Quick Start Authentication SDK Reference API Endpoints Rate Limits Webhooks TRIPPYCOIN API Community API Error Codes Examples

Quick Start

Running in under a minute. Every tool here is free and keyless, no signup, no card, no API key. Copy a curl, hit a live endpoint, read real JSON back.

These docs are free and open. Nothing here is paywalled or locked behind an account. The developer tools, Deploy Doctor, ClaudeJr, CloudJr, the VS Code extension, are 100% free to download and run. The optional Founding Supporter membership backs the mission; it gates nothing in this reference.

1. Diagnose a deploy error (no key required)

Paste a build or deploy log into Deploy Doctor and get matching fixes back from ~180 local-first recipes. Free, keyless, live right now.

bash
curl -X POST https://api.apxai.co/api/deploy-doctor/diagnose \
  -H "Content-Type: application/json" \
  -d '{"log":"Error: Cannot find module express"}'

# → { "ok": true, "matchCount": 5, "matches": [{ "recipe": { "title": "...", "fix": [...] }}] }

2. Read the live TRIPPYCOIN price (no key required)

Read straight from the on-chain PancakeSwap V2 pool. The price is always live or honestly null, never fabricated. TRIPPY is brand glue, a fixed-supply BEP-20, not an investment.

bash
curl https://api.apxai.co/api/trippycoin/price

# → { "symbol": "TRIPPY", "price": 0.0000173, "marketStatus": "live", ... }
SDK & API keys, coming soon. A typed TypeScript SDK and personal API keys are not available yet, so this reference documents only what you can run today. Everything keyless above is free and live. New here? Start the tutorial →

Authentication

None required. The public tools are keyless and free, no signup, no login, no card, no personal API key. Every endpoint you can call right now is public.

Keyless today, start in one curl

The free tools at /start need no credentials: the live demo, Deploy Doctor, and the VS Code extension (beta). Just call a public endpoint:

shell
# No Authorization header needed, these are public
curl https://api.apxai.co/api/health

curl -X POST https://api.apxai.co/api/deploy-doctor/diagnose \
  -H "Content-Type: application/json" \
  -d '{"log":"Error: Cannot find module express"}'

Personal API keys, coming soon

Personal API keys are not available yet, there is no key-issuance flow today. When they ship, you will set an APXAI_API_KEY environment variable and pass it as a Bearer token on protected requests. The free keyless tools will keep working without one. We will not document a key you cannot obtain, this section fills in the moment issuance is live.

Heads up: When keys arrive, store APXAI_API_KEY in environment variables or a secrets manager, never in source code or .env files committed to version control. Until then, nothing here requires a secret.

SDK Reference

A typed TypeScript SDK is coming soon. It is not published to npm yet, until it lands, call the live keyless endpoints directly over HTTP. No package to install, no key to obtain, nothing to pay.

SDK, coming soon. A typed client (typed responses, retries, streaming helpers) is in the works. There is no npm install step today, anything you see installing a package is not available yet. New here? Start the tutorial →

Use the API today with plain fetch (no key)

Every snippet below hits a real, public endpoint on api.apxai.co, no SDK, no auth header, no cost.

Deploy Doctor, diagnose a build log
typescript
// Public, no API key required
const res = await fetch('https://api.apxai.co/api/deploy-doctor/diagnose', {
  method:  'POST',
  headers: { 'Content-Type': 'application/json' },
  body:    JSON.stringify({ log: 'Error: Cannot find module express' }),
})

const data = await res.json()
console.log(data.matchCount)  // e.g. 5
console.log(data.matches[0].recipe.title)
TRIPPYCOIN, read the live on-chain price
typescript
// Public, price is always live or honestly null, never fabricated
const res = await fetch('https://api.apxai.co/api/trippycoin/price')
const { symbol, price, marketStatus } = await res.json()

console.log(symbol, price, marketStatus)  // "TRIPPY" 0.0000173 "live"

When the SDK ships

The typed client will set APXAI_API_KEY when personal keys are live (see Authentication). The keyless tools above will keep working with no key. This section will be replaced with the real install + method reference the moment the package is published.

