All endpoints require a Bearer token in the Authorization header. Your account UUID is part of the URL path.
Base URL: https://api.mecanik.dev/v1/client/{uuid}/tools
curl -X POST https://api.mecanik.dev/v1/client/YOUR_UUID/tools/security-headers \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'
Create a free account at members.mecanik.dev. You receive 100 free credits, no card required.
In the members portal, copy your Account UUID from the Dashboard and create a Bearer token on the Security page.
Call any endpoint at https://api.mecanik.dev/v1/client/{uuid}/tools/{endpoint}. Credits are deducted per call.
curl -X POST https://api.mecanik.dev/v1/client/YOUR_UUID/tools/security-headers \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ -d '{"url": "https://example.com"}'
// SDK: npm i @mecanik-dev/api import { MecanikClient } from '@mecanik-dev/api'; const mecanik = new MecanikClient({ accountId: 'YOUR_UUID', token: 'YOUR_TOKEN' }); const result = await mecanik.tools.securityHeaders({ url: 'https://example.com' }); console.log(result.grade, result.score); // Or with plain fetch: const res = await fetch('https://api.mecanik.dev/v1/client/YOUR_UUID/tools/security-headers', { method: 'POST', headers: { 'Authorization': 'Bearer YOUR_TOKEN', 'Content-Type': 'application/json' }, body: JSON.stringify({ url: 'https://example.com' }) }); const data = await res.json();
# SDK: pip install mecanik-api from mecanik_api import MecanikClient mecanik = MecanikClient(account_id="YOUR_UUID", token="YOUR_TOKEN") result = mecanik.tools.security_headers(url="https://example.com") print(result["grade"], result["score"]) # Or with requests: import requests res = requests.post( "https://api.mecanik.dev/v1/client/YOUR_UUID/tools/security-headers", headers={"Authorization": "Bearer YOUR_TOKEN"}, json={"url": "https://example.com"}, ) data = res.json()
npm i @mecanik-dev/api · pip install mecanik-api
OpenAPI spec: openapi.json
Postman: collection
/tools/ai-code-review
AI Code Review
Analyze a code snippet for security vulnerabilities, bugs, performance issues, and best practices. Returns structured findings with severity ratings and a quality score. Powered by LLM (max 4 000 chars input, 10 calls/day per user).
Full URL/v1/client/{uuid}/tools/ai-code-review
{ "code": "const secret = \"hardcoded123\";\napp.get(\"/admin\", (req, res) => {\n res.send(db.query(\`SELECT * FROM users WHERE id = ${req.query.id}\`));\n});", "language": "javascript" }{
"result": {
"language": "javascript",
"analysis": {
"issues": [
{
"severity": "critical",
"category": "security",
"line": "1",
"description": "Hardcoded secret in source code",
"fix": "Use environment variables: process.env.SECRET"
},
{
"severity": "critical",
"category": "security",
"line": "3",
"description": "SQL injection via string interpolation",
"fix": "Use parameterized queries: db.query('SELECT * FROM users WHERE id = ?', [req.query.id])"
}
],
"summary": "Critical security issues detected: hardcoded credentials and SQL injection vulnerability.",
"score": 15
},
"input_length": 142,
"analyzed_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/ai-content-summarize
AI Content Summarizer
Summarize any text content into a concise overview with key points, keywords, tone analysis, and estimated reading time. Great for processing articles, documentation, or marketing copy. Powered by LLM (max 4 000 chars, 10 calls/day per user).
Full URL/v1/client/{uuid}/tools/ai-content-summarize
{ "text": "Cloudflare Workers provides a serverless execution environment that allows you to create new applications or augment existing ones without configuring or maintaining infrastructure. Your Worker code is deployed to the Cloudflare global network of data centers..." }{
"result": {
"analysis": {
"summary": "Cloudflare Workers is a serverless platform for deploying applications across Cloudflare's global network without managing infrastructure.",
"key_points": [
"Serverless execution environment",
"No infrastructure configuration needed",
"Deployed globally across Cloudflare data centers"
],
"keywords": ["cloudflare", "workers", "serverless", "infrastructure", "deployment"],
"word_count": 38,
"reading_time_seconds": 12,
"tone": "technical"
},
"input_length": 248,
"summarized_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/ai-seo-generate
AI SEO Tag Generator
Generate optimized SEO meta tags from page content: title tag, meta description, Open Graph tags, keywords, H1 suggestion, slug, and actionable SEO tips. Pair with the SEO Analyzer for a complete workflow. Powered by LLM (max 4 000 chars, 10 calls/day per user).
