API Overview
The Altyaa API enables advanced teams to automate workflows, build custom dashboards, and integrate the platform with existing systems. This overview outlines core concepts, available resources, and how requests are authenticated.
Architecture Highlights
- Supabase Backend: Data is stored in a multi-tenant Postgres database with Row Level Security tied to workspace IDs.
- REST + Webhooks: Use REST endpoints for on-demand reads/writes and webhooks to receive real-time updates.
- Rate Limiting: Requests are throttled per workspace to protect shared infrastructure (see Rate Limits & Quotas).
- Versioning: The API uses URL-based versioning (
/api/v1/...). Non-breaking enhancements are added regularly; breaking changes follow a 90-day deprecation window.
Base URL
https://api.altyaa.com/api/v1
All endpoints require HTTPS. Requests over HTTP are rejected.
Resource Summary
| Resource | Description | Common Use Cases |
|---|---|---|
/workspaces | Retrieve workspace details, plan limits, and billing status. | Sync workspace metadata with your CRM. |
/members | Manage workspace members and permissions. | Automate member provisioning when employees join or leave. |
/social-accounts | List connected social profiles and token status. | Monitor OAuth health or build custom reports. |
/posts | Create, update, schedule, or cancel posts. | Build bespoke workflows or integrate with CMS systems. |
/media | Upload, tag, and retrieve media assets. | Sync brand asset libraries with DAM systems. |
/analytics | Fetch aggregated metrics and saved view data. | Power external dashboards or BI tools. |
/reviews | Retrieve Google Business reviews and response history. | Integrate with ticketing or reputation platforms. |
/webhooks | Configure webhook subscriptions. | Receive real-time notifications about scheduled posts, reviews, or token changes. |
Environments
- Production:
https://api.altyaa.com/api/v1— live data, governed by production rate limits. - Sandbox:
https://sandbox.api.altyaa.com/api/v1— seeded with sample data; no billing impact. Great for QA and developer onboarding.
Authentication Modes
- Server-to-Server: Recommended for backend integrations using workspace-level API keys. Covered in Authentication & OAuth.
- User Delegated: Use OAuth authorization code flow when acting on behalf of individual users.
Error Handling
Errors follow a consistent shape:
{
"error": {
"code": "invalid_request",
"message": "Detailed explanation",
"details": {
"field": "publishAt",
"reason": "must be a future timestamp"
}
}
}
Refer to Error Codes & Troubleshooting for more detail.
SDKs and Tooling
- TypeScript SDK:
@altyaa/sdk(ships with typed clients and helper utilities). - Postman Collection: Download from the Developer Portal to explore endpoints quickly.
- CLI:
pnpm dlx altyaa-cli auth loginto manage API keys, run smoke tests, and trigger exports.
Next Steps
- Generate API keys and review token lifecycle in Authentication & OAuth.
- Subscribe to near-real-time updates via Webhooks & Events.
- Understand scheduling internals in Scheduling & Data Model.