Getting Started

Changelog

Public TokPortal API, SDK, CLI, MCP, and documentation changelog.

Changelog

2026-05-25

  • Added first-class OpenAPI assets at /openapi.json and /openapi.yaml.
  • Added llms.txt and llms-full.txt for LLM ingestion.
  • Added ai-context.json and developer-ecosystem.json for structured AI and developer ecosystem ingestion.
  • Documented the canonical API key format: sk_ followed by 64 lowercase hex characters, stored as SHA-256, shown once at creation.
  • Added public Node / TypeScript SDK package: @tokportal/node.
  • Added public CLI package: @tokportal/cli.
  • Added published public MCP package: tokportal-mcp.
  • Deferred Python, Go, Ruby, Java, PHP, .NET, and Rust SDKs until their registry or repository release path is ready.
  • Added package distribution metadata and a public ecosystem manifest with release status for SDK, CLI, and MCP surfaces.
  • Added structured SDK error handling docs for Node, including request IDs and retryability helpers.
  • Added SDK idempotency examples.
  • Added X-TokPortal-Client identification headers across generated SDKs, CLI, and MCP server.
  • Added public API version and stability response headers: X-TokPortal-API-Version: 2026-05-25 and X-TokPortal-API-Stability: stable.
  • Added X-TokPortal-Request-ID response headers across public API responses and SDK error parsing for support/debug correlation.
  • Added request ID persistence in API logs and per-key usage inspection in the Developer Portal.
  • Added API key environment tags, read/write scopes, optional expiry dates, and scope-aware auth errors without changing existing keys.
  • Added API key metadata editing and audit trail events for creation, updates, rotation, rotation replacements, and revocation.
  • Added X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, and Retry-After headers for authenticated public API requests.
  • Added SDK error metadata for rate limiting and backoff: Node retryAfterSeconds and rateLimit.
  • Added Node webhook signature helper docs plus manual HMAC verification examples.
  • Added CLI and MCP error diagnostics with request_id, retry_after_seconds, and rate_limit metadata.
  • Added the Versioning & Stability docs page with backwards compatibility and deprecation policy.
  • Added public webhook endpoint registry at /webhooks with emitted bundle, account, video, and test events, delivery logs, and test delivery support.
  • Added the public webhook event catalog at /webhooks/events with event availability, payload schemas, example payloads, delivery headers, and signature metadata.
  • Added manual webhook delivery retry at /webhooks/{id}/deliveries/{delivery_id}/retry, preserving the event ID and recording a new signed attempt.
  • Added persisted Idempotency-Key handling for mutating API requests, including replay detection and conflict errors.
  • Expanded OpenAPI/SDK coverage for Analytics v2 contract/export/report endpoints and media upload helpers, including direct upload and image import from URL.
  • Expanded OpenAPI/SDK coverage for bundle updates, account/video review lifecycle actions, video download fixes, analytics refresh checks, raw analytics snapshots, and standalone HTML report export.
  • Added generated OpenAPI x-codeSamples for every operation across curl, Node, Python, and Go.
  • Added a generated /api-reference docs page from OpenAPI so every operation and code sample is searchable and included in llms-full.txt.
  • Kept legacy API key validation compatible while new keys use the canonical sk_ format.