Config API
The public endpoint that serves tool definitions to the snippet.
Endpoint
GET /api/sites/:publicId/config
:publicId is the public identifier from your site's snippet block. It's safe to expose in HTML — it doesn't grant write access.
Query parameters
| Parameter | Type | Description |
|---|---|---|
path | string | Current page path, e.g. /products/shoes. Used for path pattern filtering. |
Response
{
"siteId": "uuid",
"tools": [
{
"id": "uuid",
"name": "addToCart",
"description": "Add a product to the shopping cart",
"inputSchema": { "type": "object", "properties": {} },
"executeJs": "return window.__aigentablyDemo.addToCartUI(args.productId, args.quantity)"
}
],
"pollInterval": 300
}tools— only enabled tools matching the?path=pattern are returnedpollInterval— seconds between re-fetches (default: 300)
Caching
The endpoint uses ETag-based caching. The snippet sends If-None-Match on subsequent requests. If nothing has changed, the server returns 304 Not Modified and the snippet skips re-registration.
Cache-Control is set to public, max-age=60 — tool changes appear within 60 seconds.
Rate limiting
Requests are rate-limited per site. The snippet's polling interval keeps well within the limit under normal usage. Exceeded: 429 Too Many Requests.
CORS
The endpoint is open to all origins (Access-Control-Allow-Origin: *). This is intentional — the snippet runs on third-party sites.
Error responses
| Status | Code | Meaning |
|---|---|---|
| 404 | NOT_FOUND | Invalid or deleted publicId |
| 429 | RATE_LIMITED | Too many requests |
| 500 | INTERNAL_ERROR | Server error |