Sandbox

The sandbox lets you test your integration against the full /sources API without affecting production data. Requests are validated exactly as they would be in production - same authentication, same request bodies, same response shapes - but nothing is persisted. Data exists only for the duration of your session.

Use the sandbox to verify request formatting, test error handling, and validate your workflow end-to-end before going live.

1. Base URL

All sandbox endpoints are prefixed with /sandbox:

https://api.meti.millpont.com/sandbox/sources

2. Authentication

The sandbox uses the same Auth0 credentials and scopes as the production API. No separate keys are required. See Authentication for setup.

3. Create a Source

POST /sandbox/sources

Scope: write:sources

Accepts the same SourceCreateRequest body as the production endpoint. All fields are validated identically - geometry, dates, alt_id, and account resolution. If your request would succeed in production, it will succeed here.

Sandbox sources are assigned an ID prefixed with sandbox_ so they are clearly distinguishable from production records.

Note: Spatial analysis fields such as conflict, and unep_overlap, return default values (false / null) in the sandbox.

Example

curl -X POST "https://api.meti.millpont.com/sandbox/sources" \
  -H "Authorization: Bearer <access_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "alt_id": "test-field-001",
    "methodology": "Agriculture",
    "geometry": {
      "type": "Polygon",
      "coordinates": [[[...], [...], [...], [...]]]
    }
  }'

Response - List[SourceResponse]

[
  {
    "id": "sandbox_a3f1c8e2b04d7a916e5f2d3c1b8e0f47",
    "alt_id": "test-field-001",
    "methodology": "Agriculture",
    "created_at": "2026-04-13T14:22:01.000Z",
    "updated_at": "2026-04-13T14:22:01.000Z",
    "conflict": false,
    "unep_overlap": null,
    "h3_indexes": null
  }
]

4. Retrieve Sources

Get a single source

GET /sandbox/sources/{source_id}

Scope: read:sources

Returns SourceResponse or 404.

curl -X GET "https://api.meti.millpont.com/sandbox/sources/sandbox_a3f1c8e2b04d7a916e5f2d3c1b8e0f47" \
  -H "Authorization: Bearer <access_token>"

List sources

GET /sandbox/sources

Scope: read:sources

Returns all sandbox sources for your account. Supports the same query parameters as the production list endpoint:

id · alt_id · methodology · steward_id · project_id · outcome_reporting_year · limit · offset

curl -X GET "https://api.meti.millpont.com/sandbox/sources?methodology=Agriculture&limit=10" \
  -H "Authorization: Bearer <access_token>"

Response — List[SourceResponse]

5. Delete Sources

By ID

DELETE /sandbox/sources/{source_id}

By alt_id

DELETE /sandbox/sources?alt_id=...

curl -X DELETE "https://api.meti.millpont.com/sandbox/sources?alt_id=test-field-001" \
  -H "Authorization: Bearer <access_token>"

You can only delete sources that belong to your account.

6. Sandbox Source IDs

Sandbox source IDs use the format sandbox_<uuid>:

sandbox_a3f1c8e2b04d7a916e5f2d3c1b8e0f47

The sandbox_ prefix ensures these IDs are immediately recognizable and will not resolve against the production /sources/{id} endpoint.

7. Errors

The sandbox returns the same error codes and formats as the production API.

Code

Meaning

401

Missing, malformed, or expired token.

403

Valid token, but missing the required scope.

404

Source ID not found, or belongs to a different account.

422

Request body failed validation — invalid geometry, malformed dates, etc.

PreviousError Handling NextSource Data Dictionary

Last updated 1 month ago

hashtag1. Base URL

hashtag2. Authentication

hashtag3. Create a Source

hashtag4. Retrieve Sources

hashtagGet a single source

hashtagList sources

hashtag5. Delete Sources

hashtagBy ID

hashtagBy alt_id

hashtag6. Sandbox Source IDs

hashtag7. Errors