Test & Integration Guide
Overview
This is the page that opens when you click View Docs on the endpoint detail page. You can test API calls directly in the browser without any additional tools, and share it with collaborators so they can find everything they need for integration in one place.
Testing on this page is done in the sandbox environment only. It does not affect production data, so feel free to experiment.
The page has two tabs:
- Quick Start — Authenticate with an API key and test calls right away
- Guide — Integration reference for owners and collaborators (step-by-step guide, API endpoints, headers, field definitions, code examples, etc.)
How to get here
- Endpoint Detail right sidebar > View Docs button (Sandbox tab)
- Collaborators can also access it from their own dashboard after accepting the invitation
Endpoint info
- The endpoint name and description are displayed
- Environment badge (Sandbox) and version info appear alongside
- Switch between the Quick Start / Guide tabs
Quick Start tab
Authentication
To start testing, you need to authenticate with an API key first.
- Paste a sandbox key (starting with
tm_test_) into the input and clickAuthorize - Two types of keys can be used:
- Default API Key — When the owner tests directly
- Collaboration Key — When a collaborator tests with their own key
Once authenticated, the input disappears and a Logout button appears. To test with a different key, log out and authenticate again.
Try it out
After authentication, the CRUD call execution area is activated. Select a method, enter the request body (JSON), and click Execute to see results immediately.
If you want to test the full flow at once, follow this order:
Full CRUD test guide
CREATE (POST) — Enter test JSON in the request body and execute. Copy the
idfrom the response — you'll need it for the next steps.READ (GET) — Paste the
idinto the Record ID field and execute. Verify that the data you just created is returned correctly.UPDATE (PUT) — Enter the same
idand provide modified JSON in the request body. This is a full replacement, so include fields you want to keep as well as those you're changing.DELETE — Enter the same
idand execute. Try READ again afterward to confirm the record has been deleted.
Permission check: When testing with a collaboration key, only methods allowed by that key's permissions can be executed. Calling an unauthorized method returns a 403 error. Check permissions at Collaboration Keys > Permissions.
Collaborator webhook
At the bottom of the Try it out section, there's a collapsible webhook settings area. This is separate from the webhook the owner configures in the dashboard — it's for the API caller to include webhook information in request headers so they can receive processing results at their specified URL. You can test these headers here.
- Operates independently from the owner webhook
- In actual integration, webhook headers are included directly in your API call code
- See the Guide tab's Webhook Setup section for detailed header names and implementation
Guide tab
The Guide tab is structured so both owners and collaborators can review the full integration flow and technical details in one place. Role-specific step guides are at the top, followed by technical reference.
Getting started — Owner
Select the Did you create an endpoint? tab to see the steps from the owner's perspective.
- Create endpoint — Just set an API name and CRUD is automatically created. Description and required fields can be added later
- Sandbox test and log check — Make a call with the default API key in the Quick Start tab, then verify data receipt in dashboard logs
- Create collaboration key and invite — Create a key and send email invitations from the detail page
- Integration test — Verify together that the collaborator is calling correctly in sandbox via logs
- Production deployment — Approve the collaborator's deploy request, or deploy directly. Collaborators are notified after deployment
Getting started — Collaborator
Select the Were you invited? tab to see the steps from the collaborator's perspective.
- Accept invitation — Check the invitation email and accept on the dashboard after logging in
- Check API key — Find your sandbox API key (
tm_test_) on the endpoint detail page - Integration and testing — Test calls in the Quick Start tab, and reference the Guide tab's technical info to develop your integration. If you receive a 202 response, processing is guaranteed by the system
- Request deployment — When testing is done, submit a deploy request from the endpoint detail page
- Switch to production — Once the owner completes deployment, you'll be notified. Check and apply the production API key (
tm_live_) from the Production tab
API Endpoints
Shows the API paths and methods available for this endpoint. Four methods are automatically prepared when an endpoint is created.
| Method | Path | Description |
|---|---|---|
| POST | /api/v1/data/{slug} |
Create a new record |
| GET | /api/v1/data/{slug}/{record_id} |
Retrieve a record |
| PUT | /api/v1/data/{slug}/{record_id} |
Replace a record |
| DELETE | /api/v1/data/{slug}/{record_id} |
Delete a record |
{slug} is a unique identifier automatically assigned when the endpoint is created. You can see the actual value on this page.