Full URL/v1/client/{uuid}/tools/ai-seo-generate
{ "content": "Learn how to secure your web applications with HTTP security headers including Content-Security-Policy, HSTS, X-Frame-Options and more. This comprehensive guide covers implementation for Apache, Nginx and Cloudflare.", "url": "https://example.com/blog/security-headers-guide" }{
"result": {
"url": "https://example.com/blog/security-headers-guide",
"seo": {
"title": "HTTP Security Headers Guide: CSP, HSTS & More | Example.com",
"meta_description": "Master HTTP security headers with our complete guide. Learn to implement CSP, HSTS, X-Frame-Options on Apache, Nginx & Cloudflare. Protect your web apps today.",
"og_title": "Complete Guide to HTTP Security Headers",
"og_description": "Comprehensive guide to implementing Content-Security-Policy, HSTS, X-Frame-Options and other critical HTTP security headers.",
"keywords": ["security headers", "CSP", "HSTS", "X-Frame-Options", "web security", "Cloudflare"],
"h1_suggestion": "The Complete Guide to HTTP Security Headers",
"slug_suggestion": "http-security-headers-complete-guide",
"content_type": "article",
"seo_tips": [
"Add structured data (HowTo or Article schema) for rich snippets",
"Include an FAQ section targeting 'how to add security headers'",
"Add internal links to related security tool pages"
]
},
"input_length": 264,
"generated_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/ai-translate
AI Translator
Translate text into a target language, auto-detecting the source. Returns translation, detected source language, and notes. Powered by Llama 4 Scout (max 5,000 chars input).
Full URL/v1/client/{uuid}/tools/ai-translate
{ "text": "Good morning, how can I help you?", "target_language": "Japanese" }{
"result": {
"target_language": "Japanese",
"translation": { "translation": "おはようございます...", "detected_source_language": "en", "notes": "" }
},
"success": true,
"errors": []
}/tools/ai-extract
AI Structured Data Extraction
Extract structured data from unstructured text. Optionally pass "fields" (array) or a "schema" example to control output; otherwise common entities are auto-extracted. Llama 3.1 8B (max 6,000 chars).
Full URL/v1/client/{uuid}/tools/ai-extract
{ "text": "Jane Roe, jane@acme.io, signed on 2026-02-01.", "fields": ["name", "email", "date"] }{
"result": {
"data": { "name": "Jane Roe", "email": "jane@acme.io", "date": "2026-02-01" }
},
"success": true,
"errors": []
}/tools/ai-moderation
AI Content Moderation
Classify text against safety categories (hate, harassment, violence, sexual, self-harm, illicit, spam) with per-category scores and an allow/review/block verdict. Llama 3.1 8B (max 4,000 chars).
Full URL/v1/client/{uuid}/tools/ai-moderation
{ "text": "You are amazing, thanks for the help!" }{
"result": {
"moderation": { "flagged": false, "verdict": "allow", "categories": { "hate": false }, "reason": "Friendly message." }
},
"success": true,
"errors": []
}/tools/ai-alt-text
AI Alt-Text Generator
Generate accessibility alt text and a longer description for an image. Accepts "image_url" or "image_base64". Uses a vision model (max 5 MB image).
Full URL/v1/client/{uuid}/tools/ai-alt-text
{ "image_url": "https://example.com/sunset.jpg" }{
"result": {
"source": "url",
"alt": { "alt_text": "A sunset over the ocean", "description": "The sun sets...", "is_decorative": false }
},
"success": true,
"errors": []
}/tools/ai-chat
AI Chat / Completion
General-purpose chat completion. Send a "messages" array ([{role, content}]) or a single "prompt". Optional "system", "max_tokens" (≤2048), "temperature". Llama 4 Scout (max 8,000 chars input).
Full URL/v1/client/{uuid}/tools/ai-chat
{ "prompt": "Write a haiku about APIs.", "temperature": 0.7 }{
"result": {
"response": "Endpoints awaken...",
"model": "@cf/meta/llama-4-scout-17b-16e-instruct",
"message_count": 1
},
"success": true,
"errors": []
}/tools/ai-image-generate
AI Image Generator
Generate an image from a text prompt, returned as a base64 data URL (JPEG). Optional "steps" (1-8, default 4). Powered by Flux 1 Schnell.
