Manage Runscope programmatically.

ScrapeWebsiteEmail is a service that exposes an api to fetch e-mails from a website.

## Introduction The Shorten.rest API allows you to programmatically create short URLs (an 'alias') for longer URL (a 'destination'). Each alias you create can be used to redirect the end user (person clicking on the link) to one or more destination URLs A default destination is always set and specific destinations can be set to redirect the end user to preferred destinations based on the user's geographical location (country) and device Operating System. In order to use the Shorten.Rest URL Shortening API you can choose to bind your own branded domain, sub-domain or to use our default domain - Short.FYI ### Destination Matching When creating or editing a short URL ('alias') you can choose to specify a destination for each country and OS ([Supported OSes list](#tag/OperatingSystems)) combination. When a user clicks on the short link, Shorten.rest will examine the end user's country (determined by User's IP) and OS (User agent) and match the most suitable destination for each user. (*) If no destination is set for a specific request combination Shorten.rest will use the default destination that exists within each short URL (**) BRANDED DOMAINS: If the requested alias does not exist in our database - Shorten.rest will redirect the user to the default fallback you set within your dashboard under the ‘Alias Not Found Page Url’ value for a custom domain. (***) Operating System (OS) destinations are stronger than a country destination! For example - if you have a custom landing page that is targeting people in the USA and a second landing page that is hyper focused for people who use iOS devices - a person clicking on your link in the USA that is on an iPhone will be redirected to the iOS landing page, while all other devices will be redirected to the USA landing page. | OS | Country | Destination | | :------------: |:---------------:| -----| | iOS | | YourDestination.com/ios | | | US | YourDestination.com/usa | Shorten.rest will choose the YourDestination.com/ios url as the most suitable destination. ### Branded Domain Attributes When setting up your custom domain you can include optional metatags and snippets ([Supported snippets list](#tag/Snippets)). These parameters (such as retargeting, tracking and conversion pixels) are populated and fired on click - at the time of the redirect. By default the parameters you set in the domain setting will be included in all Short URLs associated with that domain. You can always override the domain defaults for each URL by passing the appropriate variables when creating or updating a short URL ### Setting a Custom string for an Alias (short.fyi/alias) While creating a short URL you can specify which domain to use. You can choose to use your own branded domain or our default domain - Short.fyi. Each Alias is unique within a domain they are related to. This means that if multiple accounts use you the same domain (for example short.fyi), if an alias is already taken you may not create a new destination for it. That said - If you would like to use a specific alias which is already taken - the only way to do so is to create it on a new domain you own and have attached to your Shorten.rest account. ### Random Aliases By default - unless you specify a vanity URI for your alias each URL that is shortened on our platform will have a random string generated by the API. This means that if the 'alias' attribute of a /aliases POST request is not provided, or is an empty string, a random string of seven characters will be generated and returned as part of the POST response. You can also place the @**rnd** macro within the alias field when you create a new alias, for example /vanity/@rnd, which might return an alias like /vanity/ZMAefRt, or /vanity@rnd, which might produce something like /vanityMRtvxadf. Only the first @rnd in an alias attribute will be replaced. ### NOTES ( * ) All methods of the Shorten.REST API require that your API key be provided in **x-api-key** header. (**) All API parameters are case sensitive

