Skip to content
Pionne

Feedback (User Reports)

Two public endpoints, authenticated via X-Pionne-Token. Used by the SDK to send a free-form comment left by an end user.

POST /api/feedback

Section titled “POST /api/feedback”

Standalone feedback — not tied to an event. Useful for general-purpose widgets (“Give feedback”).

POST https://api.pionne.app/feedback
Content-Type: application/json
X-Pionne-Token: pio_live_…


{
  "message":     "The checkout page stays blank after payment",
  "name":        "Alice",
  "email":       "alice@example.com",
  "url":         "https://app.example.com/checkout",
  "app_version": "1.4.2"
}

Mobile example with deep link (matches what the RN SDK sends automatically):

POST https://pionne.agkgcreations.fr/api/feedback
Content-Type: application/json
X-Pionne-Token: pio_live_…


{
  "message":     "The screen stays blank after tapping Pay",
  "url":         "phaniste://Checkout",
  "app_version": "1.4.2"
}

POST /api/events/{event_id}/feedback

Section titled “POST /api/events/{event_id}/feedback”

Feedback attached to a captured event. The server checks that event_id belongs to the project identified by the token, and automatically links the feedback to the matching issue_id.

POST https://pionne.agkgcreations.fr/api/events/1234/feedback
Content-Type: application/json
X-Pionne-Token: pio_live_…


{
  "message": "It crashes when I type an emoji in the chat",
  "email":   "bob@example.com"
}

Fields

Section titled “Fields”
FieldTypeConstraints
message (req.)string1 to 2000 characters. PII-scrubbed server-side (email, JWT, card).
namestring120 characters max.
emailstringRFC-valid email, 191 characters max.
urlstringContextual location identifier. Accepts web URLs (https://app.example.com/checkout) and mobile deep links (myapp://Settings, phaniste://order/42). 500 characters max. Stored for display only, never re-fetched.
app_versionstring32 characters max.

Responses

Section titled “Responses”
202 Accepted
{ "ok": true, "feedback_id": 42 }
CodeCase
202Feedback recorded.
401Token missing / invalid.
404event_id not found or doesn’t belong to the project.
422Invalid payload (message empty, malformed email…).
429Rate limit exceeded (100/min/project).

Privacy

Section titled “Privacy”

The message is run through the server PII scrubber before storage: emails, JWTs and card numbers are replaced with [REDACTED]. The form’s name and email fields are kept as-is — they were intentionally entered by the user.

The source IP is hashed (SHA-256) with APP_KEY as salt and stored only for anti-spam dedup; never in plain form.

Dashboard-side triage

Section titled “Dashboard-side triage”

Three Sanctum-authenticated endpoints (used by the mobile dashboard to manage received feedback). The project must belong to the authenticated user.

GET /api/projects/{project}/feedback

Section titled “GET /api/projects/{project}/feedback”

Lists feedback (up to 100, most recent first). By default archived ones are hidden; pass ?include=all to bring them back.

{
  "feedback": [
    {
      "id": 7,
      "event_id": 1234,
      "issue_id": 88,
      "name": "Alice",
      "email": "alice@example.com",
      "message": "The Pay button stays grayed out...",
      "status": "open",
      "handled_at": null,
      "url": null,
      "app_version": "1.4.2",
      "created_at": "2026-05-07T17:25:00Z"
    }
  ]
}

PATCH /api/projects/{project}/feedback/{feedback}

Section titled “PATCH /api/projects/{project}/feedback/{feedback}”

Changes the status of a feedback (triage). Body:

{ "status": "open" | "handled" | "archived" }

handled_at is set to now() if status moves to handled, otherwise reset to null. Responses: 200 (OK), 404 (not found / other project), 422 (invalid status).

DELETE /api/projects/{project}/feedback/{feedback}

Section titled “DELETE /api/projects/{project}/feedback/{feedback}”

Permanent deletion. Responses: 200 { "deleted": true } or 404.

Release Health on the dashboard

Section titled “Release Health on the dashboard”

GET /api/projects/{project}/release-health

Section titled “GET /api/projects/{project}/release-health”

Aggregates release health sessions over the last 14 days by release and computes the crash-free user rate. Response:

{
  "releases": [
    {
      "release": "1.4.2",
      "sessions_total": 1240,
      "sessions_crashed": 3,
      "sessions_errored": 17,
      "users_total": 412,
      "users_crashed": 2,
      "crash_free_sessions": 0.9976,
      "crash_free_users": 0.9951,
      "first_seen_at": "2026-04-25T08:00:00Z",
      "last_seen_at": "2026-05-07T17:30:00Z"
    }
  ]
}

crash_free_* values are 0..1 ratios. The mobile dashboard colors them green ≥ 0.99, yellow ≥ 0.95, red below.