.
- JSON over HTTPS. Every endpoint accepts and returns JSON, uses bearer-token authentication, and follows standard HTTP status codes.
OAuth authentication
Section titled “OAuth authentication”The API authentication is based on the OAuth2 protocol. Supported flows:
| OAuth Flow | Description | Use case examples |
|---|---|---|
| Client Credentials | Server-to-server access without a signed-in user. Creates a service user in your organization; you configure its permissions separately. | Scripts, automation, backend integrations, testing the API |
| Native app | A user signs in through the browser and consents to scopes. Uses Authorization Code + Native Application with PKCE and a http://localhost redirect. No client secret. | Desktop apps, CLI tools, CAD plugins |
| Authorization Code + custom HTTPS redirect | Web applications with a callback URL on your own domain. Uses Authorization Code without Native Application. | Coming soon |
Next steps
Section titled “Next steps”- Getting Started: prerequisites, network access, security model, and choosing an OAuth flow.
- Client Credentials Flow: server-to-server setup from OAuth app creation to your first API call.
- Native Application Flow: user sign-in with PKCE and a localhost redirect.
- Interactive API reference: full endpoint catalog with request/response schemas and a built-in request builder.