API Documentation

ZeroPrompt API Reference

Complete guide for calling the ZeroPrompt API with Clerk JWTs or API keys, including cURL, Postman, and Insomnia examples.

Server Endpoint

Base URL is always your host + /api. Example: https://zeroprompt.knmlabs.org/api

Token Placement

Use X-API-Key: zp_... or Authorization: Bearer <token> in request headers.

Copy/Paste Examples

cURL commands for health checks, key creation, and resource CRUD.

Scopes + Limits

API keys support read/write/create/delete scopes and route-level restrictions.

1) Base URL and Request Format

Every endpoint in this document is relative to the API base URL.

Environment	Base URL	Notes
Production	`https://zeroprompt.knmlabs.org/api`	Live application API
Staging	`https://staging-zeroprompt.knmlabs.org/api`	Staging environment
Development (Hosted)	`https://dev-zeroprompt.knmlabs.org/api`	Hosted dev environment
Local (Node server)	`http://localhost:3001/api`	When running `server` directly
Local (Docker default)	`http://localhost:3003/api`	Default `docker-compose.yml` host mapping
Local (Docker dev profile)	`http://localhost:4001/api`	Development compose profile

GET {{base_url}}/health
Content-Type: application/json

2) Authentication and Where To Put Tokens

ZeroPrompt supports two standard API auth patterns:

A) API Key (recommended for scripts/integrations)

Header name: X-API-Key

Value format: zp_<random>

Alternative: you can also send the same key in Authorization: Bearer zp_...

B) Clerk JWT (browser/session calls)

Header name: Authorization

Value format: Bearer <clerk_jwt>

Used to create/manage API keys and for normal signed-in app routes.

Authorization: Bearer <clerk_jwt_or_zp_api_key>
X-API-Key: zp_your_api_key_here

3) cURL Quickstart

# 1) Health check (no auth required)
curl -sS "${BASE_URL}/health"

# 2) Create API key (requires Clerk JWT + Pro/Team plan)
curl -sS -X POST "${BASE_URL}/api-keys" \
  -H "Authorization: Bearer ${CLERK_JWT}" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "CI Integration",
    "expirationDays": 30,
    "permissions": {
      "read": true,
      "write": true,
      "create": true,
      "delete": false
    }
  }'

# 3) List prompts using API key
curl -sS "${BASE_URL}/prompts?limit=20&offset=0" \
  -H "X-API-Key: ${ZP_API_KEY}"

# 4) Create prompt using API key
curl -sS -X POST "${BASE_URL}/prompts" \
  -H "X-API-Key: ${ZP_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "title": "Customer Support Assistant",
    "description": "Structured support assistant prompt",
    "tags": ["support", "email"],
    "visibility": "PRIVATE",
    "lifecycle": "DRAFT",
    "sections": [
      {
        "id": "role-1",
        "type": "role",
        "title": "Role",
        "content": "You are a concise and helpful support assistant.",
        "order": 0
      },
      {
        "id": "task-1",
        "type": "task",
        "title": "Task",
        "content": "Draft a response to the customer using provided context.",
        "order": 1
      }
    ],
    "variables": [
      {
        "name": "customer_name",
        "label": "Customer Name",
        "type": "STRING",
        "required": true
      }
    ]
  }'

4) Postman Setup

Create an environment variable named base_url (for example https://zeroprompt.knmlabs.org/api).
Add variables clerk_jwt and zp_api_key.
For API key requests, add a Header: X-API-Key: {{zp_api_key}}.
For JWT requests, use Authorization tab and select Bearer Token with value {{clerk_jwt}}.
Use URLs like {{base_url}}/prompts.

Postman Request Example
Method: POST
URL: {{base_url}}/contexts
Headers:
  Content-Type: application/json
  X-API-Key: {{zp_api_key}}
Body (raw JSON):
{
  "title": "Brand Voice",
  "description": "House style guidance",
  "content": "Use concise, technical language with actionable next steps.",
  "visibility": "PRIVATE",
  "lifecycle": "DRAFT",
  "isProOnly": false
}

5) Insomnia Setup

Create an environment with base_url, clerk_jwt, and zp_api_key.
Set request URL to {{ base_url }}/packages.
For API key auth, add Header X-API-Key and value {{ zp_api_key }}.
For JWT auth, use Bearer token with {{ clerk_jwt }}.
Use JSON body mode for POST/PUT requests.