API Endpoints

All requests target https://api.apxai.co and return JSON. Endpoints marked Public are free and need no authentication, call them today. Endpoints marked Bearer are documented ahead of the personal-key launch (see Authentication).

Method Route Auth Description
GET /api/health Public Basic health ping. Returns uptime in seconds.
GET /api/status Public Detailed system status across all services (AP, xAI, memory, billing, database).
POST /api/deploy-doctor/diagnose Public Diagnose a build/deploy log against ~180 local-first recipes. Keyless, free, live today.
GET /api/trippycoin/price Public Live on-chain TRIPPY price from the PancakeSwap V2 pool, or honestly null, never faked.
POST /api/ap/run Bearer Run a coding agent task. Accepts task string and optional model override.
GET /api/ap/history Bearer List the last 50 AP agent runs for your account.
POST /api/xai/run Bearer Run xAI diagnostics on a path or described issue. Returns diagnosis + prioritised fix list.
POST /api/brain/chat Bearer Chat with the AI brain, queries persistent memory and codebase context.
POST /api/brain/stream Bearer Streaming version of /brain/chat, returns SSE (Server-Sent Events) for real-time output.
POST /api/autopilot Bearer Set an autonomous multi-step goal. Agent plans, codes, tests, and deploys without manual intervention.
GET /api/usage/stats Bearer Full usage breakdown: daily runs, weekly runs, token consumption, quota remaining.
GET /api/stripe/prices Public List all pricing tiers with feature sets and monthly limits.
POST /api/stripe/checkout Public Create a Stripe Checkout session. Returns a redirect URL to the hosted payment page.
GET /api/stripe/subscription Bearer Look up current subscription status, tier, and billing period end for an email.
POST /api/waitlist Public Add an email to the early-access waitlist. Returns queue position.

Rate Limits

Limits are enforced per API key. Exceeding them returns 429 Too Many Requests with a Retry-After header.

Tier Requests / Month Requests / Minute Concurrent Runs
Free 50 10 1
Pro 2,000 60 5
Enterprise Unlimited 300 Custom
Rate limit headers: Every response includes X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset (Unix timestamp) so you can implement smart backoff logic without waiting for a 429.

429 response shape

json
{
  "ok":      false,
  "error":    "Rate limit exceeded",
  "retryAfter": 42  // seconds until your window resets
}

Webhooks

Register HTTP endpoints to receive real-time event notifications from APxAI. Every delivery is signed with HMAC-SHA256 so you can verify it originated from the platform.

Supported events

Event Type Description
brain.memory.updated Brain memory store was updated
agent.task.completed Agent task finished successfully
agent.task.failed Agent task failed after retries
autopilot.session.started Autopilot session began
autopilot.session.ended Autopilot session concluded
webhook.test Test delivery sent from dashboard or API

Endpoints

POST /api/webhooks Bearer Create a new webhook registration

Register a URL to receive event deliveries. The response includes a wh_-prefixed ID you use for all subsequent operations on this webhook.

Request body
json
{
  "url":    "https://my-server.com/hooks/apxai",
  "events": ["agent.task.completed", "brain.memory.updated"],
  "secret": "my-secret-123"
}
Response, 201 Created
json
{
  "ok":        true,
  "webhook": {
    "id":        "wh_01j9x8tzk4e2vn7bqr3m",
    "url":       "https://my-server.com/hooks/apxai",
    "events":    ["agent.task.completed", "brain.memory.updated"],
    "enabled":   true,
    "createdAt": "2026-05-27T12:00:00.000Z"
  }
}
POST /api/webhooks/:id/test Bearer Send a test delivery to a registered webhook

Dispatches a webhook.test event to the registered URL and returns the HTTP response received from your server.

