Otto

API Reference

Otto exposes a REST API for license validation, application management, and integrations. All endpoints require authentication via JWT bearer tokens.

Base URL

https://api.ottoops.ai/v1

Authentication

All API requests require a valid JWT in the Authorization header:

Authorization: Bearer <your-jwt-token>

Endpoints

GET/license/validate

Validates the current license for a given application. Returns licensed products and expiration.

GET/apps

Lists all applications for the authenticated user's organization.

POST/apps

Creates a new application. Requires a name and at least one product selection.

PATCH/apps/:id

Updates an application's name, products, or repository associations.

DELETE/apps/:id

Deletes an application and cancels its subscription.

POST/billing/portal

Generates a Stripe Customer Portal URL for managing payment methods and invoices.

Rate Limits

API requests are rate-limited to prevent abuse. Standard limits are 100 requests per minute per API key. License validation endpoints have higher limits to support real-time extension usage.

Error Responses

All errors follow a consistent format:

{
  "error": {
    "code": "INVALID_LICENSE",
    "message": "The license for this application has expired.",
    "status": 403
  }
}