Skip to main content

Documentation Index

Fetch the complete documentation index at: https://noradocs.solomontsao.com/llms.txt

Use this file to discover all available pages before exploring further.

The Nora REST API is a JSON-over-HTTP interface that lets you deploy agents, manage LLM providers, configure channels, and observe platform health programmatically. Every request must include a valid Bearer token in the Authorization header — except for the public health, config, and webhook endpoints listed below. All request and response bodies use application/json.

Base URL

The Nora API is served under the /api path of your Nora origin. In local mode this is: 
http://localhost:8080/api
If you configured a public domain, replace http://localhost:8080 with your origin — for example: 
https://app.example.com/api
All paths in this reference omit the /api prefix for brevity. When making real requests, include /api — for example http://localhost:8080/api/agents.

Authentication

All protected endpoints require a JWT in the Authorization header: 
Authorization: Bearer <token>
Obtain a token via POST /auth/login. Tokens are valid for 7 days. See the Authentication page for the full login flow.

Rate limiting

Two rate-limit tiers apply to every request:
TierLimitWindow
Global (all endpoints)1 000 requests15 minutes
Auth endpoints (/auth/*)20 requests15 minutes
When you exceed a limit the API returns 429 Too Many Requests with: 
{ "error": "Too many attempts, please try again later" }

Content type

All request bodies must be sent as JSON. Set the header on every mutating request: 
Content-Type: application/json

Public endpoints

These endpoints do not require authentication.

Health check

GET /health
Returns {"status":"ok"} once the server has finished its startup sequence (database migrations, catalog seeding). During startup it returns 503 with {"status":"starting"}. 
curl http://localhost:8080/api/health

{ "status": "ok" }

Platform config

GET /config/platform
Returns the platform mode and, in self-hosted deployments, the operator-configured resource limits.
mode
string
Platform mode. One of selfhosted or paas.
selfhosted
object | null
Resource limits when mode is not paas, otherwise null.
billingEnabled
boolean
Whether Stripe billing is active.

NemoClaw config

GET /config/nemoclaw
Returns the NemoClaw sandbox configuration for the current deployment.
enabled
boolean
Whether the NemoClaw sandbox is enabled on this server.
defaultModel
string
Default NVIDIA model identifier.
sandboxImage
string
OCI image used for NemoClaw sandboxes.
models
string[]
List of supported NVIDIA model identifiers.

Quick example

The following request authenticates and lists your agents: 
# 1. Get a token
TOKEN=$(curl -s -X POST http://localhost:8080/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"you@example.com","password":"yourpassword"}' \
  | jq -r .token)

# 2. Call a protected endpoint
curl http://localhost:8080/api/agents \
  -H "Authorization: Bearer $TOKEN"