Abundera QR Check/ Developer Documentation

Developer documentation

REST API for the Abundera QR Check QR / barcode safety classification service. Submit a decoded payload, get back a chain-walked verdict.

API specification

The Abundera QR Check API follows OpenAPI 3.1. Browse the interactive reference, download the spec, or import it into your preferred API client.

Interactive API reference →
Every endpoint with request/response schemas, parameters, and try-it-now in your browser. Powered by Scalar.
OpenAPI 3.1 (YAML)
Full specification with schemas, descriptions, and examples. Best for documentation generators.
OpenAPI 3.1 (JSON)
Same specification in JSON. Best for programmatic consumption and tooling.
Postman Collection v2.1
Import into Postman or Insomnia. Pre-configured with {{base_url}} and {{token}} variables.

Authentication

The public POST /api/scan endpoint is anonymous-tier rate-limited (10 requests per minute burst, 3 per 24 hours, per IP). A paid Pro tier, coming with the Founding Member launch, bypasses anonymous limits when an API key is presented as a bearer token:

Authorization: Bearer sk_live_abnd_check_…

API keys are minted on subscription and managed at abundera.ai/account/api-keys. Validation is federated to the hub and cached in KV for 60 seconds.

Base URL & format

Base URL: https://check.qr.abundera.ai

Request format: JSON (Content-Type: application/json).

Response format: JSON (application/json; charset=utf-8). Responses carry a schema_version field.

Quick example

curl -X POST https://check.qr.abundera.ai/api/scan \
  -H "Content-Type: application/json" \
  -d '{"payload":"https://example.com/login"}'

Discovery (well-known)

Auto-discovery endpoints under /.well-known/ (RFC 8615). Browse the human index, or fetch directly:

/.well-known/ index →
Human-readable list of every well-known URI this site publishes.
Capabilities
Scopes, rate-limit tiers, API surface. Aggregated by the hub's federated UIs.
QR safety policy
Check's verdict schema, supported formats, reputation feeds, privacy posture.
Family API catalog →
RFC 9727 Linkset on the hub enumerating every Abundera API.

Related

Coverage & supported formats
Every QR / barcode format and payload type the scanner recognizes.
Pricing
Free vs. Pro tier, founding-member offer, and rate-limit details.
Security architecture
How payloads are processed, what's cached, and the QR-17/18 privacy posture.