Authentication & Headers

You authenticate to Pushbots API by providing Application ID in request headers.
Header Description
Content-Type Set to application/json *.
X-PUSHBOTS-APPID Pushbots Application ID. *
X-PUSHBOTS-SECRET Pushbots Application secret, should be used with Push API only.
* Required

Rate Limits

API calls are subject to rate limiting. Exceeding any rate limits will result in all endpoints returning a status code of 429 (Too Many Requests). Rate limits are per user per app.


Errors are returned using standard HTTP error code syntax. Any additional info is included in the body of the return call, JSON-formatted. Error codes not listed here are in the REST API methods listed below.

Standard API errors

Code Description
400 Bad input parameter/JSON. Error message should indicate which one and why e.g. {"code":"InvalidHeader","message":"Authentication headers not found."} , {"code:"", "BadDigest":"Please contact support for more details, supportId #12345"}, {"code":"InvalidContent","message":"Invalid JSON: ."}
401 Authentication headers are unauthorized. e.g. {"code":"InvalidCredentials","message":"Application ID and/or Secret unauthorized."}
405 Request method not expected (generally should be GET or POST) e.g. {"code":"MethodNotAllowedError","message":"GET is not allowed"}
409 Request could not be processed because of a missing parameter or a conflict. Error message should indicate which one and why e.g.{"code":"MissingParameter","message":"Notification message parameter is required."}
429 Too Many Requests.
507 User is over API requests quota.
5xx Pushbots Server error, check server status.