Skip to main content

Getting Started

Botlhale AI's APIs are organised around REST. Our APIs have predictable resource-oriented URLs; accept form-encoded request bodies; return JSON-encoded responses; and use standard HTTP response codes and authentication. See the Response Codes and Authentication sections of this documentation for additional information.

Supported Languages

The following table shows the languages Botlhale AI currently supports. The table also indicates the speech tasks supported for each language. Our team is always working to add new languages to the list.

LanguageRegionCodeTranslationASRTTSDiarizationLanguage ID
EnglishSouth Africaen-ZA
isiZuluSouth Africazu-ZA
isiXhosaSouth Africaxh-ZA
SesothoSouth Africast-ZA-
SetswanaSouth Africatn-ZA
SepediSouth Africanso-ZA
TshivendaSouth Africavr-ZA-
XitsongaSouth Africats-ZA-
AfrikaansSouth Africaaf-ZA
KiswahiliKenyasw-KE-
KinyarwandaRwandarw-RW---

Quickstart Guide

Chatbot APIs

See what you can do with our Chatbot API!

  1. Start a Conversation with text or speech
info

Use the following links to view examples of how you can integrate our APIs on different platforms.

Flask Template Facebook Template WhatsApp Template

Speech API

See what you can do with our Speech API!

  1. Convert Speech to Text
  2. Convert Text to Speech

Authentication

The Botlhale AI APIs use API keys to authenticate requests. Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-facing code, and so on.

Authentication to all API endpoints is performed via Bearer Authentication. Bearer Authentication (also called token authentication) is an HTTP authentication scheme that makes use of security tokens called "bearer tokens". Bearer Authentication can be understood as "giving access to the bearer of this token". The bearer token is a cryptic string, usually generated by the server in response to a login request. The client must send this token in the Authorization header when making requests to protected resources.

To perform Bearer Authentication, you need to use the REFRESH_TOKEN made available to you upon sign-up. This refreshToken  does not expire and is used to generate the API key you will use to interact with the API endpoints.

Endpoint: /auth/create_user

Method: POST

This endpoint creates a new user in Botlhale AI APIs and sends an email to the provided email.

Request Body

The request body should include the following fields:

  • email (str) - Required The email address for the new user.

Response

The API returns a JSON object along with an HTTP status code.

Successful User Creation:

Unset 
{
"message": ""Your username is {email}and temporary password is {password}."
}
  • message (str)

A message indicating the status of user creation.

Endpoint:/auth/login

Method: POST

This endpoint authenticates a user using their email and password, returning a new refresh token upon successful login. User is limited to 3 active refresh tokens .

Request Body

The request body should include the following fields:

  • email (str) - Required

The email address of the user.

  • password (str) - Required

The password associated with the user's account.

Response

The API returns a JSON object along with an HTTP status code.

Successful Authentication:

Unset
{
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
  • refresh_token (str)

A token that can be used to refresh the user's session.

Endpoint: /auth/reset_password

Method: POST

This endpoint initiates the password reset process by sending a confirmation code to the user's email address

Request Body

The request body should include the following field:

  • email (str) - Required

The email address of the user requesting the password reset.

Response

The API returns a JSON object along with an HTTP status code. Successful Password Reset Initiation:

Unset
{
"message": "Password reset initiated successfully. Please check your email for further instructions."
}

Endpoint: /auth/confirm_reset_password

Method: POST

This endpoint completes the password reset process for a Botlhale AI API user by verifying the confirmation code and setting a new password.

Request Body

The request body must include the following fields:

Request ParamsData TypeRequiredDescription
email (str)stringRequiredThe email address of the user.
confirmation_codestringRequiredThe confirmation code sent to the user's email during the password reset initiation.
new_passwordstringRequiredThe new password for the user.

Response

The API returns a JSON object along with an HTTP status code.

Successful Password Reset Confirmation:

Unset
{
"message": "Password reset confirmed successfully."
}

Endpoint: /auth/get_tokens

Method: GET

This endpoint retrieves all refresh tokens associated with a specific user from the api-users table. The tokens are returned in a partially masked format for security purposes.

Request Parameters

The request must include the following query parameter:

  • email (str) - Required The email address of the user whose refresh tokens are being retrieved.

Response

The API returns a JSON object containing the list of refresh tokens along with an HTTP status code.

