Skip to main content
The Tightknit API follows designs of REST, using clear, resource-based URLs. It supports form-encoded request bodies, returns responses in JSON format, and uses on standard HTTP methods, response codes, and authentication practices.

Endpoint

Tightknit’s REST API endpoint is: 
https://api.tightknit.ai

Authentication

API Keys

To understand how to create and manage your API keys, see API Keys. To authenticate your requests, you need to pass the API key with header: Authorization: <YOUR_API_KEY> 
curl https://api.tightknit.ai/admin/v0/... \
  --request POST \
  --header 'Content-Type: application/json' \
  --header "Authorization: Bearer <YOUR_API_KEY>" \
  --data '{ ... }'

Idempotency

The API supports idempotency for safely retrying mutating requests (e.g., PATCH, POST) without causing duplicate side effects. To use idempotency, include the Idempotency-Key header with a UUIDv4 value for each distinct operation: 
curl https://api.tightknit.ai/admin/v0/... \
  --request PATCH \
  --header 'Content-Type: application/json' \
  --header "Authorization: Bearer <YOUR_API_KEY>" \
  --header "Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000" \
  --data '{ ... }'
  • If a request with the same key has already completed, the API returns the cached response with an X-Idempotent-Replayed: true header.
  • If a request with the same key is still being processed, the API returns 409 Conflict with a Retry-After header.
  • Cached responses expire after 1 hour.
  • The key must be a valid UUIDv4 (e.g., generated via crypto.randomUUID()). Invalid formats return 400 Bad Request.
  • The header is opt-in — requests without it are processed normally.
  • Safe methods (GET, HEAD, OPTIONS) ignore the header.

Rate Limits

When authenticated using a developer API keys may not exceed 50 requests per second across all APIs.