Response, 200 OK
json
{
  "ok":           true,
  "deliveryId":   "dlv_03kp2rz9",
  "statusCode":   200,
  "durationMs":   143
}
DELETE /api/webhooks/:id Bearer Delete a webhook registration

Permanently removes the webhook. Deliveries in flight will still be attempted. Returns 204 No Content on success.

Signed delivery format

Every delivery includes an X-APxAI-Signature header. The value is the HMAC-SHA256 of the raw JSON body, keyed with the secret you provided at registration.

Example delivery headers
text
POST /hooks/apxai HTTP/1.1
Content-Type: application/json
X-APxAI-Event: agent.task.completed
X-APxAI-Delivery: dlv_03kp2rz9
X-APxAI-Signature: sha256=3b4c2d1e9f0a8b7c6d5e4f3a2b1c0d9e8f7a6b5c4d3e2f1a0b9c8d7e6f5a4b3

Verify the signature (Node.js)

Always verify signatures before processing a delivery. Use crypto.timingSafeEqual to prevent timing attacks, a standard string comparison is not safe here.
javascript
const crypto = require('crypto')

function verifySignature(payload, signature, secret) {
  const expected = 'sha256=' + crypto
    .createHmac('sha256', secret)
    .update(JSON.stringify(payload))
    .digest('hex')
  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expected)
  )
}

// Express example
app.post('/hooks/apxai', express.json(), (req, res) => {
  const sig = req.headers['x-apxai-signature']
  if (!verifySignature(req.body, sig, process.env.APXAI_WEBHOOK_SECRET)) {
    return res.status(401).send('Invalid signature')
  }
  // handle event...
  res.json({ received: true })
})

TRIPPYCOIN API

Read live, on-chain TRIPPYCOIN facts straight from the verified contract on BNB Smart Chain (chainId 56). Every value is fetched from a public RPC node, supply, burned balance, and contract metadata are real and auditable on BscScan. Market fields (price, market cap) are read live from the token's PancakeSwap V2 pool, liquidity is intentionally tiny, while holders stays null until an indexer is wired. We never fabricate a number. All endpoints are public, no authentication required.

Method Route Auth Description
GET /api/trippycoin/price Public Live price & marketCap from the PancakeSwap V2 pool, with honest market status. Liquidity is intentionally tiny.
GET /api/trippycoin/history Public Price history. data is empty, no candle indexer is run, never synthetic. Accepts period query param.
GET /api/trippycoin/burns Public Live burned balance, tokens held at the dead/zero addresses, read from chain.
GET /api/trippycoin/stats Public Full live on-chain snapshot: contract, supply, burned, circulating, and market status.
GET /api/trippycoin/price Public TRIPPY price & market status
Response, 200 OK
json
{
  "symbol":            "TRIPPY",
  "price":             0.0000210,   // USD, live from pool reserves (example)
  "priceBnb":          0.00000003, // WBNB per TRIPPY, live
  "marketCap":         21,        // price × totalSupply, live
  "liquidityUsd":      42,        // ≈ 2× the WBNB side, intentionally tiny
  "bnbUsd":            699,       // WBNB/USDT, live
  "poolAddress":       "0xf6c11f656c285a19ccc416b54eccde423ac302bb",
  "marketStatus":      "live",
  "note":              "Live price read directly from the PancakeSwap V2 pool reserves on BNB Smart Chain.",
  "totalSupply":       1000000,
  "circulatingSupply": 1000000,
  "contractAddress":   "0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed",
  "explorerUrl":       "https://bscscan.com/token/0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed",
  "updatedAt":         "2026-05-31T00:00:00.000Z"
}
GET /api/trippycoin/history?period=7d Public Price history (empty pre-market)

Query param period accepts 1h, 24h, 7d (default), or 30d. data is an empty array, this endpoint runs no price-candle indexer, so no historical series is stored, and no synthetic candles are ever returned. The live price is available from /price and /stats.

