API that provides a set of components that can be used in different projects.
To authenticate requests, include an Authorization header with the value "Bearer {YOUR_PROJECT_TOKEN}".
All authenticated endpoints are marked with a requires authentication badge in the documentation below.
⚠️ Wallrus will provide the project token required to authenticate your requests. ⚠️
APIs for our openAI assistant
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/assistant" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"message\": \"What\'s the capital of France?\",
\"assistant_id\": \"asst_xxx\"
}"
{
"response": "If you enjoy ..."
}APIs for logging and retrieving activity logs for the authenticated project.
Supports optional filtering by multiple parameters.
Optional. Filter activities by user ID.
Optional. Filter activities by activity type name.
Optional. Filter activities by exact value match.
Optional. Filter activities by partial message match.
Optional. Filter activities by metadata fields.
Optional. Filter activities by date range.
This field is required when date_range is present. Must be a valid date.
This field is required when date_range is present. Must be a valid date. Must be a date after or equal to date_range.start.
Must be a valid date.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/activities?user_id=sequi&type=image-generation.&value=6&message=sequi&metadata[Country]=Canada&metadata[Gender]=Female&date_range[start]=2023-01-01+00%3A00%3A00&date_range[end]=2023-01-31+23%3A59%3A59&created_at=2025-10-09T19%3A23%3A57" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"data": [
{
"user_id": "uuid-2",
"type": "image-generation",
"value": 100,
"message": "User generated an image",
"metadata": {
"model": "stable-diffusion",
"Country": "Canada"
},
"created_at": "2025-04-25T12:00:00.000000Z"
}
]
}curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/activities" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"user_id\": \"uuid-1.\",
\"type\": \"image-generation.\",
\"value\": 6,
\"message\": \"sequi\",
\"metadata\": []
}"
{
"message": "Activity log created successfully."
}Optional. The ID of the activity type to retrieve.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/activities/types/1" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"data": [
{
"id": 1,
"name": "image-generation",
"description": "Image generation activity",
"metadata": [
{
"key": "ip",
"value": "127.0.0.1",
"active": true
}
],
"created_at": "2025-06-03T12:00:00.000000Z",
"updated_at": "2025-06-03T12:00:00.000000Z"
}
]
}Returns activity counts per type and the total count.
Optional. Filter activities by user ID. The user must exist and belong to the authenticated project.
Optional. Filter activities by activity type name.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/activities/summary?user_id=sequi&type=image-generation." \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"user_id\": \"4d90902b-2925-34b1-aa9f-611860a391a0\",
\"type\": \"sequi\"
}"
{
"data": [
{
"type": "image-generation",
"count": 5
},
{
"type": "quiz-answer",
"count": 3
}
],
"total_activities": 8
}APIs for user authentication
This endpoint initiates a 2FA request for a website. It sends a 2FA code to the user's email or phone number. And it will return the handshake ID for the 2FA process. The user must exist and be active.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/users/login/initiate" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"recipient\": \"user@example.com or +1234567890\"
}"
{
"message": "2FA code sent to user@example.com",
"data": {
"handshake": "9bd24b7c-9208-4f4c-b388-8d6620b54cb9",
"recipient": "user@example.com",
"expires_at": "2024-04-16T13:55:18.919768Z",
"user_id": "9e84e060-6057-4f67-ae22-18a7ef24114b"
}
}This endpoint validates the provided 2FA code against the handshake and returns user data if successful.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/users/login/authenticate" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"handshake\": \"9e88ca80-5fa3-44b7-aebf-3f517d502abb\",
\"code\": \"624983\"
}"
{
"message": "Authentication successful",
"data": {
"user": {
"id": "9e84e060-6057-4f67-ae22-18a7ef24114b",
"first_name": "John",
"last_name": "Doe",
"username": "johndoe",
"role": "user",
"email": "john.doe@example.com",
"phone": "+15145555555",
"verified_at": "2025-04-01T12:00:00.000000Z",
"is_active": true,
"metadata": {
"DOB": "01/01/1990",
"Country": "USA"
},
"avatar": "https://toolbox.local.wallrus.dev/storage/public/avatars/HgnTRjf7AhrhA9cw1xHW9FgyZpzOvy2marEJGtp3.jpg"
}
}
}APIs for interacting with the Gemini Video API.
