Zapnoty — Project management

API Documentation

REST API for notifications via Telegram and Max. Subscribers, OTP, broadcasts, forms, helpdesk.

Management API

API for managing templates, permissions, tags, and webhook. All endpoints require a Bearer token.

Templates

GET /v1/templates — list templates
POST /v1/templates — create template (key, text, format?)
PUT /v1/templates/{key} — update template (text?, format?)
DELETE /v1/templates/{key} — delete template

Permissions

GET /v1/permissions — list permissions
POST /v1/permissions — create (key, title, description?, required?)
PUT /v1/permissions/{key} — update (title?, description?, required?)

Deleting permissions is only available in the dashboard.

Tags

GET /v1/tags — list project tags
POST /v1/tags — create tag (name)
PUT /v1/tags/{name} — rename tag (new_name)
DELETE /v1/tags/{name} — delete tag (also removed from all subscribers)

Allowed characters: letters, numbers, - and _. Maximum 20 tags.

Sender settings

Project sender settings — sender name and description (message signature), OTP template, subscribe/unsubscribe auto-messages, authorization texts (message + button). Managed via API or the dashboard (Overview → Notifications or Settings → Notifications).

Signature format: text\n\n— Name\nDescription

Logo: uploaded via dashboard, resized to 256×256 PNG.

GET /v1/sender — get settings
PUT /v1/sender — update settings

Fields: sender_name, sender_description, otp_template, subscribe_message, unsubscribe_message ({"ru":"...","en":"..."}), subscribe_message_enabled, unsubscribe_message_enabled (boolean), auth_text (multilingual, must contain {{url}}, ≤500 chars), auth_button_text (multilingual, ≤32 chars). All fields are optional. Auto-messages and authorization texts are multilingual (RU/EN); when an auto-message flag is disabled, default text is sent.

OTP template

Custom OTP message template. Must contain {{code}}. You can also use {{minutes}} for expiry time.

Example: Your verification code: {{code}}. Valid for {{minutes}} min.

Webhook

GET /v1/webhooks — list webhook endpoints (up to 5 per project)
POST /v1/webhooks — create an endpoint (url, events?[], description?)
PUT/DELETE /v1/webhooks/{id} — update or delete an endpoint
POST /v1/webhooks/{id}/rotate-secret — rotate the secret

Empty events — subscribe to all events. The secret is returned once on creation and rotation. See the Webhooks section for details.

API vs Dashboard

What you can automate via REST API and what is only available in the dashboard.

Available via API

Send notifications — POST /v1/send (personal, by subscriber_id, with media, buttons, templates)

Batch send — POST /v1/send/batch (bulk send to a list of recipients)

OTP codes — POST /v1/otp/send and /v1/otp/verify

Mass broadcasts — POST /v1/broadcast, GET /v1/broadcast/:job_id

Subscribers — GET /v1/subscribers, PUT /v1/subscribers/:id/tags

Templates — full CRUD: GET/POST /v1/templates, PUT/DELETE /v1/templates/{key}

Permissions — GET/POST /v1/permissions, PUT /v1/permissions/{key}

Tags — full CRUD: GET/POST /v1/tags, PUT/DELETE /v1/tags/{name}

Scheduler — delayed messages, drip chains, recurring broadcasts: CRUD /v1/scheduled, /v1/drip-chains, /v1/recurring

Events — POST /v1/events/track (triggers for event-drip chains)

Webhook — CRUD endpoints /v1/webhooks, rotation /v1/webhooks/{id}/rotate-secret

Bot Auth — GET /v1/auth/link, POST /v1/auth/session, POST /v1/auth/verify, GET session status

Helpdesk — create tickets, reply, change status, assign, set priority, ticket types

Helpdesk config — PUT /v1/helpdesk/settings (enable, SLA, CSAT), GET /v1/helpdesk/sla, CRUD for ticket types, canned responses and routing rules

Forms — GET/POST /v1/forms, CRUD for forms and delivery routes, reading submissions GET /v1/forms/{id}/submissions

Sender settings — GET/PUT /v1/sender (sender name & description, OTP template, subscribe/unsubscribe auto-messages, authorization texts: message + button)

Custom Bots — commands & branding: /v1/custom-bot-commands, /v1/custom-settings (welcome, accent color)

Audit log — GET /v1/audit

Dashboard only

Create project — registration and project creation only via UI

API key — generate and regenerate key (requires OTP confirmation)

Delete project — with OTP confirmation via messenger

Custom Bots — connecting your own bot (entering the token). Commands and branding are available via the API

Team — managing members, roles, project transfer

Logo — upload and delete project logo

Auth settings — callback URL, origin URL, authorization button text

Delete permissions — DELETE permissions is only available in the dashboard

Analytics — project stats, delivery log, broadcast analytics

QR codes — generate subscription QR codes with styles and logo

The list above applies to the live key zn_live_ — it has full access to all /v1/* endpoints. The test key zn_test_ is scoped: read (GET) and runtime operations in the sandbox (send, OTP, broadcast, simulate-event), while any request that changes project settings is rejected with a 403 — settings are configured with the live key (see the «Testing» section). The same set of operations is available to AI agents via the MCP server (see the «MCP server» section). The dashboard works via a JWT session after OAuth (Yandex/VK).

Related sections

Subscribers and tags
List retrieval, tag management, channel/segment filtering.
Subscriber permissions
Permissions — subscriber consent types: create, opt-out, broadcast filter.
Testing your integration
How to test the integration: test keys, dry-run, preview, webhook checks.