A plugin that allows users to interact with Slack using ChatGPT

The Snyk API is available to customers on [Business and Enterprise plans](https://snyk.io/plans) and allows you to programatically integrate with Snyk. ## REST API We are in the process of building a new, improved API (`https://api.snyk.io/rest`) built using the OpenAPI and JSON API standards. We welcome you to try it out as we shape and release endpoints until it, ultimately, becomes a full replacement for our current API. Looking for our REST API docs? Please head over to [https://apidocs.snyk.io](https://apidocs.snyk.io) ## API vs CLI vs Snyk integration The API detailed below has the ability to test a package for issues, as they are defined by Snyk. It is important to note that for many package managers, using this API will be less accurate than running the [Snyk CLI](https://snyk.io/docs/using-snyk) as part of your build pipe, or just using it locally on your package. The reason for this is that more than one package version fit the requirements given in manifest files. Running the CLI locally tests the actual deployed code, and has an accurate snapshot of the dependency versions in use, while the API can only infer it, with inferior accuracy. It should be noted that the Snyk CLI has the ability to output machine-readable JSON output (with the `--json` flag to `snyk test`). A third option, is to allow Snyk access to your development flow via the existing [Snyk integrations](https://snyk.io/docs/). The advantage to this approach is having Snyk monitor every new pull request, and suggest fixes by opening new pull requests. This can be achieved either by integrating Snyk directly to your source code management (SCM) tool, or via a broker to allow greater security and auditability. If those are not viable options, this API is your best choice. ## API url The base URL for all API endpoints is https://api.snyk.io/api/v1/ ## Authorization To use this API, you must get your token from Snyk. It can be seen on https://snyk.io/account/ after you register with Snyk and login. The token should be supplied in an `Authorization` header with the token, preceded by `token`: ```http Authorization: token API_KEY ``` Otherwise, a 401 "Unauthorized" response will be returned. ```http HTTP/1.1 401 Unauthorized { "code": 401, "error": "Not authorised", "message": "Not authorised" } ``` ## Overview and entities The API is a REST API. It has the following entities: ### Test result The test result is the object returned from the API giving the results of testing a package for issues. It has the following fields: | Property | Type | Description | Example | |----------------:|---------|-------------------------------------------------------|-----------------------------------------------------------------| | ok | boolean | Does this package have one or more issues? | false | | issues | object | The issues found. See below for details. | See below | | dependencyCount | number | The number of dependencies the package has. | 9 | | org | object | The organization this test was carried out for. | {"name": "anOrg", "id": "5d7013d9-2a57-4c89-993c-0304d960193c"} | | licensesPolicy | object | The organization's licenses policy used for this test | See in the examples | | packageManager | string | The package manager for this package | "maven" | | | | | | ### Issue An issue is either a vulnerability or a license issue, according to the organization's policy. It has the following fields: | Property | Type | Description | Example | |---------------:|---------------|----------------------------------------------------------------------------------------------------------------------------|----------------------------------------| | id | string | The issue ID | "SNYK-JS-BACKBONE-10054" | | url | string | A link to the issue details on snyk.io | "https://snyk.io/vuln/SNYK-JS-BACKBONE-10054 | | title | string | The issue title | "Cross Site Scripting" | | type | string | The issue type: "license" or "vulnerability". | "license" | | paths | array | The paths to the dependencies which have an issue, and their corresponding upgrade path (if an upgrade is available). [More information about from and upgrade paths](#introduction/overview-and-entities/from-and-upgrade-paths) | [
  {
    "from": ["a@1.0.0", "b@4.8.1"],
    "upgrade": [false, "b@4.8.2"]
  }
] | | package | string | The package identifier according to its package manager | "backbone", "org.apache.flex.blazeds:blazeds"| | version | string | The package version this issue is applicable to. | "0.4.0" | | severity | string | The Snyk defined severity level: "critical", "high", "medium" or "low". | "high" | | language | string | The package's programming language | "js" | | packageManager | string | The package manager | "npm" | | semver | array[string] OR map[string]array[string] | One or more [semver](https://semver.org) ranges this issue is applicable to. The format varies according to package manager. | ["<0.5.0, >=0.4.0", "<0.3.8, >=0.3.6"] OR { "vulnerable": ["[2.0.0, 3.0.0)"], "unaffected": ["[1, 2)", "[3, )"] } | ### Vulnerability A vulnerability in a package. In addition to all the fields present in an issue, a vulnerability also has these fields: Property | Type | Description | Example | ----------------:|---------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------| publicationTime | Date | The vulnerability publication time | "2016-02-11T07:16:18.857Z" | disclosureTime | Date | The time this vulnerability was originally disclosed to the package maintainers | "2016-02-11T07:16:18.857Z" | isUpgradable | boolean | Is this vulnerability fixable by upgrading a dependency? | true | description | string | The detailed description of the vulnerability, why and how it is exploitable. Provided in markdown format. | "## Overview\n[`org.apache.logging.log4j:log4j-core`](http://search.maven.org/#search%7Cga%7C1%7Ca%3A%22log4j-core%22)\nIn Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.\n\n# Details\nSerialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse process of creating object from sequence of bytes is called deserialization. Serialization is commonly used for communication (sharing objects between multiple hosts) and persistence (store the object state in a file or a database). It is an integral part of popular protocols like _Remote Method Invocation (RMI)_, _Java Management Extension (JMX)_, _Java Messaging System (JMS)_, _Action Message Format (AMF)_, _Java Server Faces (JSF) ViewState_, etc.