Data endpoint performs actual data retrieving for the specified source. Incoming payload includes both account and filter information provided by the end-user and retrieved in accordance with the scheme information provided in the initial GET / request:

//Request Body:
{
  "source": "supersource",  // identifier
  "account": {  //account information, formatted according to app info authentications
        "identifier": "basic",  // identifier of this account type
        "username": "test_user",
        "password": "test$user!",
        /*...*/
  },
  "filter": { //filter field values according to app info source filters
    	"ssn": "696969696",
        /*...*/
  }
}

In case when the account information is incorrect, the app should return an HTTP status 401 (Unauthorized) and should include a human-friendly error message. In case when the information is incomplete, the app should return HTTP status 400 (Bad Request) and include a human friendly error message:

// there's been an error!
{"error": "This is a friendly error message for you."}

Internal errors should return HTTP status 500 (Internal Server Error) and include an error message similar to the one above.

Good responses should return an appropriate HTTP 2xx status code and be in any text-like format, serialized or not. Because source schema information is not concrete and isn't necessarily provided to the Vizydrop, the return representation of the datapoints can be structured according to the underlying data model or arbitrarily defined by the implementer of the app.