Skip to main content

API Reference

Welcome to the StateBase API reference. This documentation covers all REST endpoints for building production-ready AI agents with state management, memory, and complete audit trails.

Base URL

All API requests must use HTTPS. HTTP requests will be redirected.

Authentication

StateBase uses API keys for authentication. Include your API key in the X-API-Key header:

Getting Your API Key

  1. Sign up at app.statebase.org
  2. Navigate to Settings → API Keys
  3. Click Create New Key
  4. Copy and store securely (keys are only shown once)

API Key Format

Security: Never commit API keys to version control. Use environment variables:

SDKs

We provide official SDKs for Python and TypeScript:

SDK Usage


Core Concepts

StateBase is built on four core primitives:

1. Sessions

Containers for agent conversations. Each session has:
  • Unique ID
  • Mutable state (JSON object)
  • TTL (time-to-live)
  • Associated memories and turns
Use case: One session per conversation thread. → Sessions API Reference

2. Turns

Individual interactions between user and agent. Each turn captures:
  • User input
  • Agent output
  • Reasoning (why the agent made this decision)
  • State snapshots (before/after)
Use case: Log every conversation exchange for debugging and analytics. → Turns API Reference

3. Memory

Long-term knowledge that persists across sessions. Memories are:
  • Searchable via semantic similarity
  • Tagged and categorized
  • User-scoped or global
Use case: Store user preferences, facts, and policies. → Memory API Reference

4. Traces

Audit trail of all operations. Every API call creates a trace with:
  • Action type
  • Actor (who made the change)
  • Timestamp
  • Details (what changed)
Use case: Debugging, compliance, and analytics. → Traces API Reference

Request Format

All POST, PATCH, and PUT requests must use JSON:

Response Format

All responses are JSON with a consistent structure:

Success Response

List Response

Error Response


Error Codes


Rate Limits

Rate limits are applied per API key:

Rate Limit Headers

Every response includes rate limit information:

Handling Rate Limits

When you exceed the rate limit, you’ll receive a 429 response:
Best practice: Implement exponential backoff:

Pagination

List endpoints support cursor-based pagination:

Pagination Parameters

Pagination Response


Idempotency

To safely retry requests without duplicating operations, use idempotency keys:
How it works:
  • If request succeeds, response is cached for 24 hours
  • If you retry with same key, cached response is returned
  • No duplicate sessions are created
Supported endpoints: All POST and PATCH endpoints

Webhooks

Subscribe to real-time events:
Configure in Dashboard → Webhooks.

Webhook Payload

Verifying Webhooks

Verify webhook signatures to ensure they’re from StateBase:

Versioning

The API is versioned via the URL path:
Current version: v1 Breaking changes: We’ll release new versions (v2, v3) for breaking changes. Old versions are supported for 12 months after deprecation.

Data Residency

Choose where your data is stored: Configure in Dashboard → Settings.

Support


Quick Start

Here’s a complete example to get you started:

Next Steps


Ready to build? Start with the Quickstart Guide or explore the Patterns section for production-ready examples.