Skip to main content

Introduction

The Discord Webhook Manager API is built on Laravel and uses session-based authentication with Laravel Sanctum. All API endpoints are protected and require authentication.

Base URL

All API endpoints are relative to your application’s base URL: 
https://your-domain.com/

Authentication

The application uses Laravel Sanctum for API authentication with session-based cookies. All requests must include:
X-CSRF-TOKEN
string
required
CSRF token obtained from the application session
Cookie
string
required
Session cookie containing authentication credentials

Authentication Flow

  1. Login through the web interface or authentication endpoint
  2. Receive session cookie and CSRF token
  3. Include both in subsequent API requests
  4. All routes require auth and verified middleware
fetch('/api/webhooks', {
  method: 'GET',
  headers: {
    'X-CSRF-TOKEN': document.querySelector('meta[name="csrf-token"]').content,
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  },
  credentials: 'include'
})

Rate Limiting

Certain endpoints have rate limiting applied:
  • AI Generation: 10 requests per minute per user
  • Standard endpoints: Laravel’s default rate limiting applies

Response Format

All responses follow standard HTTP status codes:
success
boolean
Indicates if the request was successful
data
object
Contains the response payload
message
string
Human-readable message about the operation

Success Response

{
  "success": true,
  "data": {
    // Response data
  },
  "message": "Operation completed successfully"
}

Error Response

{
  "success": false,
  "message": "Error description",
  "errors": {
    "field_name": [
      "Validation error message"
    ]
  }
}

Common HTTP Status Codes

Status CodeMeaning
200OK - Request succeeded
201Created - Resource created successfully
302Redirect - Successful action with redirect
401Unauthorized - Authentication required
403Forbidden - Insufficient permissions
404Not Found - Resource doesn’t exist
422Unprocessable Entity - Validation failed
429Too Many Requests - Rate limit exceeded
500Server Error - Internal server error

Permissions & Authorization

The application uses Laravel Policies for authorization:
  • Owner: Full access to all operations
  • Collaborators: Limited access based on permission level
    • view: Read-only access
    • send: Can send messages
    • edit: Can modify resources

Pagination

List endpoints support pagination:
page
integer
default:"1"
Page number to retrieve
per_page
integer
default:"20"
Number of items per page (max 100)
Paginated Response
{
  "data": [...],
  "current_page": 1,
  "per_page": 20,
  "total": 150,
  "last_page": 8,
  "next_page_url": "https://your-domain.com/api?page=2",
  "prev_page_url": null
}

Variables & Dynamic Content

The application supports dynamic variables in message content:
  • {user.name} - Current user’s name
  • {user.email} - Current user’s email
  • {webhook.name} - Webhook name
  • {date} - Current date
  • {time} - Current time
  • {datetime} - Current date and time
Variables are automatically replaced when messages are sent.

Best Practices

Always validate Discord webhook URLs before storing them. Use the /webhooks/validate endpoint to verify URLs with Discord’s API.
Files must be uploaded as multipart/form-data with a maximum size of 10MB per file. Supported formats: jpg, jpeg, png, gif, webp, mp4, mov, avi.
  • Maximum 2000 characters for message content
  • Maximum 10 embeds per message
  • Maximum 256 characters for embed titles
  • Maximum 4096 characters for embed descriptions
  • Maximum 25 fields per embed
Always check response status codes and handle errors gracefully. Validation errors return detailed field-level error messages.

Next Steps

Webhooks API

Manage Discord webhooks

Messages API

Send messages to Discord

Templates API

Create and manage templates

Scheduled Messages

Schedule recurring messages

Build docs developers (and LLMs) love

Get started for freeTalk to us