\n\n_Deserialization of untrusted data_ ([CWE-502](https://cwe.mitre.org/data/definitions/502.html)), is when the application deserializes untrusted data without sufficiently verifying that the resulting data will be valid, letting the attacker to control the state or the flow of the execution. \n\nJava deserialization issues have been known for years. However, interest in the issue intensified greatly in 2015, when classes that could be abused to achieve remote code execution were found in a [popular library (Apache Commons Collection)](https://snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078). These classes were used in zero-days affecting IBM WebSphere, Oracle WebLogic and many other products.\n\nAn attacker just needs to identify a piece of software that has both a vulnerable class on its path, and performs deserialization on untrusted data. Then all they need to do is send the payload into the deserializer, getting the command executed.\n\n> Developers put too much trust in Java Object Serialization. Some even de-serialize objects pre-authentication. When deserializing an Object in Java you typically cast it to an expected type, and therefore Java's strict type system will ensure you only get valid object trees. Unfortunately, by the time the type checking happens, platform code has already created and executed significant logic. So, before the final type is checked a lot of code is executed from the readObject() methods of various objects, all of which is out of the developer's control. By combining the readObject() methods of various classes which are available on the classpath of the vulnerable application an attacker can execute functions (including calling Runtime.exec() to execute local OS commands).\n- Apache Blog\n\n\n## References\n- [NVD](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5645)\n- [jira issue](https://issues.apache.org/jira/browse/LOG4J2-1863)\n" | isPatchable | boolean | Is this vulnerability fixable by using a Snyk supplied patch? | true | isPinnable | boolean | Is this vulnerability fixable by pinning a transitive dependency | true | identifiers | object | Additional vulnerability identifiers | {"CWE": [], "CVE": ["CVE-2016-2402]} | credit | string | The reporter of the vulnerability | "Snyk Security Team" | CVSSv3 | string | Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability, and produce a numerical score reflecting its severity, as well as a textual representation of that score. | "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" | cvssScore | number | CVSS Score | 5.3 | patches | array | Patches to fix this issue, by snyk | see "Patch" below. | upgradePath | object | The path to upgrade this issue, if applicable | see below | isPatched | boolean | Is this vulnerability patched? | false | exploitMaturity | string | The snyk exploit maturity level #### Patch A patch is an object like this one: ```json { "urls": [ "https://snyk-patches.s3.amazonaws.com/npm/backbone/20110701/backbone_20110701_0_0_0cdc525961d3fa98e810ffae6bcc8e3838e36d93.patch" ], "version": "<0.5.0 >=0.3.3", "modificationTime": "2015-11-06T02:09:36.180Z", "comments": [ "https://github.com/jashkenas/backbone/commit/0cdc525961d3fa98e810ffae6bcc8e3838e36d93.patch" ], "id": "patch:npm:backbone:20110701:0" } ``` ### From and upgrade paths Both from and upgrade paths are arrays, where each item within the array is a package `name@version`. Take the following `from` path: ``` [ "my-project@1.0.0", "actionpack@4.2.5", "rack@1.6.4" ] ``` Assuming this was returned as a result of a test, then we know: - The package that was tested was `my-project@1.0.0` - The dependency with an issue was included in the tested package via the direct dependency `actionpack@4.2.5` - The dependency with an issue was [rack@1.6.4](https://snyk.io/vuln/rubygems:rack@1.6.4) Take the following `upgrade` path: ``` [ false, "actionpack@5.0.0", "rack@2.0.1" ] ``` Assuming this was returned as a result of a test, then we know: - The package that was tested is not upgradable (`false`) - The direct dependency `actionpack` should be upgraded to at least version `5.0.0` in order to fix the issue - Upgrading `actionpack` to version `5.0.0` will cause `rack` to be installed at version `2.0.1` If the `upgrade` path comes back as an empty array (`[]`) then this means that there is no upgrade path available which would fix the issue. ### License issue A license issue has no additional fields other than the ones in "Issue". ### Snyk organization The organization in Snyk this request is applicable to. The organization determines the access rights, licenses policy and is the unit of billing for private projects. A Snyk organization has these fields: Property | Type | Description | Example | -----------:| ------ | ----------------------------- | -------------------------------------- | name | string | The organization display name | "deelmaker" | id | string | The ID of the organization | "3ab0f8d3-b17d-4953-ab6d-e1cbfe1df385" | ## Errors This is a beta release of this API. Therefore, despite our efforts, errors might occur. In the unlikely event of such an error, it will have the following structure as JSON in the body: Property | Type | Description | Example | -----------:| ------ | ----------------------------- | -------------------------------------- | message | string | Error message with reference | Error calling Snyk api (reference: 39db46b1-ad57-47e6-a87d-e34f6968030b) | errorRef | V4 uuid | An error ref to contact Snyk with | 39db46b1-ad57-47e6-a87d-e34f6968030b | The error reference will also be supplied in the `x-error-reference` header in the server reply. Example response: ```http HTTP/1.1 500 Internal Server Error x-error-reference: a45ec9c1-065b-4f7b-baf8-dbd1552ffc9f Content-Type: application/json; charset=utf-8 Content-Length: 1848 Vary: Accept-Encoding Date: Sun, 10 Sep 2017 06:48:40 GMT ``` ## Rate Limiting To ensure resilience against increasing request rates, we are starting to introduce rate-limiting. We are monitoring the rate-limiting system to ensure minimal impact on users while ensuring system stability. Current limit is up to 2000 requests per minute, per user. This limit is above industry standards, and is subject to change. As such, we recommend calls to the API are throttled regardless of the current limit. All requests above the limit will get a response with status code `429` - `Too many requests` until requests stop for the duration of the rate-limiting interval (currently a minute). ## Consuming Webhooks Webhooks are delivered with a `Content-Type` of `application/json`, with the event payload as JSON in the request body. We also send the following headers: - `X-Snyk-Event` - the name of the event - `X-Snyk-Transport-ID` - a GUID to identify this delivery - `X-Snyk-Timestamp` - an ISO 8601 timestamp for when the event occurred, for example: `2020-09-25T15:27:53Z` - `X-Hub-Signature` - the HMAC hex digest of the request body, used to