Full URL/v1/client/{uuid}/tools/ai-image-generate
{ "prompt": "a cyberpunk fox, neon city, digital art", "steps": 4 }{
"result": {
"model": "@cf/black-forest-labs/flux-1-schnell",
"steps": 4,
"image": "data:image/jpeg;base64,/9j/4AAQ..."
},
"success": true,
"errors": []
}/tools/security-headers
Security Headers Scanner
Analyze any URL's HTTP security headers (HSTS, CSP, X-Frame-Options, Permissions-Policy, and more). Returns a letter grade (A+ to F) and actionable recommendations.
Full URL/v1/client/{uuid}/tools/security-headers
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com",
"grade": "B",
"score": 70,
"headers": [
{
"header": "Strict-Transport-Security",
"present": true,
"value": "max-age=31536000; includeSubDomains",
"rating": "good",
"recommendation": ""
}
],
"scanned_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/tls-check
SSL/TLS Checker
Verify SSL/TLS configuration, HSTS enforcement, HTTP-to-HTTPS redirect, and TLS version for any hostname.
Full URL/v1/client/{uuid}/tools/tls-check
{ "host": "example.com", "port": 443 }{
"result": {
"host": "example.com",
"port": 443,
"protocol": "HTTPS",
"tls_version": "TLSv1.3",
"grade": "A",
"issues": [],
"scanned_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/tech-detect
Technology Detector
Detect the tech stack behind any website: CMS, frameworks, CDN, analytics, and 35+ technology signatures.
Full URL/v1/client/{uuid}/tools/tech-detect
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com",
"technologies": [
{ "name": "Cloudflare", "category": "CDN" },
{ "name": "Next.js", "category": "Framework" }
],
"count": 2,
"scanned_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/seo-analyze
SEO Analyzer
Analyze meta tags, Open Graph, structured data, canonical URL, robots directives, and 15+ on-page SEO factors with a score.
Full URL/v1/client/{uuid}/tools/seo-analyze
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com",
"grade": "A",
"score": 85,
"findings": [
{ "name": "title", "content": "Example Domain", "status": "good", "recommendation": "" }
],
"scanned_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/dns-lookup
DNS Lookup
Query A, AAAA, MX, TXT, CNAME, NS, SOA, SRV, and CAA records via Cloudflare DNS-over-HTTPS.
Full URL/v1/client/{uuid}/tools/dns-lookup
{ "domain": "example.com", "types": ["A", "MX", "TXT"] }{
"result": {
"domain": "example.com",
"records": {
"A": [{ "type": "A", "name": "example.com.", "data": "93.184.216.34", "ttl": 3600 }],
"MX": [],
"TXT": []
},
"queried_types": ["A", "MX", "TXT"],
"scanned_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/openapi-validate
OpenAPI / Swagger Validator
Validate an OpenAPI 3.x or Swagger 2.0 spec (JSON or YAML) supplied inline via "spec" or fetched from "url". Returns detected version, validity, structured errors and warnings, and counts (paths, operations, schemas, tags, servers). Pass a "previous" spec to also receive a breaking-change diff.
Full URL/v1/client/{uuid}/tools/openapi-validate
{ "url": "https://petstore3.swagger.io/api/v3/openapi.json" }{
"result": {
"source": "url",
"format": "json",
"version": "OpenAPI 3.0.2",
"valid": true,
"error_count": 0,
"warning_count": 2,
"errors": [],
"warnings": [
{ "path": "/paths/user/get", "message": "Operation has no operationId (recommended for codegen)." }
],
"stats": {
"paths": 13,
"operations": 19,
"operations_by_method": { "GET": 8, "POST": 7, "PUT": 2, "DELETE": 2 },
"schemas": 6,
"servers": 1,
"has_security": true
},
"title": "Swagger Petstore - OpenAPI 3.0",
"api_version": "1.0.19"
},
"success": true,
"errors": []
}/tools/subdomain-finder
Subdomain Finder
Passive subdomain enumeration via Certificate Transparency logs (crt.sh). Returns unique subdomains observed in issued certificates and resolves a capped sample via DNS to flag which are live. Passive, no scanning of the target.