Successful Retrieval of Tokens:

Unset 
{
"refresh_tokens": [
{
"token": "abcde****vwxyz",
"datetime": "2023-10-01T12:34:56.789Z",
"status": "active",
"id": "token_id"
},
{
"token": "mnopq****rstuv",
"datetime": "2023-09-15T08:22:11.567Z",
"status": "revoked",
"id": "token_id_2"
}
]
}
  • token (str)

    Partially masked refresh token for security.

  • datetime (str)

    The timestamp when the token was created or last updated.

  • status (str)

    The current status of the token (e.g., active or revoked).

  • id (str)

    A unique identifier for the refresh token.

Endpoint: /auth/revoke_token

Method: POST

This endpoint allows a user to revoke a specific refresh token by providing the token ID and their email. The token is revoked from Botlhale AI APIs.

Request Body

The request body must include the following fields:

  • email (str) - Required

The email address of the user requesting the revocation.

  • id (str) - Required

The ID of the refresh token to be revoked.

Response

The API returns a JSON object along with an HTTP status code.

Successful Token Revocation:

Unset
{
"message": "Refresh token revoked successfully."
}

Endpoint: /auth/generate

Method:POST

This endpoint generates a new authentication token by refreshing an existing one using the provided refresh token.

Request Body

The request body should include the following field:

  • refresh_token (str) - Required

    The refresh token used to generate a new authentication token.

Response

The API returns a JSON object along with an HTTP status code.

Successful Token Generation:

Unset
{
"token": "new_auth_token_abc123",
"expires": 3600
}
  • token (str)

    The newly generated authentication token.

  • expires (int)

    The time in seconds until the token expires (e.g., 3600 seconds = 1 hour).

Authorization: Bearer <IdToken>

tip

You can get your API keys by going navigating to Settings > General Settings > API on the platform.

warning

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

Generate a Bearer Token POST

Authorization: Bearer <IdToken>

This endpoint generates a bearer auth token for secure access to our APIs.

Request ParamsData TypeDescription
refresh_tokenStringRequiredRefresh token used to generate a new authentication token.

Request Example

Request ParamsData TypeDescription
generatestringRequiredThis endpoint generates a new authentication token by refreshing an existing one using the provided refresh token.

Request Example

import requests
url = "https://api.botlhale.xyz/generate"

payload={'refresh_token': <refresh_token>,}
files=[]

headers = {}

response = requests.request("POST", url, headers=headers, data=payload, files=files)

print(response.text)

Response body

{
"AuthenticationResult": {
"AccessToken": "<AccessToken>",
"ExpiresIn": 86400,
"IdToken": "<IdToken>",
"TokenType": "Bearer"
},
"ChallengeParameters": {}
}

API Authentication

Include IdToken as the Bearer Token in headers for Authorization on other API endpoints. All API endpoints require a Bearer Token in the header. For example:

headers = {"Authorization": "Bearer <IdToken>"}

Response Codes

Botlhale AI uses conventional HTTP response codes to indicate the success or failure of an API request. In general:

  • Codes in the 2xx range indicate success
  • Codes in the 4xx range indicate an error stemming from the information provided (for example, a required parameter was omitted, a charge failed, and so on)
  • Codes in the 5xx range indicate an error stemming from Botlhale's servers (these are rare)

Successfully executed operations return 2xx codes, and, where appropriate, they return the requested information directly in the response body. The following table shows the typical response codes, entities and headers used for the various HTTP verbs supported by the APIs.

HTTP Status Code SummaryDescription
200 - OKEverything worked as expected.

As previously mentioned, unsuccessfully executed operations return either a 4xx or 5xx response code. In the case where a standard HTTP error is sufficiently descriptive, for example, 401 (Not Authorized), or 404 (Not Found), the response body remains empty. In other cases, we use a generic response code for input errors (400), and the response body includes an error entity with additional details on the error, including an application error code and a human readable error description. The format of this error entity is shown in the following table.

HTTP Status Code SummaryDescription
400 - UnauthorizedThe request was unacceptable, often due to missing a required parameter.
401 - UnauthorizedNo valid API key provided.
402 - Request FailedThe parameters were valid but the request failed.
403 - ForbiddenThe API key doesn't have permissions to perform the request.
404 - Not FoundThe requested resource doesn't exist.
409 - ConflictThe request conflicts with another request (perhaps due to using the same idempotent key).
429 - Too Many RequestsToo many requests hit the API too quickly. We recommend an exponential backoff of your requests.
500, 502, 503, 504 - Server ErrorsSomething went wrong on Botlhale's end (these are rare).

Contact us

info

We are here to help! Please contact us with any questions.