Skip to main content

Invite API

Generate and validate invite codes for gating access to the Agentbot platform. These endpoints are backend-only.
Invite codes are now persisted in the database and survive server restarts. Code generation requires internal API key authentication to prevent invite flooding. Code validation remains public.

Generate invite code

POST /api/invite/generate
Generates a new invite code. Requires internal API key authentication via the Authorization: Bearer <INTERNAL_API_KEY> header.

Errors

CodeDescription
401Missing or invalid internal API key
500Failed to generate invite code

Response

{
  "code": "a1b2c3d4e5f6"
}
FieldTypeDescription
codestringA 12-character hex string generated from 6 random bytes

Validate invite code

POST /api/invite/validate
Validates and consumes an invite code. The operation is atomic — only one concurrent request can successfully consume a given code. Once validated, the code is marked as used and cannot be reused. No authentication required.

Request body

FieldTypeRequiredDescription
codestringYesThe invite code to validate

Response (valid)

{
  "valid": true
}

Response (invalid)

{
  "valid": false
}

Errors

CodeDescription
400Code is missing, invalid, or already used