secure your webhooks and ensure the request did indeed come from Snyk - `User-Agent` - identifies the origin of the request, for example: `Snyk-Webhooks/XXX` --- After your server is configured to receive payloads, it listens for any payload sent to the endpoint you configured. For security reasons, you should limit requests to those coming from Snyk. ### Validating payloads All transports sent to your webhooks have a `X-Hub-Signature` header, which contains the hash signature for the transport. The signature is a HMAC hexdigest of the request body, generated using sha256 and your `secret` as the HMAC key. You could use a function in Node.JS such as the following to validate these signatures on incoming requests from Snyk: ```javascript import * as crypto from 'crypto'; function verifySignature(request, secret) { const hmac = crypto.createHmac('sha256', secret); const buffer = JSON.stringify(request.body); hmac.update(buffer, 'utf8'); const signature = `sha256=${hmac.digest('hex')}`; return signature === request.headers['x-hub-signature']; } ``` ### Payload versioning Payloads may evolve over time, and so are versioned. Payload versions are supplied as a suffix to the `X-Snyk-Event` header. For example, `project_snapshot/v0` indicates that the payload is `v0` of the `project_snapshot` event. Version numbers only increment when a breaking change is made; for example, removing a field that used to exist, or changing the name of a field. Version numbers do not increment when making an additive change, such as adding a new field that never existed before. **Note:** During the BETA phase, the structure of webhook payloads may change at any time, so we recommend you check the payload version. ### Event types While consuming a webhook event, `X-Snyk-Event` header must be checked, as an end-point may receive multiple event types. #### ping The ping event happens after a new webhook is created, and can also be manually triggered using the ping webhook API. This is useful to test that your webhook receives data from Snyk correctly. The `ping` event makes the following request: ```jsx POST /webhook-handler/snyk123 HTTP/1.1 Host: my.app.com X-Snyk-Event: ping/v0 X-Snyk-Transport-ID: 998fe884-18a0-45db-8ae0-e379eea3bc0a X-Snyk-Timestamp: 2020-09-25T15:27:53Z X-Hub-Signature: sha256=7d38cdd689735b008b3c702edd92eea23791c5f6 User-Agent: Snyk-Webhooks/044aadd Content-Type: application/json { "webhookId": "d3cf26b3-2d77-497b-bce2-23b33cc15362" } ``` #### project_snapshot This event is triggered every time an existing project is tested and a new snapshot is created. It is triggered on every test of a project, whether or not there are new issues. This event is not triggered when a new project is created or imported. Currently supported targets/scan types are Open Source and container. ```jsx POST /webhook-handler/snyk123 HTTP/1.1 Host: my.app.com X-Snyk-Event: project_snapshot/v0 X-Snyk-Transport-ID: 998fe884-18a0-45db-8ae0-e379eea3bc0a X-Snyk-Timestamp: 2020-09-25T15:27:53Z X-Hub-Signature: sha256=7d38cdd689735b008b3c702edd92eea23791c5f6 User-Agent: Snyk-Webhooks/044aadd Content-Type: application/json { "project": { ... }, // project object matching API responses "org": { ... }, // organization object matching API responses "group": { ... }, // group object matching API responses "newIssues": [], // array of issues object matching API responses "removedIssues": [], // array of issues object matching API responses } ``` #### Detailed example of a payload ##### project see: [https://snyk.docs.apiary.io/#reference/projects](https://snyk.docs.apiary.io/#reference/projects) ```tsx "project": { "name": "snyk/goof", "id": "af137b96-6966-46c1-826b-2e79ac49bbd9", "created": "2018-10-29T09:50:54.014Z", "origin": "github", "type": "maven", "readOnly": false, "testFrequency": "daily", "totalDependencies": 42, "issueCountsBySeverity": { "low": 13, "medium": 8, "high": 4, "critical": 5 }, "imageId": "sha256:caf27325b298a6730837023a8a342699c8b7b388b8d878966b064a1320043019", "imageTag": "latest", "imageBaseImage": "alpine:3", "imagePlatform": "linux/arm64", "imageCluster": "Production", "hostname": null, "remoteRepoUrl": "https://github.com/snyk/goof.git", "lastTestedDate": "2019-02-05T08:54:07.704Z", "browseUrl": "https://app.snyk.io/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/af137b96-6966-46c1-826b-2e79ac49bbd9", "importingUser": { "id": "e713cf94-bb02-4ea0-89d9-613cce0caed2", "name": "example-user@snyk.io", "username": "exampleUser", "email": "example-user@snyk.io" }, "isMonitored": false, "branch": null, "targetReference": null, "tags": [ { "key": "example-tag-key", "value": "example-tag-value" } ], "attributes": { "criticality": [ "high" ], "environment": [ "backend" ], "lifecycle": [ "development" ] }, "remediation": { "upgrade": {}, "patch": {}, "pin": {} } } ``` ##### org see: [https://snyk.docs.apiary.io/#reference/organizations](https://snyk.docs.apiary.io/#reference/organizations) ```tsx "org": { "name": "My Org", "id": "a04d9cbd-ae6e-44af-b573-0556b0ad4bd2", "slug": "my-org", "url": "https://api.snyk.io/org/my-org", "created": "2020-11-18T10:39:00.983Z" } ``` ##### group see: [https://snyk.docs.apiary.io/#reference/groups](https://snyk.docs.apiary.io/#reference/groups) ```tsx "group": { "name": "ACME Inc.", "id": "a060a49f-636e-480f-9e14-38e773b2a97f" } ``` ##### issue see: https://snyk.docs.apiary.io/#reference/users/user-organization-notification-settings/list-all-aggregated-issues ```tsx { "id": "npm:ms:20170412", "issueType": "vuln", "pkgName": "ms", "pkgVersions": [ "1.0.0" ], "issueData": { "id": "npm:ms:20170412", "title": "Regular Expression Denial of Service (ReDoS)", "severity": "low", "url": "https://snyk.io/vuln/npm:ms:20170412", "description": "Lorem ipsum", "identifiers": { "CVE": [], "CWE": [ "CWE-400" ], "ALTERNATIVE": [ "SNYK-JS-MS-10509" ] }, "credit": [ "Snyk Security Research Team" ], "exploitMaturity": "no-known-exploit", "semver": { "vulnerable": [ ">=0.7.1 <2.0.0" ] }, "publicationTime": "2017-05-15T06:02:45Z", "disclosureTime": "2017-04-11T21:00:00Z", "CVSSv3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "cvssScore": 3.7, "language": "js", "patches": [ { "id": "patch:npm:ms:20170412:2", "urls": [ "https://snyk-patches.s3.amazonaws.com/npm/ms/20170412/ms_071.patch" ], "version": "=0.7.1", "comments": [], "modificationTime": "2019-12-03T11:40:45.866206Z" } ], "nearestFixedInVersion": "2.0.0" }, "isPatched": false, "isIgnored": false, "fixInfo": { "isUpgradable": false, "isPinnable": false, "isPatchable": true, "nearestFixedInVersion": "2.0.0" }, "priority": { "score": 399, "factors": [ { "name": "isFixable", "description": "Has a fix available" }, { "name": "cvssScore", "description": "CVSS 3.7" } ] } } ```

