API Reference

API Reference

While we recommend using our official SDK, you can always build against the Notabotly raw HTTP API directly.

Base URL: https://api.notabotly.com

Note

During the beta phase, all API requests should use the production base URL. Authentication is handled via the Authorization: Bearer <api_key> header.

Generate Session

POST /session/init

Creates a new verification session.

Headers:

Authorization: Bearer <api_key>
Content-Type: application/json

Body:

{
  "app_id": "app_abc123",
  "redirect_url": "https://example.com/after-verify"
}

Response (200 OK):

{
  "session_id": "sess_xyz789",
  "verify_url": "https://verify.notabotly.com/sess_xyz789",
  "expires_in": 600
}

Possible Errors:

• 401 → Invalid or missing API key
• 403 → App not found or key mismatch
• 429 → Monthly credit limit reached
• 400 → Missing required fields

---

Listen to Status

GET /session/status/:session_id

Streams the session result using Server-Sent Events (SSE).

Headers:

Authorization: Bearer <api_key>
Accept: text/event-stream

Events yield JSON data payload:

data: {"status": "pending"}   ← sent immediately on connect
data: {"status": "true"}      ← verification succeeded
data: {"status": "false"}     ← WebAuthn failed
data: {"status": "timeout"}   ← 10 minutes passed

The connection automatically closes after any terminal event (true, false, timeout).