API Reference

Introduction

The Corthex REST API lets you programmatically manage your AI assistants and send chat messages with RAG-powered responses. All API endpoints are served from https://www.corthex.app/api/v1.

Authentication

All API requests require a valid API key passed as a Bearer token in the Authorization header.

Authorization: Bearer ctx_your_api_key

Creating an API key

1. Go to Settings → API Keys in your dashboard
2. Click "Create API Key" and give it a name
3. Copy the key immediately (it is only shown once)

Key format

API keys use the prefix ctx_ followed by 64 hexadecimal characters. Keys are hashed with SHA-256 before storage. Corthex never stores your key in plaintext.

API Endpoints

{
  "data": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440000",
      "name": "Support Bot",
      "slug": "support-bot",
      "model": "gemini-2.0-flash-exp",
      "isActive": true,
      "createdAt": "2025-01-15T10:30:00.000Z"
    }
  ]
}

curl https://www.corthex.app/api/v1/bots \
  -H "Authorization: Bearer ctx_your_api_key"

const res = await fetch("https://www.corthex.app/api/v1/bots", {
  headers: {
    Authorization: "Bearer ctx_your_api_key",
  },
});

const { data } = await res.json();
console.log(data); // [{ id, name, slug, model, ... }]

{
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "name": "Support Bot",
    "slug": "support-bot",
    "model": "gemini-2.0-flash-exp",
    "isActive": true,
    "welcomeMessage": "Hello! How can I help you?",
    "createdAt": "2025-01-15T10:30:00.000Z"
  }
}

curl https://www.corthex.app/api/v1/bots/BOT_ID \
  -H "Authorization: Bearer ctx_your_api_key"

const botId = "550e8400-e29b-41d4-a716-446655440000";

const res = await fetch(`https://www.corthex.app/api/v1/bots/${botId}`, {
  headers: {
    Authorization: "Bearer ctx_your_api_key",
  },
});

const { data } = await res.json();
console.log(data.name); // "Support Bot"

{
  "botId": "550e8400-e29b-41d4-a716-446655440000",
  "conversationId": "optional-uuid",  // omit to auto-create
  "messages": [
    { "role": "user", "content": "What is your refund policy?" }
  ]
}

// Streaming response (text/event-stream)
// Each chunk contains the assistant's response text
// The full response is grounded in the bot's knowledge base

curl -X POST https://www.corthex.app/api/v1/chat \
  -H "Authorization: Bearer ctx_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "botId": "BOT_ID",
    "messages": [
      { "role": "user", "content": "Hello!" }
    ]
  }'

const res = await fetch("https://www.corthex.app/api/v1/chat", {
  method: "POST",
  headers: {
    Authorization: "Bearer ctx_your_api_key",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    botId: "BOT_ID",
    messages: [{ role: "user", content: "Hello!" }],
  }),
});

// Read the streaming response
const reader = res.body.getReader();
const decoder = new TextDecoder();

while (true) {
  const { done, value } = await reader.read();
  if (done) break;
  process.stdout.write(decoder.decode(value));
}

Widget Integration

Embed a chat widget on any website with a single script tag. The widget creates a floating chat button that opens an iframe with your bot's chat interface. No API key required. The widget uses a public endpoint.

<script
  src="https://www.corthex.app/widget.js"
  data-bot-id="YOUR_BOT_ID"
  data-accent-color="#3A82FF"
></script>

Attributes

Behavior

• Floating button appears at the bottom-right corner of the page
• The iframe is lazy-loaded on first click for optimal performance
• On mobile screens (<480px), the widget opens full-screen
• Each visitor gets their own isolated conversation
• The widget respects the branding configured in your bot settings (display name, icon, accent color, tone)

Full example

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>My Website</title>
</head>
<body>
  <h1>Welcome to my site</h1>

  <!-- Corthex Chat Widget -->
  <script
    src="https://www.corthex.app/widget.js"
    data-bot-id="550e8400-e29b-41d4-a716-446655440000"
    data-accent-color="#3A82FF"
  ></script>
</body>
</html>

Rate Limits

Rate limits are enforced per API key using a sliding window algorithm. When a limit is reached, the API returns a 429 status code.

Monthly message limits

In addition to per-minute rate limits, each organization has a monthly message quota based on their plan. When the quota is reached, the API returns a 429 with a message to upgrade.

Error Handling

All error responses follow a consistent JSON format:

{
  "error": "Human-readable error message",
  "details": [...]  // Optional: Zod validation issues for 400 errors
}

HTTP status codes

Quickstart

Get up and running in three steps: create an API key, list your bots, and send a chat message.

curl https://www.corthex.app/api/v1/bots \
  -H "Authorization: Bearer ctx_your_api_key"

curl -X POST https://www.corthex.app/api/v1/chat \
  -H "Authorization: Bearer ctx_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "botId": "YOUR_BOT_ID",
    "messages": [
      { "role": "user", "content": "What can you help me with?" }
    ]
  }'

const API_KEY = "ctx_your_api_key";
const BASE = "https://www.corthex.app/api/v1";

// 1. List bots
const botsRes = await fetch(`${BASE}/bots`, {
  headers: { Authorization: `Bearer ${API_KEY}` },
});
const { data: bots } = await botsRes.json();
const botId = bots[0].id;

// 2. Send a chat message (streaming)
const chatRes = await fetch(`${BASE}/chat`, {
  method: "POST",
  headers: {
    Authorization: `Bearer ${API_KEY}`,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    botId,
    messages: [{ role: "user", content: "Hello!" }],
  }),
});

// 3. Read the stream
const reader = chatRes.body.getReader();
const decoder = new TextDecoder();

while (true) {
  const { done, value } = await reader.read();
  if (done) break;
  process.stdout.write(decoder.decode(value));
}