Stack Exchange is a network of 130+ Q&A communities including Stack Overflow.

This is an online swagger codegen server. You can find out more at https://github.com/swagger-api/swagger-codegen or on [irc.freenode.net, #swagger](http://swagger.io/irc/).

# Overview Use SwaggerHub Registry API to access, manage, and update the following resources in SwaggerHub, bypassing the web interface: * APIs * Domains * Integrations * Projects * Templates SwaggerHub also provides the [User Management API](https://app.swaggerhub.com/apis-docs/swagger-hub/user-management-api/) to get information about organizations and manage organization members. # Base URL Use the following base URL for SwaggerHub SaaS: http(s)://api.swaggerhub.com **Note:** This documentation is for SwaggerHub SaaS. On-Premise customers should use the bundled API definition, which can be found at the URLs provided below. Version 1.29.0 or later: http(s)://SERVER/v1/openapi.yaml - YAML version http(s)://SERVER/v1/openapi.json - JSON version Earlier versions: http(s)://SERVER/v1/swagger.yaml - YAML version http(s)://SERVER/v1/swagger.json - JSON version # Authentication Operations that update data or access private data require authentication using an API key. You can find your personal API key on the [API Keys](https://app.swaggerhub.com/settings/apiKey) page in your account settings. Send this key in the `Authorization` header when making requests to the Registry API: Authorization: YOUR_API_KEY To test API calls from this documentation page, click the **Authorize** button below and paste your API key there. **Important:** Keep the API key secure and do not store it directly in your code. # Tools In addition to calling the Registry API directly, you can use the following tools to interact with the API from the command line or CI/CD pipeline: * [SwaggerHub CLI](https://www.npmjs.com/package/swaggerhub-cli) * [Maven plugin](https://github.com/swagger-api/swaggerhub-maven-plugin) * [Gradle plugin](https://github.com/swagger-api/swaggerhub-gradle-plugin)

Paste a Long URL link to shorten it

A plugin that allows the user to capture screenshots of a web page from a URL or HTML using ChatGPT.

This API allows you to interact with the VictorOps platform in various ways. Your account may be limited to a total number of API calls per month. Also, some of these API calls have rate limits. NOTE: In this documentation when creating a sample curl request (clicking the TRY IT OUT! button), in some API viewing interfaces, the '@' in an email address may be encoded. Please note that the REST endpoints will not process the encoded version. Make sure that the encoded character '%40' is changed to its unencoded form before submitting the curl request.

Public APIs for managing VS Codespaces

vRealize Network Insight API Reference

Welcome to the Voodoo Manufacturing API docs! Your Voodoo Manufacturing API key must be included with each request to the API. The API will look for the key in the "api_key" header of the request. You can request a key here. This API provides a programmatic interface for submitting printing orders to Voodoo Manufacturing. The general process for creating an order is as follows: - Get a list of the available materials with the /materials endpoint - Upload models to the API with the /models endpoint - Get quotes for shipping methods with the /order/shipping endpoint - Get a quote for an order with the /order/create endpoint - Confirm the order with the /order/confirm endpoint Uploaded models and orders can be retrieved either in bulk or by id at the /model and /order endpoints, respectively. In some cases, you may wish to get a quote for a specific model without the context of an order. In this case, you may use the /model/quote (if you've already uploaded the model to the API) or the /model/quote_attrs (lets you quote based on calculated model attributes) endpoints.

A client for https://webscraping.ai API. It provides a web scaping automation API with Chrome JS rendering, rotating proxies and builtin HTML parsing.

Discover the hosting provider for any web site

This API provides XML to JSON, JSON to XML transformations.