Full URL/v1/client/{uuid}/tools/subdomain-finder
{ "domain": "example.com", "resolve": true }{
"result": {
"domain": "example.com",
"total": 7,
"live_count": 4,
"subdomains": [ { "name": "www.example.com", "resolves": true }, { "name": "api.example.com", "resolves": true } ],
"sources": ["certspotter", "crt.sh"]
},
"success": true,
"errors": []
}/tools/exposed-files
Exposed Files Scanner
Check a site for commonly-exposed sensitive files and misconfigurations (.env, .git/config, backups, server-status, and more). Non-intrusive GET requests to ~25 well-known paths with severity ratings and soft-404 detection. Intended for sites you own.
Full URL/v1/client/{uuid}/tools/exposed-files
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com",
"checked_paths": 25,
"exposed_count": 1,
"severity_counts": { "critical": 1 },
"soft_404_detected": false,
"exposed": [ { "path": "/.env", "status": 200, "exposed": true, "severity": "critical", "type": "Environment file" } ]
},
"success": true,
"errors": []
}/tools/email-deliverability
Email Deliverability
Check MX records, SPF, DKIM (9 common selectors), and DMARC for any domain. Get a deliverability score and grade.
Full URL/v1/client/{uuid}/tools/email-deliverability
{ "domain": "example.com" }{
"result": {
"domain": "example.com",
"score": 75,
"grade": "B",
"checks": [
{ "name": "MX Records", "status": "pass", "detail": "Found 1 MX record(s)" },
{ "name": "SPF", "status": "pass", "detail": "SPF record with hard fail (-all)" }
],
"scanned_at": "2025-06-01T12:00:00.000Z"
},
"success": true,
"errors": []
}/tools/email-validator
Email Validator
Detect disposable, temporary, and throwaway email addresses with high accuracy. Returns a 0-100 risk score with verdict (disposable/suspicious/legitimate) and signal codes.
Full URL/v1/client/{uuid}/tools/email-validator
{ "email": "user@guerrillamail.com" }{
"result": {
"email": "user@guerrillamail.com",
"domain": "guerrillamail.com",
"verdict": "disposable",
"score": 80,
"signals": [
{ "code": "MK01", "weight": 80 }
],
"cached": false
},
"success": true,
"errors": []
}/tools/email-validator-bulk
Email Validator (Bulk)
Validate up to 10 email addresses in a single request. Domains are deduplicated and analyzed in parallel. Returns per-email verdicts with aggregate counts.
Full URL/v1/client/{uuid}/tools/email-validator-bulk
{ "emails": ["user@gmail.com", "test@guerrillamail.com", "hello@example.com"] }{
"result": {
"total": 3,
"disposable": 1,
"suspicious": 0,
"legitimate": 2,
"results": [
{ "email": "user@gmail.com", "domain": "gmail.com", "verdict": "legitimate", "score": 0, "signal_count": 1 },
{ "email": "test@guerrillamail.com", "domain": "guerrillamail.com", "verdict": "disposable", "score": 80, "signal_count": 1 },
{ "email": "hello@example.com", "domain": "example.com", "verdict": "legitimate", "score": 25, "signal_count": 1 }
]
},
"success": true,
"errors": []
}/tools/email-spam-check
Email Spam Checker
Score an email subject and body against common spam-filter heuristics (trigger words, shouting, punctuation, link ratios, URL shorteners, missing unsubscribe, hidden text). Returns a spam score, inbox-likelihood, and the triggered rules with fixes. Rule-based, no AI.
Full URL/v1/client/{uuid}/tools/email-spam-check
{ "subject": "FREE!! Act now", "body": "Click here to claim your prize. Guaranteed money back!" }{
"result": {
"spam_score": 11,
"spam_risk": "high",
"inbox_likelihood": 23,
"grade": "F",
"findings": [
{ "rule": "subject_spam_words", "severity": "high", "points": 4, "message": "Subject contains spammy phrases: free.", "fix": "Rephrase to avoid spam-trigger words." }
]
},
"success": true,
"errors": []
}/tools/email-header-analyzer
Email Header Analyzer
Parse raw email headers (paste the full headers or whole raw message) into a structured summary: key fields, the Received hop timeline with per-hop delays, SPF/DKIM/DMARC results, spam-filter headers, and flags.
