Introduction
Base URL, authentication, response codes, rate limits, and pagination.
Understand general concepts, response codes, and authentication for the Styrar REST API.
Plan requirement: API access is included on Team and Agency plans only. Free and Solo workspaces do not include API access. See pricing.
The Styrar API is built on REST principles. HTTPS is required for every request.
Base URL
All requests use this base URL:
https://api.styrar.com
Product routes are under /v1/. Example:
https://api.styrar.com/v1/posts
Authentication
Add an Authorization header with a Bearer token. Use an API key you create in Settings → API keys, or an OAuth access token from a connected app.
Authorization: Bearer sty_live_xxxxxxxxx
OAuth partner tokens use the same header shape:
Authorization: Bearer YOUR_ACCESS_TOKEN
See Authentication for key formats, scopes, and workspace rules (companyId).
Response codes
Styrar uses standard HTTP codes to indicate success or failure.
In general, 2xx codes mean success, 4xx codes indicate a problem with the request or permissions, and 5xx codes indicate a server issue.
| Status | Description |
|---|---|
200 | Successful request. |
201 | Resource created. |
400 | Invalid parameters or request body. |
401 | Missing or invalid Bearer token. |
403 | Forbidden (missing scope, wrong workspace, or plan limit). |
404 | Resource not found. |
429 | Rate limit exceeded. |
5xx | Server error. Try again later. |
Most error bodies are JSON:
{ "error": "Human-readable message" }
Plan quota errors (posts per month, storage, and similar limits) return 403 with a message that explains the limit.
Rate limits
| Traffic | Limit |
|---|---|
API key (sty_live_… / sty_test_…) | 1000 requests per hour per key |
OAuth token exchange (POST /v1/oauth/token) | 60 requests per minute per client_id |
When you exceed a limit, the API returns 429 Too Many Requests. API key rate limits reset on an hourly window; wait and retry with backoff.
Pagination
List endpoints that support paging accept page and limit query parameters. page is 1-based. Responses may include pagination metadata depending on the route.
Example:
GET /v1/posts?companyId=YOUR_COMPANY_ID&page=1&limit=20
API resources
| Area | Description | Guide |
|---|---|---|
| Posts | Schedule, publish, and manage social content | Endpoints |
| Links | Short links, folders, routing, A/B tests, QR | Endpoints |
| Bio | Bio pages, versions, and publish | Endpoints |
| Campaigns | Campaign CRUD and attribution | Endpoints |
| Media | Upload and library access | Endpoints |
| Analytics | Social, link, and bio metrics | Endpoints |
| Webhooks | Outbound signed events | Webhooks |
Machine-readable schema: OpenAPI (/openapi.json).
FAQ
How do I get an API key?
Sign in to a Team or Agency workspace, open Settings → API keys, choose scopes, and copy the key when shown. Styrar cannot display the full key again after creation.
Company vs personal workspace?
Pass companyId on requests for company-scoped resources. Omit it for personal workspace resources. API keys are bound to the scope selected at creation. OAuth tokens follow the workspace chosen at authorization time.
How does versioning work?
All routes are under /v1/. Breaking changes will be introduced under a new version prefix when needed.
Webhooks vs REST?
Use the REST API to read and write workspace data on demand. Use webhooks when you want Styrar to push signed events (for example link.clicked or post.published) to your HTTPS endpoint.
Related
- Authentication — API keys, scopes, and errors in depth
- Endpoints — route catalog by resource
- OAuth integration — partner applications
- Webhooks — outbound events