Response, 200 OK
json
{
  "period":         "7d",
  "data":           [],            // no candle indexer is run, never synthetic
  "marketStatus":   "live",
  "note":           "No price-candle indexer is run, so no historical series is returned. Live price is in /price and /stats.",
  "contractAddress": "0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed",
  "explorerUrl":     "https://bscscan.com/token/0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed"
}
GET /api/trippycoin/burns Public Recent burn events

Returns the live burned balance, TRIPPY held at the dead and zero addresses, read directly from chain. There is no scheduled or automatic burn mechanism, so this is currently 0 and is never fabricated.

Response, 200 OK
json
{
  "burnedTotal":     0,          // live balance at dead/zero addresses
  "burnRate":        0,          // percent of supply burned
  "burnAddresses": [
    "0x000000000000000000000000000000000000dEaD",
    "0x0000000000000000000000000000000000000000"
  ],
  "note":            "Read live from chain. No scheduled burns are fabricated.",
  "contractAddress": "0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed",
  "explorerUrl":     "https://bscscan.com/token/0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed"
}
GET /api/trippycoin/stats Public Full live on-chain snapshot, market fields read live; liquidity is intentionally tiny
Response, 200 OK
json
{
  "contractAddress":   "0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed",
  "deployer":          "0x2e4893156851fa768f363be8f1e3f98e32b818ce",
  "chain":             { "id": 56, "name": "BNB Smart Chain" },
  "explorerUrl":       "https://bscscan.com/token/0x6a887093a6ce5aabd464ba46b3018a1eb17b67ed",
  "name":              "TRIPPYCOIN",
  "symbol":            "TRIPPY",
  "decimals":          18,
  "totalSupply":       1000000,      // fixed, no minting
  "burnedTotal":       0,
  "circulatingSupply": 1000000,
  "deployerBalance":   0,         // entire fixed supply seeded into the pool
  "price":             0.0000210,   // USD, read live from pool reserves (example)
  "priceBnb":          0.00000003, // WBNB per TRIPPY, live
  "marketCap":         21,        // price × totalSupply, live
  "liquidityUsd":      42,        // ≈ 2× the WBNB side, intentionally tiny
  "bnbUsd":            699,       // WBNB/USDT, live
  "poolAddress":       "0xf6c11f656c285a19ccc416b54eccde423ac302bb",
  "holders":           null,         // requires an indexer; not faked
  "marketStatus":      "live",
  "sourceVerified":    false,
  "liveAt":            "2026-05-29T12:00:00.000Z"
}

Community API

The Community API powers the APxAI leaderboard, creator showcase, and real-time activity feed. All endpoints are public, no authentication required.

Method Endpoint Description
GET /api/community/stats Global community metrics, members, active builders, published agents
GET /api/community/leaderboard Top point earners with optional vertical filter and caller rank
GET /api/community/creators Top agent creators ranked by runs and points earned
GET /api/community/activity Last 20 real-time community activity events
GET /api/community/members Paginated member list with points balance, vertical, and streak
GET /api/community/stats Public Global community metrics
Response, 200 OK
json
{
  "ok":                  true,
  "populated":           false,
  "members":             0,
  "activeBuilders":      0,
  "publishedAgents":     0,
  "weeklyActiveMembers": 0,
  "note":                "Pre-launch: real community metrics appear here as members join."
}
GET /api/community/leaderboard Public Top point earners + caller rank

Query params: limit (1–50, default 25) and vertical, one of FORGE, FLOW, HELIX, or NEXUS. If authenticated, the response includes userRank.

Response, 200 OK
json
{
  "ok":          true,
  "populated":   false,
  "leaderboard": [],      // fills in as members earn rank
  "userRank":    null,    // caller's real rank once they have activity
  "note":        "No leaderboard activity yet."
}
GET /api/community/creators Public Top agent creators by points earned
Response, 200 OK
json
{
  "ok":       true,
  "populated": false,
  "creators": [],     // fills in as creators publish agents
  "note":      "No creators have published agents yet."
}
GET /api/community/activity Public Last 20 community events

Returns the 20 most recent community activity events in reverse chronological order. Events include agent runs, new member joins, points awards, and leaderboard changes.