## Hi, there! Welcome to the **Zapier Natural Language Actions API docs**. You are currently viewing the **root** API. The endpoints of this **root** API are static and useful for reference. To see the live playground with dynamic API endpoints that match up to your own **actions**, [log in first](/login/zapier/), then go here: **[NLA Dynamic API](/api/v1/dynamic/docs).** ## Overview Zapier is an integration platform with over 5,000+ apps and 50,000+ actions. You can view the [full list here](https://zapier.com/apps). Zapier is used by millions of users, most of whom are non-technical builders -- but often savvy with software. Zapier offers several no code products to connect together the various apps on our platform. NLA exposes the same integrations Zapier uses to build our products, to you, to plug-in the capabilties of Zapier's platform into your own products. For example, you can use the NLA API to: * Send messages in [Slack](https://zapier.com/apps/slack/integrations) * Add a row to a [Google Sheet](https://zapier.com/apps/google-sheets/integrations) * Draft a new email in [Gmail](https://zapier.com/apps/gmail/integrations) * ... and thousands more, with one universal natural language API The typical use-case for NLA is to expose our ecosystem of thousands of apps/actions within your own product. NLA is optimized for products that receive user input in natural language (eg. chat, assistant, or other large language model based experience) -- that said, it can also be used to power _any_ product that needs integrations. In this case, think of NLA as a more friendly, human API. NLA contains a decade of experience with API shenanigans, so you don't have to. Common API complexity, automatically handled: * **Every type of auth** (Basic, Session, API Key, OAuth v1, Oauth v2, Digest, ...), Zapier securely handles and signs requests for you * **Support for create, update, and search actions**, endpoints optimized for natural language usage * **Support for custom fields**, Spreadsheet, CRM, and Mailing List friendly! * **Reference by name, not ID**, humans use natural language names, not IDs, to reference things in their apps, so NLA does too * **Smart, human defaults**, APIs sometimes have 100 options. Zapier's platform data helps us make NLA simpler for users out of the box #### Two Usage Modes NLA handles all the underlying API auth and translation from natural language --> underlying API call --> return simplified output. The key idea is you (the developer), or your users, expose a set of actions via an oauth-like setup window, which you can then query and execute via a REST API. NLA offers both API Key and OAuth for signing NLA API requests. 1. **Server-side only** (API Key): for quickly getting started, testing, and production scenarios where your app will only use actions exposed in the developer's Zapier account (and will use the developer's connected accounts on Zapier.com) 2. **User-facing** (Oauth): for production scenarios where you are deploying an end-user facing application and your app needs access to end-user's exposed actions and connected accounts on Zapier.com #### Why Natural Language? Simply, it makes the API easier to use for both developers and users (and also for [large language models](https://en.wikipedia.org/wiki/Wikipedia:Large_language_models)!) We designed NLA to expose the power of Zapier's platform without passing along the complexity. A few design choices: * There is a [user-facing component](https://cdn.zappy.app/83728f684b91c0afe7d435445fe4ac90.png) to NLA, exposed via a popup window, users set up and enable basic actions which "expose" them to you, the `provider`. * The default action setup for users is minimal and fast. [All required fields are guessed](https://cdn.zappy.app/20afede9be56bf4e30d31986bc5325f8.png). This guessing is accomplished using an lanuage model on the NLA side. * Users can [choose to override any guessed field](https://cdn.zappy.app/e07f6eabfe7512e9decf01cba0c9e847.png) with a fixed value or choice, increasing trust to use the natural language interface. * Custom fields (ex. spreadsheet columns) can also be [dynamically guessed at action run time](https://cdn.zappy.app/9061499b4b973200fc345f695b33e3c7.png), or fixed by the user. Using the API is then simple: ``` curl -v \ -d '{"instructions": "Add Bryan Helmig at Zapier to my NLA test sheet, oh and he loves guitars!"}' \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ 'https://nla.zapier.com/api/v1/dynamic/exposed//execute/' ``` Or mix in some fixed values: ``` curl -v \ -d '{"instructions": "Send a short poem about automation to slack", "channel": "#fun-zapier"}' \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ 'https://nla.zapier.com/api/v1/dynamic/exposed//execute/' ``` ## Auth #### For Quickly Exploring It's best to take advantage of session auth built into the OpenAPI docs. 1. [Log in](/login/zapier/) 2. [Create and enable an action](/demo/) using our `demo` provider then all your enabled ("exposed") actions will be available at the bottom of the the **[dynamic API](/api/v1/dynamic/docs)**. #### For Testing or Production (Server-side only mode) For development purposes, or using NLA in a server-side only use case, you can get started quickly using the provider `dev`. You can generate an `API key` using this provider and make authenticated requests. Please follow these steps: 1. Go to the [Dev App provider](/dev/provider/debug/) debug page. 2. Look for "User" -> "Information" -> "API Key". If a key does not exist, follow the instructions to generate one. 3. Use this key in the header `x-api-key` to make authenticated requests. Test that the API key is working: ``` curl -v \ -H "Content-Type: application/json" \ -H "x-api-key: " \ 'https://nla.zapier.com/api/v1/check/' ``` #### For Production (User-facing mode) The API is authenticated via [standard OAuth v2](https://oauth.net/2/). Submit [this form](https://share.hsforms.com/1DWkLQ7SpSZCuZbTxcBB98gck10t) to get access and receive a `cliend_id`, `client_secret`, and your `provider` name (ex. 