API
API RESTful API for event ingestion, incident retrieval, webhook management, token management, and more. Authenticated via project tokens, member tokens, or browser sessions.
https://api.debugbundle.com Self-hosted deployments use your custom domain.
The API uses three authentication methods, each scoped differently:
Method Header / Mechanism Scope Use Case Project token Authorization: Bearer dbundle_proj_*Write-only ingestion SDKs sending events via POST /v1/events Member token Authorization: Bearer dbundle_mem_*Full read/manage CLI, API clients, MCP — incidents, webhooks, tokens, billing Browser session Cookie: debugbundle_session=*Full read/manage Web dashboard (same permissions as member token)
Project tokens can only ingest events. They cannot read incidents, manage webhooks, or perform any other operation.
See Authentication for details.
Content-Type: application/jsonCharacter encoding: UTF-8All request bodies are JSON objects validated with Zod at the boundary
Unknown fields are rejected (strict schemas)
{ "incidents" : [ ... ], "next_cursor" : "2025-01-15T10:30:00.000Z|inc_abc123" } { "error" : "invalid_member_token" } Error codes are machine-readable string identifiers, not numeric codes.
POST /v1/events returns a different shape:
{ "accepted" : 8 , "rejected" : 2 , "errors" : [ { "index" : 3 , "reason" : "invalid_event" }, { "index" : 7 , "reason" : "rate_limited" } ] } List endpoints use cursor-based pagination:
Parameter Type Default Description limitinteger20Page size (1–100) cursorstring— Opaque cursor from next_cursor in previous response
When more results exist, the response includes next_cursor. When no more results exist, next_cursor is null.
# First page curl -H "Authorization: Bearer dbundle_mem_xxx" \ "https://api.debugbundle.com/v1/incidents?limit=10" # Next page curl -H "Authorization: Bearer dbundle_mem_xxx" \ "https://api.debugbundle.com/v1/incidents?limit=10&cursor=2025-01-15T10:30:00.000Z|inc_abc123" Event ingestion is rate-limited per project token. The limit depends on your plan tier:
Tier Rate Limit Free 60 events/min Solo 300 events/min Team 1,000 events/min
When rate-limited, events are rejected with reason "rate_limited" in the errors array. The SDK automatically handles backoff.
Management endpoints (incidents, webhooks, tokens) are not rate-limited in the current version.
Code Meaning 200Success 201Resource created 204Success, no content 400Invalid request (malformed body, invalid query parameters) 401Authentication failed (missing, invalid, or wrong token type) 403Insufficient permissions (e.g., member trying owner-only operation) 404Resource not found 409Conflict (e.g., duplicate email at signup) 429Rate limited 500Internal server error
Method Path Auth Description POST/v1/eventsProject token Ingest event batch
Method Path Auth Description GET/v1/incidentsMember token List incidents GET/v1/incidents/:idMember token Get incident detail POST/v1/incidents/:id/resolveMember token Resolve an incident GET/v1/incidents/:id/bundleMember token Retrieve debug bundle GET/v1/incidents/:id/reproductionMember token Retrieve reproduction artifacts GET/v1/incidents/:id/logsMember token List event logs
Method Path Auth Description GET/v1/servicesMember token List services for a project
Method Path Auth Description GET/v1/webhooksMember token List webhooks POST/v1/webhooksMember token Create webhook GET/v1/webhooks/:idMember token Get webhook PATCH/v1/webhooks/:idMember token Update webhook DELETE/v1/webhooks/:idMember token Delete webhook POST/v1/webhooks/:id/testMember token Send test delivery GET/v1/webhooks/:id/deliveriesMember token List deliveries POST/v1/webhooks/:id/deliveries/:did/retryMember token Retry delivery
Method Path Auth Description GET/v1/alertsMember token List alert rules POST/v1/alertsMember token Create alert rule PATCH/v1/alerts/:idMember token Update alert rule DELETE/v1/alerts/:idMember token Delete alert rule
Method Path Auth Description GET/v1/tokens/project/:idMember token List project tokens POST/v1/tokens/project/:idMember token Create project token DELETE/v1/tokens/project/:id/:tokenIdMember token Revoke project token GET/v1/tokens/memberMember token List member tokens POST/v1/tokens/memberMember token Create member token DELETE/v1/tokens/member/:tokenIdMember token Revoke member token
Method Path Auth Description GET/v1/projectsMember token List projects POST/v1/projectsMember token Create project GET/v1/projects/:idMember token Get project PATCH/v1/projects/:idMember token Update project DELETE/v1/projects/:idMember token Delete project
Method Path Auth Description GET/v1/organization/membersMember token List members GET/v1/organization/members/invitesMember token List pending invites POST/v1/organization/members/inviteMember token Invite a member DELETE/v1/organization/members/invites/:inviteIdMember token Cancel an invite PATCH/v1/organization/members/:userIdMember token Update member role DELETE/v1/organization/members/:userIdMember token Remove a member
Method Path Auth Description GET/v1/billingMember token (owner) Get billing summary POST/v1/billing/capacity/increaseMember token (owner) Add capacity units POST/v1/billing/capacity/scheduled-reductionMember token (owner) Schedule capacity reduction DELETE/v1/billing/capacity/scheduled-reductionMember token (owner) Cancel pending reduction
Method Path Auth Description GET/v1/probes/configProject token Get probe config (SDK polls this) POST/v1/probes/activateMember token Activate a remote probe POST/v1/probes/deactivateMember token Deactivate a remote probe
Method Path Auth Description GET/v1/capture-policyMember token Get current capture policy PUT/v1/capture-policyMember token Set capture policy
Method Path Auth Description POST/v1/auth/request-codeNone Request a one-time email code POST/v1/auth/verify-codeNone Verify a one-time email code and create a browser session GET/v1/auth/sessionSession Resolve current browser session POST/v1/auth/logoutSession End session GET/v1/auth/github/startNone Start GitHub OAuth GET/v1/auth/github/callbackNone Complete GitHub OAuth