This endpoint allows to generate a video based on a prompt and an optional image. It initiates the video generation process and queues a job to poll for completion. A webhook URL is used to notify the caller when the video is ready.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/gem/video" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: multipart/form-data" \
--header "Accept: application/json" \
--form "uid="user-request-123""\
--form "prompt="A cat wearing a superhero costume flying over a city""\
--form "negative_prompt="blurry, low quality""\
--form "webhook="https://example.com/webhook/gemini-video""\
--form "sample_count=2"\
--form "duration_seconds=5"\
--form "aspect_ratio="landscape""\
--form "image=@/tmp/phpo3v47869gqmkcipKBpA" {
"message": "Video generation has been queued successfully.",
"operation_name": "models/veo-2.0-generate-001/operations/12345abcdef",
"uid": "user-request-123"
}This endpoint streams video content directly from the Gemini API using the provided media ID.
The ID of the media to stream.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/gem/video/ft1rknu4azjb" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"Accept-Ranges": "bytes",
"Cache-Control": "public, max-age=31536000",
"Content-Disposition": "inline; filename=\"ft1rknu4azjb.mp4\"",
"Content-Length": "12345678",
"Content-Type": "video/mp4",
}APIs for Stable Diffusion image generation
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/sd/variables" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"variables": {
"style": [
"80sFashion",
"racecarDriver",
"superHero",
"clayman"
],
"gender": [
"male",
"female",
"neutral"
]
}
}curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/sd/generate" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: multipart/form-data" \
--header "Accept: application/json" \
--form "uid=user123"\
--form "style=superHero"\
--form "webhook=sequi"\
--form "automatic=sequi"\
--form "controlnet=coolpose1."\
--form "gender=sequi"\
--form "age_range=sequi"\
--form "body_shape=sequi"\
--form "hair_color=sequi"\
--form "hair_length=sequi"\
--form "hair_style=sequi"\
--form "skin_color=sequi"\
--form "facial_hair=sequi"\
--form "ethnicity=sequi"\
--form "image=@/tmp/phpg4nrqmgvjk4adnlkhMo" {
"prompt_id": "f825155c-0a29-4a61-9c08-c5729c95f3b4",
"number": 51,
"node_errors": [],
"server": "https://comfyui-04.wallrus.tech",
"queue": 8
}curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/sd/upscale" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: multipart/form-data" \
--header "Accept: application/json" \
--form "uid=user123"\
--form "webhook=sequi"\
--form "image=@/tmp/phpjlmqu6tfjhur5bjIElo" {
"prompt_id": "da8ba155-b095-4c2b-b112-454526450e79",
"number": 15,
"node_errors": []
}curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/sd/video" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: multipart/form-data" \
--header "Accept: application/json" \
--form "uid=user123"\
--form "webhook=sequi"\
--form "image=@/tmp/php1udijr9h3slvbCoodGp" {
"prompt_id": "da8ba155-b095-4c2b-b112-454526450e79",
"number": 15,
"node_errors": []
}The access is public, no authentication is required.
The server ID.
The subfolder.