'acme'). You'll also need to share with us a `redirect_uri` to receive each `code`. This API uses both `access_token` and `refresh_token`. Each of your users will get a per-user access token which you'll use to sign requests. The access token both authenticates and authorizes a request to access or run (execute) a given user's actions. The basic auth flow is: 1. **Send user to our OAuth start URL, ideally in a popup window** ```javascript var url = https://nla.zapier.com/oauth/authorize/? response_type=code& client_id=& redirect_uri=& scope=nla%3Aexposed_actions%3Aexecute var nla = window.open(url, 'nla', 'width=650,height=700'); ``` 2. **User approves request for access** 3. **NLA will redirect user via `GET` to the `redirect_uri` you provided us with a `?code=` in the query string** 4. **Snag the `code` and `POST` it to the NLA token endpoint `https://nla.zapier.com/oauth/token/`** ``` curl -v \ -d '{ \ "code": "", \ "grant_type": "authorization_code", \ "client_id": "", \ "client_secret": "" \ }' \ -H "Content-Type: application/json" \ -X POST 'https://nla.zapier.com/oauth/token/' ``` 5. **Finally, receive `refresh_token` and `access_token` in response** Save the refresh token, you'll need to use it to request a new access tokehn when it expires. Now you can use the `access_token` to make authenticated requests: ``` curl -v -H "Authorization: Bearer " https://nla.zapier.com/api/v1/dynamic/openapi.json ``` 6. **When the `access_token` expires, refresh it** ``` curl -v \ -d '{ \ "refresh_token": "", \ "grant_type": "refresh_token", \ "client_id": "", \ "client_secret": "" \ }' \ -H "Content-Type: application/json" \ -X POST 'https://nla.zapier.com/oauth/token/' ``` ## Action Setup Window Users set up their actions inside a window popup, that looks and feels similar to an OAuth window. The setup URL is the same for all your users: `https://nla.zapier.com//start/` You can check the validity of an access/refresh token by checking against the `api/v1/check/` endpoint to determine if you should present the `oauth/authorize/` or `/start/` url. You'd typically include a button or link somewhere inside your product to open the setup window. ```javascript var nla = window.open('https://nla.zapier.com//start', 'nla', 'width=650,height=700'); ``` _Note: the setup window is optimized for 650px width, 700px height_ ## Using the API #### Understanding the AI guessing flow NLA is optimized for a chat/assistant style usage paradigm where you want to offload as much work to a large language model, as possible. For end users, the action setup flow that takes ~seconds (compared to minutes/hours with traditional, complex integration setup). An action is then run (executed) via an API call with one single natural language parameter `instructions`. In the chat/assistant use case, these instructions are likely being generated by your own large language model. However NLA works just as well even in more traditional software paradigm where `instructions` are perhaps hard-coded into your codebase or supplied by the user directly. Consider the case where you've built a chat product and your end user wants to expose a "Send Slack Message" action to your product. Their action setup [might look like this](https://cdn.zappy.app/d19215e5a2fb3896f6cddf435dfcbe27.png). The user only has to pick Slack and authorize their Slack account. By default, all required fields are set to "Have AI guess". In this example there are two required fields: Channel and Message Text. If a field uses "Have AI guess", two things happen: 1. When the action is run via the API, NLA will interpret passed `instructions` (using a language model) to fill in the values for Channel and Message Text. NLA is smart about fields like Channel -- Slack's API requires a Channel ID, not a plain text Channel name. NLA handles all such cases automatically. 2. The field will be listed as an optional hint parameter in the OpenAPI spec (see "hint parameters" below) which allows you (the developer) to override any `instructions` guessing. Sometimes language models hallucinate or guess wrong. And if this were a particuarly sensitive Slack message, the user may not want to leave the selection of "Channel" up to chance. NLA allows the user [to use a specific, fixed value like this](https://cdn.zappy.app/dc4976635259b4889f8412d231fb3be4.png). Now when the action executes, the Message Text will still be automatically guessed but Channel will be fixed to "#testing". This significantly increases user trust and unlocks use cases where the user may have partial but not full trust in an AI guessing. We call the set of fields the user denoted "Have AI guess" as "hint parameters" -- Message Text above in the above example is one. They are *always* optional. When running actions via the API, you (the developer) can choose to supply none/any/all hint parameters. Any hint parameters provided are treated exactly like "Use a specific value" at the user layer -- as an override. One aside: custom fields. Zapier supports custom fields throughout the platform. The degenerate case is a spreadsheet, where _every_ column is a custom field. This introduces complexity because sheet columns are unknowable at action setup time if the user picks "Have AI guess" for which spreadsheet. NLA handles such custom fields using the same pattern as above with one distinction: they are not listed as hint parameters because they are literally unknowable until run time. Also as you may expect, if the user picks a specific spreadsheet during action setup, custom fields act like regular fields and flow through normally. In the typical chat/assistant product use case, you'll want to expose these hint parameters alongside the exposed action list to your own language model. Your language model is likely to have broader context about the user vs the narrowly constrained `instructions` string passed to the API and will result in a better guess. In summary: ``` [user supplied "Use specific value"] --overrides--> [API call supplied hint parameters] --overrides--> [API call supplied "instructions"] ``` #### Common API use cases There are three common usages: 1. Get a list of the current user's exposed actions 2. Get a list of an action's optional hint parameters 3. Execute an action Let's go through each, assuming you have a valid access token already. ### 1. Get a list of the current user's exposed actions ``` # via the RESTful list endpoint: curl -v -H "Authorization: Bearer " https://nla.zapier.com/api/v1/dynamic/exposed/ # via the dynamic openapi.json schema: curl -v -H "Authorization: Bearer " https://nla.zapier.com/api/v1/dynamic/openapi.json ``` Example of [full list endpoint response here](https://nla.zapier.com/api/v1/dynamic/exposed/), snipped below: ``` { "results": [ { "id": "01GTB1KMX72QTJEXXXXXXXXXX", "description": "Slack: Send Channel Message", ... ``` Example of [full openapi.json response here](https://nla.zapier.com/api/v1/dynamic/openapi.json), snipped below: ``` { ... "paths": { ... "/api/v1/dynamic/exposed/01GTB1KMX72QTJEXXXXXXXXXX/execute/": { "post": { "operationId": "exposed_01GTB1KMX72QTJEXXXXXXXXXX_execute", "summary": "Slack: Send Channel Message (execute)", ... ``` ### 2. Get a list of an action's optional hint parameters As a reminder, hint parameters are _always_ optional. By default, all parameters are filled in via guessing based on a provided `instructions` parameter. If a hint parameter is supplied in an API request along with instructions, the hint parameter will _override_ the guess. ``` # via the RESTful list endpoint: curl -v -H "Authorization: Bearer " https://nla.zapier.com/api/v1/dynamic/exposed/ # via the dynamic openapi.json schema: curl -v -H "Authorization: Bearer " https://nla.zapier.com/api/v1/dynamic/openapi.json ``` Example of [full list endpoint response here](https://nla.zapier.com/api/v1/dynamic/exposed/), snipped below: ``` { "results": [ { "id": "01GTB1KMX72QTJEXXXXXXXXXX", "description": "Slack: Send Channel Message", "input_params": { "instructions": "str", "Message_Text": "str", "Channel": "str", ... ``` Example of [full openapi.json response here](https://nla.zapier.com/api/v1/dynamic/openapi.json), snipped below: ``` { ... "components": { "schemas": { ... "PreviewExecuteRequest_01GTB1KMX72QTJEXXXXXXXXXX": { "title": "PreviewExecuteRequest_01GTB1KMX72QTJEXXXXXXXXXX", "type": "object", "properties": { "instructions": { ... }, "Message_Text": { ... }, "Channel_Name": { ... } ``` _Note: Every list of input_params will contain `instructions`, the only required parameter for execution._ ### 3. Execute (or preview) an action Finally, with an action ID and any desired, optional, hint parameters in hand, we can run (execute) an action. The parameter `instructions` is the only required parameter run an action. ``` curl -v \ -d '{"instructions": "send a short poem about automation and robots to slack", "Channel_Name": "#fun-zapier"}' \ -H "Content-Type: application/json" \ -X POST 'https://nla.zapier.com/api/v1/dynamic/exposed/01GTB1KMX72QTJEXXXXXXXXXX/execute/' ``` Another example, this time an action to retrieve data: ``` curl -v \ -d '{"instructions": "grab the latest email from bryan helmig"}' \ -H "Content-Type: application/json" \ -X POST 'https://nla.zapier.com/api/v1/dynamic/exposed/01GTA3G1WD49GN1XXXXXXXXX/execute/' ``` One more example, this time requesting a preview of the action: ``` curl -v \ -d '{"instructions": "say Hello World to #fun-zapier", "preview_only": true}' \ -H "Content-Type: application/json" \ -X POST 'https://nla.zapier.com/api/v1/dynamic/exposed/01GTB1KMX72QTJEXXXXXXXXXX/execute/' ``` #### Execution Return Data ##### The Status Key All actions will contain a `status`. The status can be one of four values: `success` The action executed successfully and found results. `error` The action failed to execute. An `error` key will have its value populated. Example: ``` { ... "action_used": "Gmail: Send Email", "result": null, "status": "error", "error": "Error from app: Required field "subject" (subject) is missing. Required field "Body" (body) is missing." } ``` `empty` The action executed successfully, but no results were found. This status exists to be explicit that having an empty `result` is correct. `preview` The action is a preview and not a real execution. A `review_url` key will contain a URL to optionally execute the action from a browser, or just rerun without the `preview_only` input parameter. Example: ``` { ... "action_used": "Slack: Send Channel Message", "input_params": { "Channel": "fun-zapier", "Message_Text": "Hello World" }, "review_url": "https://nla.zapier.com/execution/01GW2E2ZNE5W07D32E41HFT5GJ/?needs_confirmation=true", "status": "preview", } ``` ##### The Result Key All actions will return trimmed `result` data. `result` is ideal for humans and language models alike! By default, `full_results` is not included but can be useful for machines (contact us if you'd like access to full results). The trimmed version is created using some AI and heuristics: * selects for data that is plain text and human readable * discards machine data like IDs, headers, etc. * prioritizes data that is very popular on Zapier * reduces final result into about ~500 words Trimmed results are ideal for inserting directly back into the prompt context of a large language models without blowing up context token window limits. Example of a trimmed results payload from "Gmail: Find Email": ``` { "result": { "from__email": "mike@zapier.com", "from__name": "Mike Knoop", "subject": "Re: Getting setup", "body_plain": "Hi Karla, thanks for following up. I can confirm I got access to everything! ... Thanks! Mike", "cc__emails": "bryan@zapier.com, wade@zapier.com" "to__email": "Mike Knoop", } } ``` ## Changelog **Mar 20, 2023** Shipped two minor but breaking changes, and one other minor change to the API's response data: * Route: `/api/v1/configuration-link/` * Key `url` is now `configuration_link` **(breaking change)** * Route: `/api/v1/exposed/{exposed_app_action_id}/execute/` * Key `rating_url` is now `review_url` **(breaking change)** * Route: `/api/v1/exposed/` * Added `configuration_link` key