Full URL/v1/client/{uuid}/tools/email-header-analyzer
{ "headers": "From: a@example.com\nReceived: from mx1.example.com by mx2.example.net; Mon, 01 Jun 2026 12:00:01 +0000\nAuthentication-Results: spf=pass dkim=pass dmarc=pass" }{
"result": {
"summary": { "from": "a@example.com", "subject": null, "message_id": null },
"authentication": { "spf": "pass", "dkim": "pass", "dmarc": "pass" },
"hop_count": 1,
"total_delivery_seconds": 0,
"hops": [ { "from": "mx1.example.com", "by": "mx2.example.net", "delay_seconds": null } ],
"flags": []
},
"success": true,
"errors": []
}/tools/email-blacklist-check
Blacklist (DNSBL) Check
Check a domain or IP against well-known DNS blacklists (Spamhaus, SpamCop, SORBS, Barracuda, and more). For a domain it resolves the A records and checks each IP plus domain-based lists. Lists that block public resolvers are reported as "blocked" rather than listed.
Full URL/v1/client/{uuid}/tools/email-blacklist-check
{ "domain": "example.com" }{
"result": {
"target": "example.com",
"type": "domain",
"checked_ips": ["93.184.216.34"],
"listed_count": 0,
"clean": true,
"ip_listings": [ { "ip": "93.184.216.34", "list": "SpamCop", "zone": "bl.spamcop.net", "status": "clean" } ],
"lists_checked": 10
},
"success": true,
"errors": []
}/tools/website-audit
Website Audit (Bundled Report)
Run security-headers, TLS, technology, SEO and DNS checks against one URL and return a combined report with an overall 0-100 score and letter grade. Bundled price vs 25 credits separately.
Full URL/v1/client/{uuid}/tools/website-audit
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com/",
"overall_score": 86,
"overall_grade": "B",
"sub_scores": [ { "name": "security_headers", "score": 80 }, { "name": "seo", "score": 92 } ],
"report": { "security_headers": { }, "tls": { }, "technology": { }, "seo": { }, "dns": { } }
},
"success": true,
"errors": []
}/tools/broken-link-checker
Broken Link Checker
Fetch a page, extract its links, and check each for availability (up to 50). Returns per-link status and the list of broken links. SSRF-safe: every link is validated before fetch.
Full URL/v1/client/{uuid}/tools/broken-link-checker
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com/",
"total_links": 12,
"ok_count": 11,
"broken_count": 1,
"broken_links": [ { "url": "https://example.com/old", "status": 404, "ok": false } ]
},
"success": true,
"errors": []
}/tools/performance-audit
Performance Audit
Lightweight performance report: server response time, transfer size, compression, caching headers, and resource counts, with a 0-100 score and findings. No headless browser required.
Full URL/v1/client/{uuid}/tools/performance-audit
{ "url": "https://example.com" }{
"result": {
"url": "https://example.com/",
"score": 88,
"grade": "B",
"metrics": { "response_time_ms": 120, "html_size_kb": 42, "compression": "br", "estimated_requests": 14 },
"findings": [ "No cache-control on the document." ]
},
"success": true,
"errors": []
}/tools/carbon-footprint
Carbon Footprint Estimator
Estimate the CO2 footprint of a page load from its transfer size (Sustainable Web Design model). Returns grams CO2 per visit, a rating vs the global median, and an annual estimate. Optional "monthly_views".
Full URL/v1/client/{uuid}/tools/carbon-footprint
{ "url": "https://example.com", "monthly_views": 50000 }{
"result": {
"url": "https://example.com/",
"page_size_kb": 1024,
"grams_co2_per_visit": 0.118,
"rating": "A",
"cleaner_than_median": true,
"annual_kg_co2": 70.8
},
"success": true,
"errors": []
}/tools/qr-generate
QR Code Generator
Generate a QR code from text. Returns JSON with the raw SVG, a base64 SVG, and a data URI by default; pass "format":"svg" to get the raw image directly. Supports custom size and colors (dark_color, light_color).
Full URL/v1/client/{uuid}/tools/qr-generate
{ "text": "https://mecanik.dev", "size": 256 }{
"result": {
"svg": "<svg xmlns=\"http://www.w3.org/2000/svg\" ...>...</svg>",
"svg_base64": "PHN2ZyB4bWxucz0...",
"data_uri": "data:image/svg+xml;base64,PHN2ZyB4bWxucz0...",
"text": "https://mecanik.dev",
"size": 256
},
"success": true,
"errors": []
}/tools/placeholder-image
Placeholder Image
Generate SVG placeholder images with custom dimensions, colors, and text. Pass parameters as query string.