Response, 200 OK
json
{
  "ok":        true,
  "populated": false,
  "activity":  [],     // fills in as real events occur
  "note":      "No community activity yet."
}
GET /api/community/members Public Paginated member list

Query params: limit (default 20, max 100) and offset (default 0) for pagination.

Response, 200 OK
json
{
  "ok":        true,
  "populated": false,
  "total":     0,
  "members":   [],     // fills in as members join
  "pagination": { "limit": 20, "offset": 0, "hasMore": false, "nextOffset": null }
}

Error Codes

All errors return a consistent JSON shape with "ok": false, an "error" string, and an optional "details" field.

Status Error Description
400 Bad Request Missing or malformed request body field. Check the details array for which field failed validation.
401 Unauthorized Missing or invalid Authorization header. Ensure your API key or JWT is correct and has not expired.
403 Forbidden Valid credentials but insufficient permissions, for example, accessing an Enterprise-only endpoint on a Free plan.
429 Rate Limited Too many requests for your tier. Inspect the Retry-After header and back off for that many seconds.
500 Internal Error Unexpected server error. The request was received but processing failed. Retry with exponential backoff.
503 Service Unavailable A downstream dependency (LLM provider, database) is temporarily unreachable. Check /api/status for details.

Error response shape

json
{
  "ok":      false,
  "error":    "Unauthorized",
  "message":  "Invalid or expired API key. Rotate your key from the dashboard.",
  "details":  null
}
400 validation error example
json
{
  "ok":     false,
  "error":   "Bad Request",
  "message": "Validation failed",
  "details": [
    { "field": "task", "message": "Required string, received undefined" }
  ]
}

Examples

Three real, keyless patterns, every one hits a live public endpoint on api.apxai.co. Copy, run, get real JSON back. No package to install, no key to obtain, no charge.

1. Diagnose a deploy failure with Deploy Doctor

Paste a build/deploy log and get back matching recipes from ~180 local-first fixes. Free, keyless, live today.

typescript
// Public, no API key required
const res = await fetch('https://api.apxai.co/api/deploy-doctor/diagnose', {
  method:  'POST',
  headers: { 'Content-Type': 'application/json' },
  body:    JSON.stringify({
    log: 'Railway deploy fails at build: Cannot find module @prisma/client',
  }),
})

const { ok, matchCount, matches } = await res.json()
console.log(ok, matchCount)            // true 5
console.log(matches[0].recipe.title)  // e.g. "Run prisma generate before build"
matches[0].recipe.fix.forEach((step, i) => console.log(`${i + 1}. ${step}`))

2. Read the live TRIPPYCOIN price

Reads straight from the on-chain PancakeSwap V2 pool. The price is always live or honestly null, never fabricated. (TRIPPY is brand glue, a fixed-supply BEP-20, not an investment.)

typescript
// Public, no API key required
const res = await fetch('https://api.apxai.co/api/trippycoin/price')
const { symbol, price, marketStatus } = await res.json()

if (price === null) {
  console.log('Price unavailable right now, never faked.')
} else {
  console.log(`${symbol}: $${price} (${marketStatus})`)  // TRIPPY: $0.0000173 (live)
}

3. Check the Jr-army coordination ledger

The internal AP+xAI Jr-army writes to a hash-linked coordination ledger. Read its current state (read-only), or subscribe to /api/coordination/stream for live SSE updates.

typescript
// Public, read-only, current ledger snapshot
const res = await fetch('https://api.apxai.co/api/coordination')
const state = await res.json()
console.log(state)

// Live updates over Server-Sent Events
const es = new EventSource('https://api.apxai.co/api/coordination/stream')
es.onmessage = (e) => console.log('ledger event:', e.data)