The REST API
One HTTPS API behind every feature, authenticated with a bearer key.
3 min read · Updated June 28, 2026
Every Stoatify feature is backed by a REST API, and your API key unlocks it. If the app can do it, your code can too.
The basics
- Base URL: requests go to
https://api.stoatify.com/api/.... - Auth: send your key as
Authorization: Bearer sk_.... - Format: JSON in, JSON out; uploads are multipart form posts.
- Organization: a key is bound to one org; the SDK and session tokens can target another with an
X-Org-Idheader.
What you can reach
The full surface: documents (upload, search, update, trash, versions), notes, categories, tags, contacts, custom fields, folders, storage paths, saved views, share links, reminders, webhooks, org and member management, and e-signatures.
- Rate limits apply per user to writes, uploads, and content, generous for normal use.
- Errors come back as JSON with a status code; a plan-gated feature returns a clear response saying which plan you need.
Good to know
Endpoints live under /api with no separate version to pin. A quick check: curl -H "Authorization: Bearer sk_..." https://api.stoatify.com/api/documents.
Tip
The CLI and SDK wrap this API so you don't have to hand-roll requests.
Was this article helpful?