Insomnia Endpoint Examples
GET  {{ base_url }}/health
GET  {{ base_url }}/prompts
POST {{ base_url }}/packages
PUT  {{ base_url }}/prompts/REPLACE_PROMPT_ID
DELETE {{ base_url }}/contexts/REPLACE_CONTEXT_ID

6) Endpoint Reference

API Key Management (JWT required)

Method	Endpoint	Description
GET	`/api-keys/scopes`	Return allowed/default scopes
GET	`/api-keys`	List your API keys
POST	`/api-keys`	Create a new API key
DELETE	`/api-keys/:id`	Revoke an API key

Note: API key creation requires an eligible account (Pro/Team/Admin).

API Key-Compatible CRUD Endpoints

Method	Endpoint	Description
GET	`/prompts`	List your prompts
GET	`/prompts/:id`	Get one prompt
POST	`/prompts`	Create prompt
PUT	`/prompts/:id`	Update prompt
DELETE	`/prompts/:id`	Delete prompt
GET	`/packages`	List your collections
GET	`/packages/:id`	Get one collection
POST	`/packages`	Create collection
PUT	`/packages/:id`	Update collection
DELETE	`/packages/:id`	Delete collection
GET	`/contexts`	List your contexts
GET	`/contexts/:id`	Get one context
POST	`/contexts`	Create context
PUT	`/contexts/:id`	Update context
DELETE	`/contexts/:id`	Delete context
GET	`/tags`	List tags
GET	`/tags/search?q=<term>`	Search tags

API keys are intentionally restricted to prompt, package (collection), context, and tag CRUD routes.

Public Endpoints (No auth)

Method	Endpoint	Description
GET	`/health`	Health status (no auth)
GET	`/public/prompts`	List public prompts
GET	`/public/prompts/:id`	Get public prompt
GET	`/public/prompts/tags`	Public prompt tag counts
GET	`/public/packages`	List public collections
GET	`/public/packages/:id`	Get public collection
GET	`/public/contexts/:id`	Get public context

7) Interactive API Playground

OpenAPI/Swagger-style tester. Choose an endpoint, paste an API key, and execute live requests against the selected base URL.

Operations

Selected Operation

GET/health

Service health status (public endpoint).

No Auth

Base URLEnvironment Preset

Query String

Resolved URL

https://zeroprompt.knmlabs.org/api/health

Generated cURL

curl -X GET "https://zeroprompt.knmlabs.org/api/health" \
  -H "Accept: application/json"

8) JSON Body Examples

Create API Key

{
  "name": "Automation Key",
  "expirationDays": 30,
  "permissions": {
    "read": true,
    "write": true,
    "create": true,
    "delete": false
  },
  "tagIds": [],
  "collectionIds": []
}

Create Collection (Package)

{
  "name": "Customer Success Library",
  "description": "Prompts and contexts for customer success workflows",
  "visibility": "PRIVATE",
  "icon": "folder",
  "promptIds": [],
  "contextIds": []
}

Create Context

{
  "title": "Incident Response Policy",
  "description": "Escalation and communication rules",
  "content": "P1 incidents must be acknowledged in 5 minutes...",
  "visibility": "PRIVATE",
  "lifecycle": "DRAFT",
  "isProOnly": false
}

9) Errors, Limits, and Troubleshooting

401: Missing/invalid token or expired key.
403: Route/scope not allowed for this API key, or plan restriction.
404: Resource not found (or outside your ownership/scope).
429: Rate limit hit (standard routes: 120 req/min).

{
  "error": "API key missing required permission: write"
}

Tip: if an API key call returns 403 on a non-CRUD route, switch to Clerk JWT auth for that endpoint.

