Backend contract
Public SDK endpoints and dashboard-owned contracts that power the Releaseo widget, changelog visibility, roadmap, and feature requests.
Service ownership
| Area | Owner |
|---|---|
| Widget config, changelog visibility, feature requests, roadmap | API service |
| SDK identity handoff | Runtime service |
| Access tokens and user authentication | Auth service |
Public SDK endpoints
The SDK and widget use project key based public routes.
GET /sdk/config
POST /sdk/identify
GET /sdk/feature-requests/categories
GET /sdk/feature-requests
POST /sdk/feature-requests
GET /sdk/feature-requests/:id/comments
POST /sdk/feature-requests/:id/comments
POST /sdk/feature-requests/:id/vote
GET /sdk/roadmap/snapshot
GET /sdk/roadmap/:id
POST /sdk/roadmap/:id/followDashboard-owned APIs
Dashboard moderation and setup APIs are JWT protected and project scoped.
Feature request moderation:
GET /projects/:projectId/feature-requests
GET /projects/:projectId/feature-requests/:id
PATCH /projects/:projectId/feature-requests/:id
DELETE /projects/:projectId/feature-requests/:id
GET /projects/:projectId/feature-requests/:id/comments
DELETE /projects/:projectId/feature-requests/:id/comments/:commentIdVisibility rules
- Feature request public routes expose only
kind = feature_requestandreviewStatus = approved. - New public feature request submissions start as
pendingand are hidden until dashboard review. - Roadmap
internal_onlyitems are not public. - Published changelog posts and roadmap items use dashboard-owned visibility settings before they render in the widget.
Widget config cache
Widget settings are the source of truth for /sdk/config. After widget create,
update, or removal, the backend invalidates SDK config cache keys for the
project and project key so newly loaded widgets receive fresh settings.
Integration rule
The SDK docs and public landing-page docs should stay aligned with the SDK source, npm packages, and backend contracts before a public release.