Full URL/v1/client/{uuid}/tools/placeholder-image
Query: ?width=400&height=300&bg=cccccc&color=333333&text=400x300
Returns SVG image directly (Content-Type: image/svg+xml)
/tools/hash-generate
Hash Generator
Compute SHA-1, SHA-256, SHA-384, SHA-512, and MD5 hashes of any input string (max 100K characters).
Full URL/v1/client/{uuid}/tools/hash-generate
{ "input": "hello world", "algorithm": "sha256" }{
"result": {
"algorithm": "SHA-256",
"hash": "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9",
"input_length": 11
},
"success": true,
"errors": []
}/tools/jwt-decode
JWT Decoder
Decode JWT headers and payloads, analyze expiration, issuer, algorithm, and surface security warnings.
Full URL/v1/client/{uuid}/tools/jwt-decode
{ "token": "eyJhbGciOi..." }{
"result": {
"header": { "alg": "HS256", "typ": "JWT" },
"payload": { "sub": "1234567890", "iat": 1516239022 },
"expired": false,
"warnings": []
},
"success": true,
"errors": []
}/tools/password-strength
Password Strength Analyzer
Entropy calculation, pattern detection, dictionary checks, keyboard patterns, and crack-time estimation.
Full URL/v1/client/{uuid}/tools/password-strength
{ "password": "MyP@ssw0rd!" }{
"result": {
"score": 3,
"label": "Strong",
"entropy_bits": 52.4,
"crack_time_display": "centuries",
"suggestions": []
},
"success": true,
"errors": []
}/tools/cron-explain
Cron Expression Explainer
Parse cron expressions into human-readable descriptions with the next N scheduled run times.
Full URL/v1/client/{uuid}/tools/cron-explain
{ "expression": "*/5 * * * *", "count": 3 }{
"result": {
"expression": "*/5 * * * *",
"description": "Every 5 minutes",
"next_runs": [
"2025-06-01T12:05:00.000Z",
"2025-06-01T12:10:00.000Z",
"2025-06-01T12:15:00.000Z"
]
},
"success": true,
"errors": []
}/tools/token-counter
LLM Token Counter & Cost Calculator
Estimate token usage and USD cost for any text across 25+ models (OpenAI GPT-5.x, Anthropic Claude 4.x, Google Gemini 3.x, xAI Grok, DeepSeek, Mistral, Llama, Qwen). Pass a single "model", a "models" array, or omit for a default set. Optional "output_tokens" adds output cost. Counts are heuristic estimates; prices are list prices verified 2026-06.
Full URL/v1/client/{uuid}/tools/token-counter
{ "text": "Translate the following document into French...", "models": ["gpt-5.4", "claude-sonnet-4-6"], "output_tokens": 500 }{
"result": {
"text_length": 48,
"word_count": 7,
"models": [
{
"model": "gpt-5.4",
"provider": "OpenAI",
"estimated_input_tokens": 12,
"estimated_output_tokens": 500,
"input_cost_usd": 0.00003,
"output_cost_usd": 0.0075,
"total_cost_usd": 0.00753,
"pricing_per_1m": { "input": 2.5, "output": 15 }
}
],
"unknown_models": [],
"pricing_as_of": "2026-06",
"note": "Token counts are heuristic estimates..."
},
"success": true,
"errors": []
}/tools/json-to-code
JSON to Schema & Code Generator
Turn a sample JSON value into type definitions across multiple targets: json-schema (Draft-07), typescript, go, python (Pydantic), rust (serde) and kotlin. Objects become named types; arrays of objects are merged with optional fields. Pass "targets" to limit output and "root_name" to name the root type.
Full URL/v1/client/{uuid}/tools/json-to-code
{ "json": "{ \"id\": 1, \"name\": \"Ada\", \"active\": true, \"tags\": [\"dev\"] }", "targets": ["typescript", "go"], "root_name": "User" }{
"result": {
"root_name": "User",
"targets": ["typescript", "go"],
"types_generated": 1,
"code": {
"typescript": "export interface User {\n id: number;\n name: string;\n active: boolean;\n tags: string[];\n}",
"go": "type User struct {\n\tId int `json:\"id\"`\n\tName string `json:\"name\"`\n\tActive bool `json:\"active\"`\n\tTags []string `json:\"tags\"`\n}"
}
},
"success": true,
"errors": []
}Retry-After header.Limits are per user per 1-minute sliding window: