Aelio
API Reference

HTTP Endpoints

REST API routes exposed by the Aelio server.

Public endpoints (no auth)

MethodPathPurpose
GET/healthLiveness probe
GET/readyReadiness (db, migrations, widget, sdk status)
GET/widget.jsServe widget IIFE bundle
GET/demo.htmlStatic demo page
GET/telemetryTelemetry dashboard HTML

Protected endpoints (Bearer AELIO_SDK_SECRET)

MethodPathPurpose
POST/auth/magic-linkIssue magic link for widget auth
GET/auth/verifyVerify magic link → session token
POST/proactiveSend proactive message
POST/proactive/opt-inSet customer proactive opt-in
GET/api/v1/telemetry/eventsSunjet conversation events
GET/api/v1/telemetry/turn-callsPer-turn LLM call records

Also accepts x-aelio-secret header.

WhatsApp webhooks

MethodPathAuthPurpose
GET/wa/webhookMeta verify tokenSubscription challenge
POST/wa/webhookHMAC signatureInbound WhatsApp messages

Test endpoints (AELIO_TEST_MODE=1)

MethodPathPurpose
GET/__test__/whatsapp/outboxMock WhatsApp sent messages
GET/__test__/sdk/functionsRegistered SDK function names
GET/diagnosticsMemory, paths, SDK catalog

Endpoint details

GET /health

{
  "status": "ok",
  "version": "0.1.0"
}

GET /ready

{
  "status": "ready",
  "checks": {
    "database": "ok",
    "migrations": "ok",
    "widget": "ok",
    "sdk": { "connected": true, "functions": 11 }
  }
}

POST /auth/magic-link

Request:

{
  "email": "user@example.com",
  "externalId": "user_abc123"
}

Response:

{
  "url": "https://your-server/auth/verify?token=..."
}

GET /auth/verify?token=...

Response:

{
  "customerId": "user_abc123",
  "externalId": "user_abc123",
  "email": "user@example.com",
  "sessionToken": "eyJ..."
}

POST /proactive

Request:

{
  "customerExternalId": "user_abc123",
  "channel": "web",
  "content": "Your order shipped!",
  "dedupKey": "ship-A123"
}

Response (success):

{ "accepted": true, "messageId": "msg_..." }

Response (blocked):

{ "accepted": false, "reason": "Customer has not opted in" }

POST /proactive/opt-in

Request:

{
  "customerExternalId": "user_abc123",
  "optIn": true
}

On this page