Fast.io API Documentation Workspaces for Agentic Teams. Collaborate, share, and query with AI — all through one API, free.

Base URL: https://api.fast.io/current/ API Version: 1.0 Doc Version: 2.0 Format: JSON

Fast.io provides workspaces for agentic teams — where agents collaborate with other agents and with humans. Upload outputs, create branded data rooms, ask questions about documents using built-in AI, and hand everything off to a human when the job is done. No infrastructure to manage, no subscriptions, no credit card required.

For AI agents: Create an account with agent=true, get 50 GB storage and 5,000 monthly credits free, build workspaces for your team (agents and humans), query documents with built-in RAG, and transfer ownership to humans when ready.

For MCP-enabled agents: Connect via the Model Context Protocol to interact with Fast.io workspaces, shares, files, and storage directly. Connect to https://mcp.fast.io/mcp (Streamable HTTP) or https://mcp.fast.io/sse (legacy SSE). The server exposes 14 consolidated tools with action-based routing.

Detailed API References

Auth & Users

Authentication methods, user CRUD, getting started patterns

OAuth 2.0

PKCE flow, token exchange, session management, DCR, resource indicators

Organizations

Org CRUD, members, billing, transfer (agent→human), discovery

Workspaces

Workspace CRUD, members, assets, discovery

Storage

File/folder operations, locking, previews, transforms

Share types, storage modes, members, branding, quickshare

Upload

Chunked upload flow, web upload, status polling

AI & Chat

RAG chat, intelligence, notes, metadata extraction

Events & Activity

Event search, activity polling, WebSocket, realtime

Comments

Threading, mentions, reactions, JSON body format

Workflow

Task lists, tasks, worklogs, interjections, approvals, todos

What Fast.io Does

Capability	What It Does
Workspaces	Shared workspaces for agentic teams with file versioning, search, and AI chat
Shares	Purpose-built spaces for agent-human exchange with two storage modes: Room (independent data room with passwords, expiration, guest access) or Shared Folder (live-synced workspace folder). Three share types: Send, Receive, Exchange
Built-in AI	RAG-powered document Q&A, semantic search, auto-summarization, metadata extraction
File Preview	Inline rendering for PDF, images, video, audio, spreadsheets, code — no download needed
Ownership Transfer	Agent builds everything, generates a claim link, human takes over with one click
Activity Tracking	Full audit trail with AI-powered natural language summaries

Agent Plan (Free)

Resource	Included
Price	$0 — no credit card, no trial, no expiration, no auto-deletion
Storage	50 GB
Monthly credits	5,000 (resets every 30 days)
Workspaces	5
Shares	50
Members per workspace	5

Credits cover: storage (100/GB), bandwidth (212/GB), AI tokens (1/100 tokens), document ingestion (10/page), video ingestion (5/sec), image ingestion (5/image), file conversions (25/each). When exhausted, the org enters reduced-capability mode until the 30-day reset. The org is never deleted.

When credits run out (agent accounts): Transfer ownership to a human who can upgrade. Create a transfer token via POST /current/org/{org_id}/transfer/token/create/, then give the human the claim URL: https://go.fast.io/claim?token={token}. See Organizations reference for details.

When credits run out (human accounts): Direct the user to upgrade at https://fast.io or via POST /current/org/{org_id}/billing/.

Profile Hierarchy

User (Type 1) → Organization (Type 2) → Workspace (Type 3) / Share (Type 4)

Users own organizations. An organization is a collector of workspaces — it can represent a company, a business unit, a team, or simply a personal collection. Organizations own workspaces and shares. Users can also directly own shares.

All profile IDs are 19-digit numeric strings (e.g., "1234567890123456789"). Most endpoints also accept a custom name in place of the numeric ID.

Account types: human or agent — visible in all user objects via account_type field.

Authentication

All authenticated endpoints require: Authorization: Bearer {jwt_token}

Four methods:

Basic Auth → JWT: GET /current/user/auth/ with HTTP Basic Auth. Returns JWT. If 2FA enabled, token has limited scope until verified.
OAuth 2.0 PKCE: For desktop/mobile apps and MCP agents. S256 only. Supports Dynamic Client Registration (RFC 7591), CIMD for URL-based client_id, and Resource Indicators (RFC 8707). See OAuth reference.
API Keys: Long-lived tokens. Same Bearer header. Create via POST /current/user/auth/key/.
2FA: Limited-scope token → full token after POST /current/user/auth/2factor/auth/{token}/.

