Skip to main content
Terminal Control logoTerminal Control

API Documentation

Complete reference for the Terminal Control API

Get API Key

Authentication

Terminal Control uses API keys to authenticate requests. You can create and manage API keys from your dashboard settings.

API Key Format

tc_live_sk_1234567890abcdef1234567890abcdef

Keys start with tc_live_sk_ for production or tc_test_sk_ for sandbox environments.

Making Requests

Include your API key in the Authorization header:

curl -X GET "http://localhost:3000/api/terminals" \
  -H "Authorization: Bearer tc_live_sk_your_key_here" \
  -H "Content-Type: application/json"

Rate Limits

API requests are rate limited based on your subscription plan. Rate limit information is included in response headers.

PlanRequests/Minute
Free100
Starter500
Professional2,000
Enterprise10,000

Response Headers

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 950
X-RateLimit-Reset: 1609459200

Error Handling

The API uses standard HTTP status codes and returns JSON error responses.

CodeDescription
400Bad Request - Invalid parameters
401Unauthorized - Invalid or missing API key
403Forbidden - Insufficient permissions
404Not Found - Resource doesn't exist
429Too Many Requests - Rate limit exceeded
500Internal Server Error

Terminals

Manage Starlink terminals in your organization.

GET/api/terminals

List all terminals for your organization

Required scope: read:terminals

POST/api/terminals

Create a new terminal

Required scope: write:terminals

GET/api/terminals/:id

Get a specific terminal by ID

Required scope: read:terminals

Customers

Manage customer records and their associated terminals.

GET/api/customers

List all customers

Required scope: read:customers

POST/api/customers

Create a new customer

Required scope: write:customers

Webhooks

Receive real-time notifications when events occur in your organization.

Available Events

  • terminal.created - New terminal added
  • terminal.updated - Terminal details changed
  • terminal.status_changed - Terminal status changed
  • customer.created - New customer added
  • payment.created - Payment recorded
  • import.completed - Bulk import finished

Verifying Signatures

Each webhook includes an HMAC-SHA256 signature in the X-Webhook-Signature header.

import { createHmac } from "crypto";

function verifySignature(
  payload: string,
  signature: string,
  secret: string
): boolean {
  const expected = createHmac("sha256", secret)
    .update(payload)
    .digest("hex");
  const provided = signature.replace("sha256=", "");
  return expected === provided;
}