Quickstart
Make your first authenticated Tanqory API call in five minutes.
The dev portal is in preview. Endpoints in /api/* mirror what is
deployed; sections marked "in progress" exist in production but the
OpenAPI export is not yet complete.
Tanqory ships three OpenAPI 3.0 services — Admin (auth / stores /
billing / domains), Store (per-pod commerce primitives), and AI (chat
/ RAG / embeddings / agents). All three accept the same Bearer JWT,
return the same JSON error envelope, and follow the same page-based
pagination contract. This page walks a new integrator from zero to a
working 200 OK against a real endpoint.
Get an API key
Create a key in the Tanqory dashboard:
- Sign in at dashboard.tanqory.com.
[FOUNDER TO CONFIRM]— verify the exact path under Settings → Developers → API keys before launch. - Store the key in an environment variable. The rest of this guide
assumes
TANQORY_API_KEY.
export TANQORY_API_KEY="your_key_here"
Treat the key like a password. Rotation policy and per-key scopes are governed by the API License and Terms.
Make your first call
The smallest meaningful call against the live API is a GET on the
stores list — it returns the stores on your account. Pick the language you ship in:
cURL
curl https://api.tanqory.com/api/v1/stores \
-H "Authorization: Bearer $TANQORY_API_KEY" \
-H "Content-Type: application/json"
JavaScript (fetch)
const res = await fetch('https://api.tanqory.com/api/v1/stores', {
method: 'GET',
headers: {
Authorization: `Bearer ${process.env.TANQORY_API_KEY}`,
'Content-Type': 'application/json',
},
});
const data = await res.json();
Python (requests)
import os
import requests
response = requests.get(
'https://api.tanqory.com/api/v1/stores',
headers={
'Authorization': f"Bearer {os.environ['TANQORY_API_KEY']}",
'Content-Type': 'application/json',
},
)
data = response.json()
For TypeScript / JavaScript the official SDK @tanqory/sdk is published
on GitHub Packages (see SDKs) and wraps these calls. The raw HTTP
examples above work in any language; Python and Go SDKs are on the roadmap.
What just happened
Every Tanqory API request has the same four parts. Knowing them is
enough to read any endpoint in /api/*.
| Part | Value in the example | Notes |
|---|---|---|
| Base URL | https://api.tanqory.com | Pulled from spec.servers[0].url at build time. |
| Path | /api/v1/stores | Spec-declared; version prefix v1 is the only supported value today. |
| Auth header | Authorization: Bearer $TANQORY_API_KEY | Bearer JWT signed by admin-api identity service. See Authentication. |
| Content-Type | application/json | All endpoints accept + emit JSON. Multipart is allowed only on explicit upload endpoints (e.g. avatar / asset). |
The response body is the JSON resource list. Pagination, the error envelope, rate-limit headers, and versioning are documented below.
Build with the API
| Topic | When to read it |
|---|---|
| Authentication | Before you ship — Bearer JWT, MFA, social login, sessions. |
| Pagination | Any time you call a list endpoint. |
| Errors | Before you wrap calls in retry logic. |
| Webhooks | When you need server-side notifications instead of polling. |
Ship to production
| Topic | Why it matters |
|---|---|
| Rate limits | Avoid the 429s by honoring the Retry-After header. |
| Versioning | Pin a version explicitly; understand the deprecation window. |
| Trust Center | Security posture + subprocessor list — review before procurement. |
Need help
- Status — current incident state across Admin, Store, and AI.
- Developer support:
developer-support@tanqory.com.