Environment

Base URL

Notes

Production

https://zeroprompt.knmlabs.org/api

Live application API

Staging

https://staging-zeroprompt.knmlabs.org/api

Staging environment

Development (Hosted)

https://dev-zeroprompt.knmlabs.org/api

Hosted dev environment

Local (Node server)

http://localhost:3001/api

When running `server` directly

Local (Docker default)

http://localhost:3003/api

Default `docker-compose.yml` host mapping

Local (Docker dev profile)

http://localhost:4001/api

Development compose profile

# 1) Health check (no auth required) curl -sS "${BASE_URL}/health" # 2) Create API key (requires Clerk JWT + Pro/Team plan) curl -sS -X POST "${BASE_URL}/api-keys" \ -H "Authorization: Bearer ${CLERK_JWT}" \ -H "Content-Type: application/json" \ -d '{ "name": "CI Integration", "expirationDays": 30, "permissions": { "read": true, "write": true, "create": true, "delete": false } }' # 3) List prompts using API key curl -sS "${BASE_URL}/prompts?limit=20&offset=0" \ -H "X-API-Key: ${ZP_API_KEY}" # 4) Create prompt using API key curl -sS -X POST "${BASE_URL}/prompts" \ -H "X-API-Key: ${ZP_API_KEY}" \ -H "Content-Type: application/json" \ -d '{ "title": "Customer Support Assistant", "description": "Structured support assistant prompt", "tags": ["support", "email"], "visibility": "PRIVATE", "lifecycle": "DRAFT", "sections": [ { "id": "role-1", "type": "role", "title": "Role", "content": "You are a concise and helpful support assistant.", "order": 0 }, { "id": "task-1", "type": "task", "title": "Task", "content": "Draft a response to the customer using provided context.", "order": 1 } ], "variables": [ { "name": "customer_name", "label": "Customer Name", "type": "STRING", "required": true } ] }'

Postman Request Example Method: POST URL: {{base_url}}/contexts Headers: Content-Type: application/json X-API-Key: {{zp_api_key}} Body (raw JSON): { "title": "Brand Voice", "description": "House style guidance", "content": "Use concise, technical language with actionable next steps.", "visibility": "PRIVATE", "lifecycle": "DRAFT", "isProOnly": false }

Insomnia Endpoint Examples GET {{ base_url }}/health GET {{ base_url }}/prompts POST {{ base_url }}/packages PUT {{ base_url }}/prompts/REPLACE_PROMPT_ID DELETE {{ base_url }}/contexts/REPLACE_CONTEXT_ID

Method

Endpoint

Description

GET

/api-keys/scopes

Return allowed/default scopes

GET

/api-keys

List your API keys

POST

/api-keys

Create a new API key

DELETE

/api-keys/:id

Revoke an API key

Method

Endpoint

Description

GET

/prompts

List your prompts

GET

/prompts/:id

Get one prompt

POST

/prompts

Create prompt

PUT

/prompts/:id

Update prompt

DELETE

/prompts/:id

Delete prompt

GET

/packages

List your collections

GET

/packages/:id

Get one collection

POST

/packages

Create collection

PUT

/packages/:id

Update collection

DELETE

/packages/:id

Delete collection

GET

/contexts

List your contexts

GET

/contexts/:id

Get one context

POST

/contexts

Create context

PUT

/contexts/:id

Update context

DELETE

/contexts/:id

Delete context

GET

/tags

List tags

GET

/tags/search?q=<term>

Search tags

Method

Endpoint

Description

GET

/health

Health status (no auth)

GET

/public/prompts

List public prompts

GET

/public/prompts/:id

Get public prompt

GET

/public/prompts/tags

Public prompt tag counts

GET

/public/packages

List public collections

GET

/public/packages/:id

Get public collection

GET

/public/contexts/:id

Get public context

{ "title": "Incident Response Policy", "description": "Escalation and communication rules", "content": "P1 incidents must be acknowledged in 5 minutes...", "visibility": "PRIVATE", "lifecycle": "DRAFT", "isProOnly": false }