The filename.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/sd/proxy/1/example-project/output_1.png or video_1.mp4" \
--header "Content-Type: application/json" \
--header "Accept: application/json"binary media fileAPIs for managing prizes
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/prizes" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"[
{
"prizePoolId": 1,
"order": 0,
"prizePoolName": "Pool A",
"prizes": [
{
"name": "Test Prize mollitia",
"available_quantity": 5
},
{
"name": "Test Prize sequi",
"available_quantity": 1
}
]
}
]The id of the prize pool.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/prizes-pool/1/draw" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"uid\": \"user123\"
}"
{
"isWinner": false,
"prize": null
}APIs for quizzes
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/quizzes" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"[
{
"id": 1,
"name_en": "Quiz 1",
"name_fr": "Quiz 1",
"description_en": "Description 1",
"description_fr": "Description 1",
"image_en": "quiz1_en.jpg",
"image_fr": "quiz1_fr.jpg"
},
{
"id": 2,
"name_en": "Quiz 2",
"name_fr": "Quiz 2",
"description_en": "Description 2",
"description_fr": "Description 2",
"image_en": "quiz2_en.jpg",
"image_fr": "quiz2_fr.jpg"
}
]The quiz ID.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/quizzes/1" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"id": 1,
"name_en": "Quiz 1",
"name_fr": "Quiz 1",
"description_en": "Description 1",
"description_fr": "Description 1",
"image_en": "quiz1_en.jpg",
"image_fr": "quiz1_fr.jpg",
"questions": [
{
"id": 1,
"quiz_id": 1,
"question_en": "Question 1",
"question_fr": "Question 1",
"image_en": "question1_en.jpg",
"image_fr": "question1_fr.jpg",
"answers": [
{
"id": 1,
"quiz_question_id": 1,
"answer_en": "Answer 1",
"answer_fr": "Answer 1",
"image_en": "answer1_en.jpg",
"image_fr": "answer1_fr.jpg",
"is_correct": 1
},
{
"id": 2,
"quiz_question_id": 1,
"answer_en": "Answer 2",
"answer_fr": "Answer 2",
"image_en": "answer2_en.jpg",
"image_fr": "answer2_fr.jpg",
"is_correct": 0
}
]
}
]
}APIs for managing two-factor authentication
This endpoint initiates a 2FA request for a website. It sends a 2FA code to the user's email or phone number. And it will return the handshake ID for the 2FA process.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/2fa/initiate" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"recipient\": \"user@example.com or +1234567890\"
}"
{
"message": "2FA code sent to user@example.com",
"data": {
"handshake": "9bd24b7c-9208-4f4c-b388-8d6620b54cb9",
"recipient": "user@example.com",
"expires_at": "2024-04-16T13:55:18.919768Z"
}
}This endpoint verifies the 2FA code sent to the user. It checks if the code is valid and not expired.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/2fa/validate" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"handshake\": \"9bd24b7c-9208-4f4c-b388-8d6620b54cb9\",
\"code\": \"123456\"
}"
{
"message": "2FA verified",
"data": {
"handshake": "9bd24b7c-9208-4f4c-b388-8d6620b54cb9",
"recipient": "user@example.com"
}
}APIs for managing users
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/users" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"[
{
"id": "uuid-1",
"first_name": "John",
"last_name": "Doe",
"username": null,
"role": "user",
"email": "john@example.com",
"phone": null,
"verified_at": null,
"is_active": false,
"metadata": {
"DOB": "01/01/1970",
"Country": "USA"
},
"avatar": "https://example.com/path/to/avatar1.jpg"
},
{
"id": "uuid-2",
"first_name": "John",
"last_name": "Doe",
"username": null,
"role": "user",
"email": "john.doe@example.com",
"phone": null,
"verified_at": null,
"is_active": false,
"metadata": {
"DOB": "01/01/1970",
"Country": "USA"
},
"avatar": null
}
]This endpoint returns all available roles that can be assigned to users.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/users/roles" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"roles": [
"user",
"admin",
"moderator",
"guest"
]
}This endpoint accepts JSON data for user creation. All fields are optional, any validation must be done on the client side.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/users" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"first_name\": \"Charlize\",
\"last_name\": \"Theron\",
\"username\": \"mango\",
\"role\": \"user\",
\"email\": \"hello@wallrus.dev\",
\"phone\": \"+15145555555\",
\"metadata\": {
\"DOB\": \"07\\/08\\/1975\",
\"Country\": \"South Africa\"
},
\"auto_activate\": false
}"
{
"id": "9e84e060-6057-4f67-ae22-18a7ef24114b",
"first_name": "Charlize",
"last_name": "Theron",
"username": "mango",
"role": "user",
"email": "hello@wallrus.dev",
"phone": "+15145555555",
"verified_at": null,
"is_active": false,
"metadata": {
"DOB": "07/08/1975",
"Country": "South Africa"
},
"avatar": null,
"handshake": "9e96985f-c18d-44a6-adf6-21ba1efb5716"
}This endpoint validates the provided 2FA code against the user's handshake and marks the user as verified if successful.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/users/verify" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"handshake\": \"9e88ca80-5fa3-44b7-aebf-3f517d502abb\",
\"code\": \"624983\",
\"user_id\": \"9e84e060-6057-4f67-ae22-18a7ef24114b\"
}"
{
"message": "2FA verified",
"data": {
"user_id": "9e84e060-6057-4f67-ae22-18a7ef24114b"
}
}The ID of the user.
