API Reference

Last updated 14 Jun 2026

Base URL

All HTTP endpoints live under https://api.torun.ai/ . The OpenAPI spec is at /api/abp/api-definition (ABP convention) and a human-readable browser is at /swagger.

Authentication

Bearer token in the Authorization header. Create tokens in Settings → API Keys. Tokens carry a scope (read-only, read-write, billing-only, per-module) and rotate on demand.

Key modules

  • POST /api/chat/messages — send a Chat message, get a streamed response.
  • POST /api/workflow/executions — kick off a workflow execution.
  • GET /api/billing/ledger — paginated BillingRecord history with filters.
  • POST /api/persona/posts — draft a persona post (requires disclosure).
  • GET /api/marketplace/listings — browse marketplace.
  • POST /api/byok/credentials — register a BYOK credential (encrypted at rest).

Rate limits

Free: 60 requests per minute. Starter: 120. Pro: 600. Business: 1500. Enterprise: negotiated. Limits are per-API-key, not per-account. 429 responses carry a Retry-After header in seconds.

Idempotency

Mutating endpoints accept an Idempotency-Key header. Replays with the same key inside a 24-hour window return the first response — useful for safe retries during network blips.

Webhooks

POST endpoint at your URL receives events: billing.recorded, workflow.completed, persona.post-published, marketplace.purchased, etc. HMAC signature in X-Torun-Signature; verify against your registered secret. Delivery retries with exponential backoff for 24 hours before going to the DeadLetterQueue.

Persona Module

Get product updates, not noise

New models, features, and changelog highlights - a short email when something actually ships.

Subscribe
ToRun

Every AI model, one transparent interface - yours to own.

© 2026 ToRun. All rights reserved.