API Keys
Key information for authentication when making API calls.
| Environment | Key prefix | Usage |
|---|---|---|
| Sandbox | tm_test_ |
Development and testing |
| Production | tm_live_ |
Live service |
Production API keys can be found on the endpoint detail page after deployment is complete. Before deployment, calls with production keys are rejected.
Request Headers
HTTP headers to include in API calls. Content-Type and Authorization are required; webhook headers are only added when needed.
| Header | Required | Description |
|---|---|---|
Content-Type |
Required | application/json (for POST/PUT) |
Authorization |
Required | Bearer {API_KEY} format |
X-Webhook-Callback |
Optional | URL to receive caller webhook |
X-Webhook-Auth |
Optional | Webhook auth value (e.g., Bearer token) |
X-Webhook-Auth-Header |
Optional | Webhook auth header key (default: Authorization) |
Request Body
Information about the JSON body sent with POST/PUT requests.
- Format: JSON (
application/json) · Max 100KB · UTF-8 - If the owner has defined required fields, those fields must be included. Additional fields beyond the required ones can be sent freely
- If no required fields are defined, any JSON is accepted
- Requests are processed asynchronously. You receive a 202 response immediately, and the actual storage and webhook delivery happen in the background
Response Format
Shows success responses and error codes for each method.
Success responses:
- POST/PUT/DELETE →
202 Accepted(request accepted and queued) - GET →
200 OK(data returned immediately)
Error codes:
| Code | Status | Meaning |
|---|---|---|
| 400 | Bad Request | Invalid JSON, missing required fields, invalid record ID |
| 401 | Unauthorized | API key missing or invalid |
| 403 | Forbidden | Endpoint inactive, no subscription, or insufficient permissions |
| 415 | Unsupported Media Type | Content-Type is not application/json |
| 429 | Too Many Requests | Monthly usage limit exceeded |
| 5xx | Server Error | Temporary server error — implement retry logic |
If you receive a 5xx error, the request didn't reach the server. Implement retry logic in your code (e.g., 1s → 2s → 4s backoff). If you receive a 202 response, processing is guaranteed by the system.
Webhook Setup
Instructions for setting up caller webhooks to automatically receive processing results. This operates separately and independently from the owner's dashboard webhook.
How to set up: Include the following headers in your API call.
| Header | Required | Description |
|---|---|---|
X-Webhook-Callback |
Required | URL to receive webhooks |
X-Webhook-Auth |
Optional | Auth value (e.g., Bearer token) |
X-Webhook-Auth-Header |
Optional | Auth header key (default: Authorization) |
Retry policy:
- Up to 3 retries on failure (1-2 second backoff)
- Success criteria: 2xx status code
- Even if all 3 attempts fail, data is safely stored. Check webhook status in the logs
Code Examples
API call code samples are provided in major languages including curl, JavaScript, and Python. Switch tabs to see examples for each language. The actual endpoint URL and required headers are pre-filled, so you can copy and use them right away.
Troubleshooting
- Nothing happens when I click Authorize: Check that the API key starts with
tm_test_(sandbox key). Production keys (tm_live_) cannot be used on this page - I lost the ID after CREATE: Call CREATE again to generate a new record and continue testing. If you need the previous record's ID, check the call history on the Logs page in the dashboard
- Getting 403 errors: The collaboration key you're using may not have permission for that method. Check at Collaboration Keys > Permissions
- Webhook isn't arriving: The webhook server must respond within 7 seconds. Check that it's publicly accessible and uses HTTPS. Platforms like Discord and Slack have rate limits — if too many webhooks fire in a short time, some may be blocked