API Overview

start.chat REST API documentation

v2026.03.6600f9

The start.chat API lets you programmatically interact with servers, channels, messages, and more.

Base URL

https://start.chat/api/v1

Authentication

All API requests require authentication via an API key:

Terminal

curl -H "Authorization: Bearer sk_live_xxx" https://start.chat/api/v1/...

Get your API key from Server Settings → API Keys in the app.

API keys are scoped to a single server and inherit the permissions of the role they’re assigned to. Keys use the format sk_live_*.

Key permissions

Permissions are enforced by Zero’s row-level permission model. Your API key inherits the role flags of its assigned role, and Zero checks these against each resource’s write rules.

PermissionAllows
canAdminFull server administration
canEditChannelCreate, modify, delete channels
canEditDataSend messages, create threads, add reactions
canModeratePin messages, manage roles, kick members
canEditAppManage app installations and secrets
canViewDataRead generic app data

Response format

All responses are JSON with this structure:

// Success
{
"ok": true,
"data": { ... }
}
// Error
{
"ok": false,
"error": {
"code": "ERROR_CODE",
"message": "Human readable message"
}
}

Resources

ResourceEndpointsDescription
Apps5Custom apps
App Installs2App installations
Channels3Create and manage channels
Indicators3Typing indicators
Invites2Server invites
Messages3Send, edit, and delete messages
Pins2Pinned messages
Roles3Roles and permissions
Secrets2App secrets and API keys
Servers1Server settings
Server Members3Server membership
Threads3Message threads
User Roles2Role assignments

Standard CRUD Operations

Most resources support these standard operations with consistent request/response formats:

Create (POST)

Terminal

curl -X POST "https://start.chat/api/v1/{resources}" \
-H "Authorization: Bearer sk_live_xxx" \
-H "Content-Type: application/json" \
-d '{ "id": "generated_id", ...fields }'

Update (PATCH)

Terminal

curl -X PATCH "https://start.chat/api/v1/{resources}/:id" \
-H "Authorization: Bearer sk_live_xxx" \
-H "Content-Type: application/json" \
-d '{ "id": "resource_id", ...fieldsToUpdate }'

Delete (DELETE)

Terminal

curl -X DELETE "https://start.chat/api/v1/{resources}/:id" \
-H "Authorization: Bearer sk_live_xxx"

All CRUD operations return:

{
"ok": true,
"data": {
"id": "resource_abc123",
"createdAt": 1709251200000
}
}

Rate limits

Requests are rate-limited per user per resource using a sliding window. Rate-limited responses include headers:

X-RateLimit-Limit: 30 X-RateLimit-Remaining: 5 X-RateLimit-Reset: 1704067200 Retry-After: 45
ResourceLimitWindow
message30/min60s
channel10/min60s
server5/min60s
thread20/min60s
reaction30/min60s
indicator60/min60s
query60/min60s
Everything else60/min60s

Error codes

CodeStatusDescription
UNAUTHORIZED401Missing or invalid authentication
INVALID_API_KEY401API key format invalid, revoked, or expired
FORBIDDEN403Authenticated but lacks the required permission
NOT_FOUND404Resource, endpoint, or query not found
INVALID_REQUEST400Missing required fields or invalid values
ALREADY_EXISTS409Resource already exists
RATE_LIMITED429Too many requests — check Retry-After header
INTERNAL_ERROR500Server error
{
"ok": false,
"error": {
"code": "RATE_LIMITED",
"message": "Rate limit exceeded. Try again in 45 seconds."
}
}

Queries

Read endpoints use GET with REST paths:

Terminal

curl "https://start.chat/api/v1/servers/{serverId}" \
-H "Authorization: Bearer sk_live_xxx"

Available queries:

PathQueryDescription
GET /api/v1/servers/:serverIdserverByIdGet server details by ID.
GET /api/v1/servers/:serverId/membersserverMembersList members of a server.
GET /api/v1/serversuserServersList servers the authenticated user belongs to.
GET /api/v1/servers/joinablesearchJoinableServersSearch for public servers the user can join.
GET /api/v1/servers/:serverId/channelschannelsByServerList all channels in a server.
GET /api/v1/channels/:channelIdchannelByIdGet channel details by ID.
GET /api/v1/channels/:channelId/messageschannelMessagesFetch messages in a channel. Supports cursor-based pagination, filtering, and limit control.
GET /api/v1/messages/:messageIdmessageByIdGet a single message by ID.
GET /api/v1/channels/:channelId/pinspinnedMessagesPageGet pinned messages in a channel with pagination.
GET /api/v1/threads/:threadIdthreadWithMessagesGet a thread and all its messages.
GET /api/v1/messages/:messageId/threadsthreadsByMessageIdGet threads attached to a message.
GET /api/v1/threads/:threadId/infothreadByIdGet thread metadata by ID.
GET /api/v1/users/:userIduserByIdGet user profile by ID.
GET /api/v1/roles/:roleIdroleByIdGet role details by ID.
GET /api/v1/servers/:serverId/invitesinvitesByServerList invites for a server.
GET /api/v1/invites/:inviteIdinviteByIdGet invite details by ID.
GET /api/v1/servers/:serverId/app-installsappInstallsByServerList app installations for a server.
GET /api/v1/apps/:appIdappByIdGet app details by ID.
GET /api/v1/app-installs/:appInstallIdappInstallByIdGet app installation details by ID.
GET /api/v1/servers/:serverId/flowsflowsByServerList flows for a server.
GET /api/v1/flows/:flowIdflowByIdGet flow details by ID.
GET /api/v1/notificationslatestNotificationsGet latest notifications for the authenticated user.

See the SDK queries reference for typed parameters.

Permissions by Resource

Each resource defines its own write permission rules, enforced by Zero at the row level:

ResourceWrite Permission
appserver creator, admin, or canEditChannel/canEditServer role
appInstallcanEditApp role
channelserver creator, admin, or canEditChannel/canEditServer role
indicatorown user only
inviteserver admin or invite creator
messageserver admin, moderator, or message creator (non-readonly channel)
pincanEditChannel role or server admin
roleserver admin (canAdmin)
secretsee model definition
serverplatform admin, server creator, or canAdmin/canEditServer role
serverMemberown membership, server admin, or moderator
threadserver admin, thread creator, or agent (non-readonly channel)
userRoleserver admin (canAdmin)