Documentation

The aptrouter Search API returns one verbatim, source-cited sentence per query — or nothing at all. Token-lean, prepaid, and built so your agents never cite something that doesn't exist.

~5 minutes · zero to a cited result

Zero to your first call

Four steps, a handful of clicks. Billing is prepaid — you add credits, then spend $0.005 per search.

01

Sign in

Create your account with GitHub or an email link.

Sign in →

02

Mint a key

Generate a sk_live_ key in the dashboard. Shown once.

Dashboard ↗

03

Top up

Add prepaid credits. Calls return 402 at zero balance.

Add credits ↗

04

First call

Send one POST /v1/search and read the cited result.

Built for agents

Point your coding agent or LLM at the whole documentation as one Markdown file — the llms.txt convention. No scraping, no fabricated endpoints.

docs.aptrouter.com/llms.txt

A structured index, plus the entire docs inlined for ingestion.

Download

Explore the docs

Quickstart

Go from zero to a cited result in three steps. You'll authenticate, send one /v1/search call, and read a verbatim, source-cited response.

1 · Get your API key

Create a key in your dashboard. It's shown once — store it as an environment variable, never in source.

export APT_KEY="sk_live_8f2c...a41d7"

2 · Make your first request

Send a query with your key in the Authorization header. The optional X-Token-Budget header caps response size.

POST /v1/search cURL

curl https://api.aptrouter.com/v1/search \ -H "Authorization: Bearer $APT_KEY" \ -H "X-Token-Budget: 120" \ -d '{ "query": "EU AI Act high-risk obligations" }'

POST /v1/search python

import requests, os r = requests.post( "https://api.aptrouter.com/v1/search", headers={ "Authorization": f"Bearer {os.environ['APT_KEY']}", "X-Token-Budget": "120" }, json={"query": "EU AI Act high-risk obligations"} ) print(r.json())

POST /v1/search node

const res = await fetch("https://api.aptrouter.com/v1/search", { method: "POST", headers: { Authorization: `Bearer ${process.env.APT_KEY}`, "X-Token-Budget": "120" }, body: JSON.stringify({ query: "EU AI Act high-risk obligations" }) }); console.log(await res.json());

3 · Read the response

You get a verbatim quote, a traceable source, the tokens spent, and a fabricated_citations count that is always zero.

200 OK json

{ "quote": "High-risk AI systems shall be designed and developed...", "source": "eur-lex.europa.eu · AI-Act · Art.14", "tokens": 74, "fabricated_citations": 0 }

That's it — every claim your agent makes can now point at a quoted, dated source. Next, lock down

Authentication

Every request is authenticated with a secret key in a Bearer header. Keys are environment-scoped (live/test) and shown exactly once at creation.

Authorization: Bearer sk_live_8f2c...a41d7

Rotating a key

Mint a new key in the dashboard, deploy it, then revoke the old one. Revocation is immediate. Never embed a key in client-side code or a public repo — treat it like a database password.

A missing or bad key

Unauthenticated requests return 401 with a machine-readable reason, never a partial result.

401 Unauthorized json

{ "error": "invalid_key", "message": "No live key matches this token." }

Your first query

A query is a natural-language question. The API retrieves the single best-supported sentence from a dated, allowlisted source and returns it verbatim with its identifier.

POST /v1/search cURL

curl https://api.aptrouter.com/v1/search \ -H "Authorization: Bearer $APT_KEY" \ -d '{ "query": "What triggers GDPR breach notification?" }'

What you control

query is required. X-Token-Budget trims the payload; region pins retrieval to us-east or eu-west. Everything else is inferred.

Each successful call costs 1 credit ($0.005). An empty result — no confident match — costs nothing.

Token budgets

Agents pay per token downstream, so responses are tiny by default and you can make them tinier. The X-Token-Budget header caps the serialized response; the API drops optional fields before it ever exceeds your budget.

request header

X-Token-Budget: 80 # quote + source + counts only — drops published, score, region

A typical cited result lands near ~74 tokens versus ~480 for a scraped page. Set a budget and the number is a ceiling, not a hope.

Handling empty results

When no source supports a confident answer, you get an empty result — never a plausible guess. This is the whole point: silence beats a fabricated citation.

200 OK · empty json

{ "quote": null, "source": null, "fabricated_citations": 0 }

Handle it explicitly in your agent: if quote is null, fall back to asking for clarification or widening the query — don't let the model fill the gap.

Citations & sources

A citation is three fields: the verbatim quote, a stable source identifier, and the published date. The quote is checked to exist as a contiguous span in the source before the response is built.

quote

The evidence sentence, character-for-character from the source. Never rewritten.

source

A resolvable identifier — domain, document, and section — your auditor can follow.

published

ISO date the source was published, so you can reason about recency.

POST /v1/search

Retrieve one verbatim, cited result for a query. application/json in and out. Costs 1 credit ($0.005) on a non-empty result.

Request body

query *

string — the natural-language question to ground.

region

string — us-east | eu-west. Defaults to nearest edge.

max_age_days

integer — only return sources published within this window.

Response

quote

string | null — verbatim evidence sentence.

source

string | null — citation identifier.

tokens

integer — tokens in this response.

fabricated_citations

integer — always 0, by architecture.

Errors

Errors are JSON with a stable error code and a human message. A failed request never returns a partial or fabricated result.

400

invalid_request — malformed body or missing query.

401

invalid_key — missing, revoked, or wrong-environment key.

402

insufficient_balance — prepaid balance is zero. Top up to resume; nothing is billed.

429

rate_limited — over your per-key requests-per-second limit. Retry after backoff.

5xx

retryable — transient; retry with backoff. Not billed.

Rate limits & balance

Each key has a per-second request limit to protect the gateway, and a prepaid credit balance you spend down. Both surface in response headers so you can react before a request is refused.

response headers http

X-RateLimit-Limit: 60 X-RateLimit-Remaining: 58 X-Credits-Remaining: 6520

Exceed the per-second limit and calls return 429 — retry after a short backoff. When your prepaid balance reaches zero, calls return 402 until you top up. No plans, no monthly quota, no overage — you only spend what you've added.