DEVELOPER API · v1

BaskaMesaj API Dokumantasyonu

Mail gonderim, abone yonetimi, A/B test ve AI proxy. REST + JSON. API anahtarini editorden uretebilirsin - HMAC opsiyoneldir, varsayilan olarak tier'a gore scope ve rate limit otomatik uygulanir.

1. HIZLI BASLANGIC

Ilk Istegin (30 saniye)

API Base URL: https://api.340392.xyz/v1

Editor > Hesabim > Geliştirici API ile anahtar olusturdugunda gercek base URL gosterilir. Asagidaki orneklerdeki URL placeholder'dir; kendi anahtarinla beraber gelen base URL'i kullan.

API anahtarini elde edince Authorization: Bearer bms_live_... header'i ile cagri yap. /api_ping sana scope listesini doner.

curl -X POST "https://api.340392.xyz/v1/api_ping" \
  -H "Authorization: Bearer bms_live_..." \
  -H "Content-Type: application/json"

# Yanit:
# { "ok": true, "tier": "premium", "scopes": ["mail:send","subscribers:read","subscribers:write"] }
2. PAKETE GORE LIMITLER

Tier'a Gore API Politikasi

Server-side enforced - istek tier'in vermedigi bir scope'a yapilirsa sessizce reddedilir (403). Rate limit'i asarsan 429 + retry_after_s alirsin.

PaketAPIRate/snGunAnahtar limitScope'lar
FreeKapali----
StandartAcik5/sn1.0001mail:send
PremiumAcik30/sn50.0005mail:send, subscribers:*, lists:*, ab:run
EnterpriseAcik200/snSinirsizinf*
3. ENDPOINT'LER

Mevcut Endpoint'ler

POST/api_pingscope: herhangi

API Health Ping

Anahtarin gecerli mi + hangi scope'lar acik. Tani amacli; ucretsiz tier'larda da calisir.

curl ornegi
curl -X POST "https://api.340392.xyz/v1/api_ping" \
  -H "Authorization: Bearer bms_live_..." \
  -H "Content-Type: application/json" \
  -d '{}'

# Ornek yanit:
# { "ok": true, "scopes": ["mail:send","subscribers:read"], "tier": "premium" }
POST/subscribers_apiscope: subscribers:read | subscribers:write

Aboneler API

Liste/abone CRUD. action ile islem secilir: list_lists | create_list | add_subscribers | remove | update.

curl ornegi
curl -X POST "https://api.340392.xyz/v1/subscribers_api" \
  -H "Authorization: Bearer bms_live_..." \
  -H "Content-Type: application/json" \
  -d '{}'

# Ornek yanit:
# { "ok": true, "lists": [...] }
POST/api_ab_campaignscope: ab:run

A/B Test Kampanya

Aktif A/B testin istatistigi + kazanani ilan etme. Wilson score guven araligi.

curl ornegi
curl -X POST "https://api.340392.xyz/v1/api_ab_campaign" \
  -H "Authorization: Bearer bms_live_..." \
  -H "Content-Type: application/json" \
  -d '{}'

# Ornek yanit:
# { "ok": true, "campaign_ref": "...", "winner": "B", "lift_pct": 8.4 }
POST/api_ai_proxyscope: ai:proxy

AI Proxy (Claude)

Anthropic Claude'a proxy. Token tuketimi tenant kredisinden dusulur (ai-token kovasi).

curl ornegi
curl -X POST "https://api.340392.xyz/v1/api_ai_proxy" \
  -H "Authorization: Bearer bms_live_..." \
  -H "Content-Type: application/json" \
  -d '{}'

# Ornek yanit:
# { "ok": true, "completion": "...", "tokens_in": 12, "tokens_out": 96 }
4. EKSTRA GUVENLIK

HMAC Imza (Opsiyonel)

Anahtari kullanim sirasinda sizdirma riskine karsi ek koruma. Anahtarinla birlikte uretilen whsk_... secret ile istegin body'sini imzalarsin; ham anahtarin sizsa bile imzasiz istek reddedilir. Server +/-300 saniye timestamp toleransi uygular, imza karsilastirmasi sabit-zamandir.

# 1) Timestamp + body'yi HMAC ile imzala
TS=$(date +%s)
BODY='{"hello":"world"}'
SECRET="whsk_..."
SIG=$(printf '%s.%s' "$TS" "$BODY" | openssl dgst -sha256 -hmac "$SECRET" -hex | awk '{print $2}')

# 2) Istegi gonder
curl -X POST "https://api.340392.xyz/v1/api_ping" \
  -H "Authorization: Bearer bms_live_..." \
  -H "X-Bms-Signature: $TS.$SIG" \
  -H "Content-Type: application/json" \
  -d "$BODY"
5. HATA KODLARI

HTTP Yanitlari

KodAnlamNe yapmali
200BasariliYanit body'sini isle.
401YetkisizAnahtar yok / hatali / iptal. Yeni anahtar uret.
403Yasak (scope)Bu endpoint icin scope eksik veya tier'in vermedi. Pro'ya gec.
429Rate Limitretry_after_s kadar bekle + tekrar dene.
5xxSunucu HatasiExponential backoff ile 3 kez yeniden dene; calismazsa destek.

Yardim mi gerek?

Hata, scope sorusu veya yeni endpoint istegin icin destek ekibimize ulas.