Quickstart
Step-by-step guide to making your first requests to the Ours Privacy REST API, with examples for listing, creating, and managing resources.
Quickstart
This guide walks you through making your first API calls. You'll need an API key — see Authentication if you haven't created one yet.
All examples use curl. Replace YOUR_API_KEY with your actual key.
Prefer an SDK? See SDKs and MCP — this API is wrapped for Node.js / TypeScript, Go, the command line, and an MCP server for AI assistants. Everything below maps one-to-one to an SDK method.
List Your Destinations
curl https://app.oursprivacy.com/rest/v1/destinations \
-H "Authorization: Bearer YOUR_API_KEY"Response:
{
"data": [
{
"id": "dest_abc123",
"name": "Google Analytics",
"type": "google-analytics-4",
"enabled": true
}
]
}Get a Single Resource
Append the resource ID to the URL:
curl https://app.oursprivacy.com/rest/v1/destinations/dest_abc123 \
-H "Authorization: Bearer YOUR_API_KEY"Create a Resource
Send a POST request with a JSON body:
curl https://app.oursprivacy.com/rest/v1/sources \
-X POST \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Marketing Website",
"type": "web"
}'Update a Resource
Send a PATCH request with only the fields you want to change:
curl https://app.oursprivacy.com/rest/v1/destinations/dest_abc123 \
-X PATCH \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"enabled": false
}'Delete a Resource
curl https://app.oursprivacy.com/rest/v1/destinations/dest_abc123 \
-X DELETE \
-H "Authorization: Bearer YOUR_API_KEY"URL Pattern
All resources follow the same pattern:
| Action | Method | URL |
|---|---|---|
| List all | GET | /rest/v1/{resource} |
| Get one | GET | /rest/v1/{resource}/{id} |
| Create | POST | /rest/v1/{resource} |
| Update | PATCH | /rest/v1/{resource}/{id} |
| Delete | DELETE | /rest/v1/{resource}/{id} |
Replace {resource} with the slug of the resource you want — see the section nav for the full list, or fetch the OpenAPI spec for the machine-readable catalog.
Error Handling
The API returns standard HTTP status codes:
| Status | Meaning |
|---|---|
200 | Success |
400 | Invalid request body or malformed JSON |
401 | Missing or invalid API key |
403 | Insufficient API key scope |
404 | Resource not found |
405 | Action not supported for this resource |
500 | Internal error |
Error responses include a message describing what went wrong:
{
"error": {
"status": 403,
"message": "API key does not have the required scope for this resource"
}
}OpenAPI Specification
The full OpenAPI spec is available at:
GET https://app.oursprivacy.com/rest/v1/openapi.jsonThis endpoint is public and does not require authentication. Use it to generate clients, explore the schema, or import into tools like Postman.
Next Steps
- Authentication — scopes, key duration, and rotation.
- Platform SDKs — Node.js, Go, CLI, and MCP server wrappers around this API.
- API Overview — the resource map.
How is this guide?