Public API

Create a token from your settings page. You'll see the raw pat_… value exactly once — store it somewhere safe. Each request must carry it in the Authorization header:

curl -H "Authorization: Bearer pat_…" \
  http://localhost:3000/api/v2/me

• GET/api/v2/mescope: read:profile

  Your basic profile.

• GET/api/v2/event-typesscope: read:event-types

  Your event types.

• GET/api/v2/availability?eventTypeId=…&from=…&to=…&duration=…&tz=…scope: read:availability

  Bookable slots for an event type. Window must be ≤ 31 days.

• GET/api/v2/bookings?status=active&from=…&to=…&limit=50&cursor=…scope: read:bookings

  Your bookings, newest first. Pass nextCursor back as the cursor for paging.

• POST/api/v2/bookingsscope: write:bookings

  Create a booking on one of your event types. Same body shape as the public /api/bookings endpoint.

• DELETE/api/v2/bookings/{id}?reason=…scope: write:bookings

  Cancel a booking you own. Idempotent.

Every error is JSON with at least a title and message:

{
  "title": "Unauthorized",
  "message": "Invalid or unknown access token."
}

• 401 — missing or bad token, or the token was revoked
• 403 — the token doesn't carry the required scope
• 404 — the resource doesn't exist or you don't own it
• 429 — token over 600 req/min