Backend Template
Todo App Backend Template
REST API
A production-ready REST API Todo backend schema and Starter Kit on Back4app: ER diagram, data dictionary, JSON schema, API playground, code examples, and a one-click AI Agent prompt to deploy in minutes.
Overview
A Todo app is one of the most common starting points for learning backend development. Under the hood it needs user registration, task CRUD, ownership-based access control, and optionally real-time sync.
The schema below defines two classes — _User (built-in) and Todo — connected by a Pointer. With the Back4app REST API SDK, you can interact with this backend from your app — querying, creating, updating, and deleting objects — without writing a custom API layer.
er.heading
er.subtitle
erDiagram
_User {
String objectId PK
String username
String email
String password
Date createdAt
Date updatedAt
}
Todo {
String objectId PK
String title
Boolean done
Date dueDate
Number priority
Pointer owner FK
Date createdAt
Date updatedAt
}
_User ||--o{ Todo : "owns"
Loading diagram…
View diagram source
erDiagram
_User {
String objectId PK
String username
String email
String password
Date createdAt
Date updatedAt
}
Todo {
String objectId PK
String title
Boolean done
Date dueDate
Number priority
Pointer owner FK
Date createdAt
Date updatedAt
}
_User ||--o{ Todo : "owns"
Data Dictionary
Complete field reference for every class in the schema.
Todo
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| title | String | Short description of the task | |
| done | Boolean | Whether the task is completed | — |
| dueDate | Date | Optional deadline for the task | — |
| priority | Number | Priority level (1 = high, 3 = low) | — |
| owner | Pointer<_User> | User who owns this task | — |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
_User
| Field | Type | Description | Required |
|---|---|---|---|
| objectId | String | Auto-generated unique identifier | auto |
| username | String | Login username | |
| String | Email address | ||
| password | String | Hashed password (write-only) | |
| createdAt | Date | Auto-generated creation timestamp | auto |
| updatedAt | Date | Auto-generated last-update timestamp | auto |
Schema (JSON)
Raw JSON schema definition — copy and use in your Back4app app or import via the API.
{
"classes": [
{
"className": "Todo",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"title": {
"type": "String",
"required": true
},
"done": {
"type": "Boolean",
"required": false,
"defaultValue": false
},
"dueDate": {
"type": "Date",
"required": false
},
"priority": {
"type": "Number",
"required": false,
"defaultValue": 3
},
"owner": {
"type": "Pointer",
"targetClass": "_User",
"required": false
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
},
{
"className": "_User",
"fields": {
"objectId": {
"type": "String",
"required": false
},
"username": {
"type": "String",
"required": true
},
"email": {
"type": "String",
"required": true
},
"password": {
"type": "String",
"required": true
},
"createdAt": {
"type": "Date",
"required": false
},
"updatedAt": {
"type": "Date",
"required": false
}
}
}
]
}Build with AI Agent
Press the button below to open the Agent with this template's prompt pre-filled.
Back4app AI Agent
Ready to build
Create a Todo app on Back4app with this exact schema and behavior. Schema: 1. _User (use Back4app built-in): username (String, required), email (String, required), password (String, required); objectId, createdAt, updatedAt (system). 2. Todo: title (String, required), done (Boolean, default: false), dueDate (Date, optional), priority (Number, default: 3; 1=high, 2=medium, 3=low), owner (Pointer to _User; set to current user on create); objectId, createdAt, updatedAt (system). Security: - Set ACLs on every Todo so only the owner has read and write. No public read/write. - On create, set Todo.owner to the current user (e.g. via Cloud Code beforeSave or client-side). - Use Class-Level Permissions so only authenticated users can create/read/update/delete Todo. Auth: - Sign-up (username, email, password) and login; support logout/session. - After login, the app should only show and allow CRUD for the current user's todos. Behavior: - Full CRUD for Todo: create, list (only owner's), get one, update (toggle done, edit title, dueDate, priority), delete. - List todos with sort (e.g. by priority then dueDate or createdAt). Default priority for new todos: 3 (low). Deliver: - Create the Back4app app with the schema above, ACLs, and any Cloud Code needed (e.g. beforeSave on Todo to set owner). - Generate the frontend and connect it to this backend; deploy so the app is runnable end-to-end.
50 free prompts / month — No credit card required
API Playground
Try the REST and GraphQL endpoints for the Todo schema. Responses from the example data above — no Back4app account needed.
GET
https://parseapi.back4app.com/classes/Todo
Headers
{
"X-Parse-Application-Id": "YOUR_APP_ID",
"X-Parse-REST-API-Key": "YOUR_REST_API_KEY"
}usage.restApi.heading
usage.restApi.subtitle
1
usage.restApi.step1Title
usage.restApi.step1Body
# Required headers for every request
X-Parse-Application-Id: YOUR_APP_ID
X-Parse-REST-API-Key: YOUR_REST_API_KEY2
usage.restApi.step2Title
curl -X POST \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
-H "Content-Type: application/json" \
-d '{"title":"Buy groceries","done":false,"priority":2}' \
https://parseapi.back4app.com/classes/Todo3
usage.restApi.step3Title
curl -X GET \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
https://parseapi.back4app.com/classes/Todo4
usage.restApi.step4Title
curl -X PUT \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
-H "Content-Type: application/json" \
-d '{"done":true}' \
https://parseapi.back4app.com/classes/Todo/OBJECT_ID5
usage.restApi.step5Title
curl -X DELETE \
-H "X-Parse-Application-Id: YOUR_APP_ID" \
-H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
https://parseapi.back4app.com/classes/Todo/OBJECT_IDFrequently Asked Questions
Common questions about the Todo app backend template.
What is Back4app?
Back4app is the backend behind Todo and task apps. For REST you get clear GET/POST/PUT endpoints for Todo and X-Parse-Session-Token auth—no server to write or host.
Why use Back4app for a Todo REST API?
Back4app exposes a specification-ready REST API for Todo: clear GET/POST/PUT/DELETE endpoints, X-Parse-Session-Token auth, and an API playground. It fits any stack that speaks HTTP and wants a managed BaaS instead of a custom backend.
What is the Todo class in the REST API?
Todo is a Back4app class with title, done, dueDate, priority, and owner (pointer to _User). REST endpoints: GET/POST /classes/Todo, GET/PUT/DELETE /classes/Todo/:id. Responses include objectId, createdAt, updatedAt.
How do I send the session token in REST?
Include the X-Parse-Session-Token header with the value returned at login. The server enforces ACLs so only the owner's todos are returned or modified. Use this header on every authenticated request.
Can I add fields to Todo via the REST API?
Yes. POST or PUT JSON with new fields; Back4app's flexible schema accepts them. Add fields from the dashboard if you prefer. No migrations.
How do I query todos by priority with REST?
Use GET /classes/Todo?where={"priority":1}&order=priority. The where parameter supports comparison operators ($lt, $gt, etc.); order and -order control sort. Use limit and skip for pagination.
Is real-time available for REST clients?
Live Queries use WebSockets and are available for real-time updates. For REST-only clients, poll the GET endpoint or use the REST API for CRUD and a separate subscription mechanism if needed.
How do I add categories or tags via REST?
Add a tags array or a Category class and relation. Send the new fields in POST/PUT bodies. Query with where for filters.
Ready to Build Your Todo App?
Start your project in minutes — pick a technology and follow the guide, or let the AI Agent build it for you. No credit card required.