curl --request GET \
--get "https://toolbox.local.wallrus.dev/api/v1/users/9e84e060-6057-4f67-ae22-18a7ef24114b" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"id": "9e84e060-6057-4f67-ae22-18a7ef24114b",
"first_name": "John",
"last_name": "Doe",
"username": "johndoe",
"role": "user",
"email": "john.doe@example.com",
"phone": "+15145555555",
"verified_at": "2025-04-01T12:00:00.000000Z",
"is_active": true,
"metadata": {
"DOB": "01/01/1990",
"Country": "USA"
},
"avatar": "https://toolbox.local.wallrus.dev/storage/public/avatars/HgnTRjf7AhrhA9cw1xHW9FgyZpzOvy2marEJGtp3.jpg"
}This endpoint resends a new 2FA code to the user (email or phone) for registration verification. Only allowed if the user is not yet verified.
The ID of the user.
curl --request POST \
"https://toolbox.local.wallrus.dev/api/v1/users/9e84e060-6057-4f67-ae22-18a7ef24114b/regen_2fa" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"message": "2FA code resent to user@example.com",
"data": {
"handshake": "uuid",
"recipient": "user@example.com",
"expires_at": "2025-05-29T13:55:18.919768Z"
}
}This endpoint accepts JSON data for user updates. All fields are optional, validation must be done on the client side.
The ID of the user to update.
curl --request PUT \
"https://toolbox.local.wallrus.dev/api/v1/users/9e84e060-6057-4f67-ae22-18a7ef24114b" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"first_name\": \"Jane\",
\"last_name\": \"Smith\",
\"username\": \"mango\",
\"role\": \"user\",
\"email\": \"jane.smith@example.com\",
\"phone\": \"+15145556666\",
\"metadata\": {
\"DOB\": \"14\\/02\\/1985\",
\"Country\": \"Canada\"
},
\"is_active\": true
}"
{
"id": "9e84e060-6057-4f67-ae22-18a7ef24114b",
"first_name": "Jane",
"last_name": "Smith",
"username": "janesmith",
"role": "admin",
"email": "jane.smith@example.com",
"phone": "+15145556666",
"verified_at": "2025-04-01T12:00:00.000000Z",
"is_active": true,
"metadata": {
"DOB": "14/02/1985",
"Country": "Canada"
},
"avatar": "https://toolbox.local.wallrus.dev/storage/public/avatars/HgnTRjf7AhrhA9cw1xHW9FgyZpzOvy2marEJGtp3.jpg"
}The ID of the user to delete.
curl --request DELETE \
"https://toolbox.local.wallrus.dev/api/v1/users/9e84e060-6057-4f67-ae22-18a7ef24114b" \
--header "Authorization: Bearer {YOUR_PROJECT_TOKEN}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"{
"message": "User deleted successfully"
}