Platform
Logs & API
API logs (every backend hit, request + response + latency), webhook tester with SSRF guard, OpenAPI spec, request-id search.
Features
- **Scoped API keys** — `pk_*` public + `sk_*` secret, per-project mandatory, auto-mint on project create.
- **Live event inspector** — every API call lands in <2s for debugging, filter by endpoint / key / status.
- **Webhook debugger** — replay deliveries, see payload + headers + response body, retry on demand.
- **Sandbox orgs** for safe integration testing — no impact on production data.
- **Stale-key triage** — UNUSED + STALE chips on keys that haven't seen traffic.
- **OpenAPI 1.9+** at `/docs/openapi` with Scalar try-it-out across every endpoint.
- **`/me` introspection** for API-key auth (kind / scopes / env / orgId / projectId / lastUsedAt).
- **Five typed SDKs** — Web, SSR (Next.js / Remix / SvelteKit), RN, iOS (SwiftPM), Android (JitPack).
Common use cases
- Shipping integrations fast — typed SDK + OpenAPI + sandbox + live inspector is one tab away.
- Debugging webhook failures with full payload / headers / response visibility + one-click replay.
- Testing safely against sandbox orgs that mirror prod schemas without prod data.
Developer tools
Fetch the OpenAPI spec
FREEPublic, unauthenticated. Drop into Swagger UI / Postman / your favourite codegen tool. Versioned in the `info` block; covers every SDK + customer-facing route.
curl "https://api.sendoracloud.com/api/v1/docs/openapi.json"Stream API request logs
FREEPer-request method + path + status + latency + body size. Filterable by status code, method, time range. Useful for debugging customer integrations.
curl "https://api.sendoracloud.com/api/v1/orgs/<ORG_ID>/dev-tools/api-logs?status=4xx&from=2026-05-01" \
-H "x-api-key: pk_prod_…"Validate the spec against shipped code
FREECI gate. The `openapi-drift.test.ts` suite walks every route file and asserts the OpenAPI document matches what the server actually serves.
# Run as part of CI:
cd apps/backend && npm test -- --run openapi-drift