Developer overview
Everything you can click in the Qalyb dashboard, you can also drive from code. This page is your map of the developer surface: the v1 REST API, the TypeScript SDK, webhooks, and the embed script.
Everything you build on Qalyb runs against a single, versioned REST API. With it you can create and run voice and chat agents, place outbound calls, start in-browser voice sessions, call the Models API (text-to-speech, speech-to-text, and chat completions) directly, and receive real-time event notifications over webhooks. Below you'll find the base URL, auth in one line, and a pointer to the right doc for each surface.
Base URL
Every endpoint lives under the versioned /v1 prefix on the production host:
https://api.qalyb.ai/v1There is one environment. Requests are JSON in, JSON out (with two exceptions: text-to-speech returns raw audio bytes, and speech-to-text takes a multipart upload). An interactive, always-current reference — generated from the live OpenAPI spec — is at the API reference.
What you can build
The /v1 surface is organized into four areas:
| Area | What it covers | Key routes |
|---|---|---|
| Agents | Full CRUD plus call orchestration — create an agent, then place calls with it. | /v1/agents, /v1/agents/:id/calls, /v1/agents/:id/web-call |
| Calls | Read a call's status, duration, and transcript after it runs. | /v1/calls/:id |
| Voices | List and fetch every voice available to your workspace (your own plus system voices); update or delete the ones your workspace owns. | /v1/voices, /v1/voices/:id |
| Models API | Call the underlying TTS, STT, and LLM directly — no agent required. Useful for standalone synthesis, transcription, or chat. | /v1/tts, /v1/stt, /v1/llm/chat |
Authentication in one line
Send an organization API key as a bearer token on every request. Keys look like sk-live-... and authenticate as an admin of your org:
curl https://api.qalyb.ai/v1/me \
-H "Authorization: Bearer sk-live-..."The fastest way to confirm a key works is GET /v1/me, which introspects the credential and returns the identity it resolves to:
{
"authenticated": true,
"authType": "api_key",
"organizationId": "org_8f1c...",
"user": { "id": "...", "email": "..." }
}The SDK
The official TypeScript SDK (@qalyb/sdk) is a typed, Zod-validated wrapper over the same /v1 routes. It exposes namespaces for agents, calls, voices, and the Models API, and throws a typed QalybApiError (with status, code, and message) on any non-2xx response. It targets Node 18+, Bun, Deno, and Cloudflare Workers, and defaults its base URL to https://api.qalyb.ai.
import { Qalyb } from '@qalyb/sdk';
const qalyb = new Qalyb({ apiKey: process.env.QALYB_API_KEY! });
// Create an agent, then place a call
const agent = await qalyb.agents.create({
name: 'Bookings Concierge',
personaId: 'p47e2c12-8b8d-4f8e-9b16-7c1a8f9c3a01',
});
const call = await qalyb.agents.startCall(agent.id, {
phoneNumber: '+971501234567',
});Webhooks
Webhooks push real-time event notifications to your own HTTPS endpoints as conversations happen — a call starting, a call completing, post-call analysis finishing, or a widget / messaging session beginning and ending. You register receiver URLs, subscribe to events per channel, and Qalyb POSTs a signed payload to each one.
Every delivery carries an X-Qalyb-Signature header so you can verify it came from Qalyb. The signature is an HMAC-SHA256 over "<timestamp>.<body>", encoded as t=<timestamp>,v1=<hex> — not a bare HMAC of the body. The actually-dispatched events are call.started, call.completed, call.failed, call.analyzed, widget.started, widget.completed, and per-channel messaging variants such as whatsapp.started / whatsapp.completed.
Webhooks are managed from the main sidebar under Webhooks (/webhooks) — register endpoints, choose channels and events, reveal or rotate the signing secret, send a test delivery, and watch delivery logs. The verification snippet shown on the endpoint's Security tab is the authoritative reference for checking signatures.
The embed script
To put a chat or voice agent on your own website, drop in the embed script. It loads the Qalyb widget bundle from the CDN and self-initializes from a widget token — no API key and no extra code:
<script
src="https://cdn.qalyb.ai/widget.js"
data-qalyb-token="YOUR_FULL_WIDGET_TOKEN"
async
></script>The widget token is separate from your sk-live- API key: it is scoped to a single widget and is safe to ship in client-side HTML. Generate it when you create a web widget channel. Customization (attributes, the JavaScript API, and the React component) is covered in the embed guide.
Streaming
The current API is request/response only. LLM chat completions are non-streaming (stream: true returns a 400), and TTS returns the full audio buffer rather than a stream. A WebSocket surface for low-latency streaming is planned but not yet available.
