Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tattoo.dev/llms.txt

Use this file to discover all available pages before exploring further.

Current API Recipes

These examples describe the API surface that is safe to build against today.
Canonical REST base URL: https://api.tattooapi.com/v1
Public writes, public legal advice, public GraphQL, and public SDK launch are not active yet.

Public No-Auth Reads

Health is the simplest availability check: 
curl "https://api.tattooapi.com/v1/health"
Studio discovery is the current promoted public data surface: 
curl "https://api.tattooapi.com/v1/studios?state=HI&limit=10"
Use this for public discovery experiments. Do not assume artist, portfolio, design, booking, payment, or law endpoints are public just because route files exist in the repo.

Internal Beta Reads

Internal beta routes require WorkOS authentication and a mapped TattooAPI actor. 
curl "https://api.tattooapi.com/v1/search?q=blackwork&type=artist&limit=5" \
  -H "X-API-Key: $TATTOO_WORKOS_API_KEY"

curl "https://api.tattooapi.com/v1/artists?limit=20" \
  -H "X-API-Key: $TATTOO_WORKOS_API_KEY"

curl "https://api.tattooapi.com/v1/designs?search=dragon&limit=20" \
  -H "Authorization: Bearer $WORKOS_ACCESS_TOKEN"
Missing or invalid WorkOS credentials return 401. Valid WorkOS credentials without a mapped TattooAPI actor return 403.

Owner Beta Reads

Owner routes are scoped to the authenticated owner actor. 
curl "https://api.tattooapi.com/v1/me/designs?limit=20" \
  -H "Authorization: Bearer $WORKOS_ACCESS_TOKEN"

curl "https://api.tattooapi.com/v1/me/portfolio-assets?limit=20" \
  -H "Authorization: Bearer $WORKOS_ACCESS_TOKEN"
Owner routes can return draft, owner_private, and published_public creative records, but only for records mapped to the authenticated studio or artist.

Blocked Public Writes

Public mutation attempts must remain blocked: 
curl -X POST "https://api.tattooapi.com/v1/studios" \
  -H "Content-Type: application/json" \
  -d '{"name":"Example Studio"}'
Expected posture: public_write_blocked.

Gated Owner Writes

Owner mutation attempts must remain gated until the approved write contract is live: 
curl -X PATCH "https://api.tattooapi.com/v1/me/designs/design:example" \
  -H "Authorization: Bearer $WORKOS_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"publish_state":"published_public"}'
Expected posture: owner_write_gated.

Internal Infrastructure Boundaries

These surfaces are not public product APIs:
  • /api/internal/mcp/*
  • /api/internal/source-packs/staging
  • /api/internal/runtime/*
  • Mastra Studio
  • Convex dashboard
  • local Tailscale URLs
Use the public docs for builder-facing examples. Use internal PRDs and project-context docs for governed source-pack, MCP, Mastra, and promotion work.