Choose your access pattern

Human's account — Human creates API key, gives it to you. You operate as them. → Auth reference
Autonomous agent — Create agent account (agent=true), create org, work independently. → Auth reference
Collaboration — Create agent account, human invites you to their org/workspace. → Auth reference
PKCE browser login — Secure, no password sharing, supports SSO. → OAuth reference

Response Envelope

Success (data fields at root level):

{"result": true, "status": "ok", ...}

Error:

{
  "result": false,
  "error": {
    "code": 195654,
    "text": "Human-readable message",
    "documentation_url": "https://api.fast.io/llms.txt",
    "resource": "POST /current/user/"
  }
}

result: boolean — true on success, false on error
error.code: Unique error identifier (integer) for debugging
error.text: Human-readable error message, safe to display
error.documentation_url: Link to error documentation (string or null)
error.resource: The endpoint that produced the error

Error Codes

Client Errors

Code	Constant	HTTP Status
`1605`	APP_ERROR_INPUT_INVALID	406 Not Acceptable
`1607`	APP_ERROR_INPUT_DUPLICATE	406 Not Acceptable
`1650`	APP_AUTH_INVALID	401 Unauthorized
`1651`	APP_REQUEST_TYPE	405 Method Not Allowed
`1609`	APP_ERROR_NOT_FOUND	404 Not Found
`1652`	APP_RESOURCE_NOT_FOUND	404 Not Found
`1653`	APP_USER_NOT_FOUND	404 Not Found
`1656`	APP_EXCEEDED_LIMIT	413 Payload Too Large
`1667`	APP_MAX_LIMIT	429 Too Many Requests
`1685`	APP_FEATURE_LIMIT	412 Precondition Failed
`1658`	APP_NOT_ACCEPTABLE	406 Not Acceptable
`1660`	APP_CONFLICT	409 Conflict
`1669`	APP_EXISTS	409 Conflict
`1670`	APP_RESTRICTED	406 Not Acceptable
`1680`	APP_DENIED	401 Unauthorized
`1671`	APP_ENHANCE_CALM	429 Too Many Requests
`1677`	APP_LOCKED	423 Locked

Server Errors

Code	Constant	HTTP Status
`1654`	APP_INTERNAL_ERROR	500
`1664`	APP_ERROR_DATASTORE	500
`1686`	APP_ERROR_NOT_IMPLEMENTED	501

Rate Limiting

Headers: X-Rate-Limit-Available, X-Rate-Limit-Expiry, X-Rate-Limit-Max

When exceeded: HTTP 429 with error code 1671 (APP_ENHANCE_CALM).

Pagination

Offset Pagination (List Endpoints)

Most list endpoints support offset-based pagination:

limit: 1–500 (default: 100) — number of items to return
offset: 0+ (default: 0) — number of items to skip
Response: pagination.total, pagination.limit, pagination.offset, pagination.has_more

Keyset Pagination (Storage List Endpoints)

Storage listing uses cursor-based pagination:

sort_by: name | updated | created | type (default: name)
sort_dir: asc | desc (default: asc)
page_size: 100 | 250 | 500 (default: 100)
cursor: opaque string from previous response
Response: pagination.has_more, pagination.next_cursor, pagination.page_size

ID Formats

Profile IDs (user, org, workspace, share): 19-digit numeric string
Node IDs (files, folders): OpaqueId — 30-character alphanumeric with hyphens (e.g., f3jm5-zqzfx-pxdr2-dx8z5-bvnb3-rpjfm4). Prefix: f = file, d = folder, n = note.
Upload IDs: OpaqueId — alphanumeric string
Opaque IDs (quickshare tokens): 30-character alphanumeric string
Special folder aliases: "root" for storage root, "trash" for trash folder

Custom names as identifiers

Profile Type	Custom Name
Workspace	Folder name (e.g., `my-project`)
Share	URL name (e.g., `q4-financials`)
Organization	Domain name (e.g., `acme`)
User	Email address (e.g., `user@example.com`)

Field Constraints

Profile fields (org, workspace, share) have validation rules enforced server-side.

Entity	Field	API Key	Min	Max	Regex	Required
Org	domain	`domain`	2	80	`^[a-z0-9]([-a-z0-9]{0,61}[a-z0-9])?$`	Yes (create)
Org	name	`name`	3	100	No control chars	Yes
Org	description	`description`	10	1000	No control chars	No
Workspace	folder_name	`folder_name`	4	80	`^[\p{L}\p{N}-]+$`	Yes (create)
Workspace	name	`name`	2	100	No control chars	Yes
Workspace	description	`description`	10	1000	No control chars	No
Share	custom_name	`custom_name`	4	80	`^[\p{L}\p{N}]+$`	Yes (create)
Share	title	`title`	2	80	No control chars	Yes
Share	description	`description`	10	500	No control chars	No

Agent Workflows

Upload Files

Small files (< 4MB): single-request upload. Large files: chunked upload with parallel chunks.

→ Full details: Upload reference

Query Documents with AI

Create chats with chat (general) or chat_with_files (RAG with citations). Stream responses via SSE.

→ Full details: AI reference

Create Send/Receive/Exchange shares with Room or Shared Folder storage modes.

→ Full details: Shares reference

Transfer Ownership to a Human

Agent creates transfer token → build claim URL https://go.fast.io/claim?token={token} → human claims org.

→ Full details: Organizations reference

Monitor Usage

GET /current/org/{org_id}/billing/usage/limits/credits/ — credit consumption
GET /current/org/{org_id}/billing/usage/meters/list/ — detailed breakdown
GET /current/events/search/ — activity feed

→ Full details: Events reference

Activity Polling

Long-poll for changes instead of looping on individual endpoints:

GET /current/activity/poll/{entityId}?wait=95&lastactivity={timestamp}