Skip to main content
To start a Bondify authentication flow, call this endpoint to create a new session. The API returns a session_token and a deeplink — open the deeplink in the user’s Telegram app to prompt them to confirm or cancel the login. Once created, poll POST /api/v1/verify/public with the session_token to check the session’s status. Sessions expire after 10 minutes if not acted upon.

Endpoint

POST https://api.bondify.dev/api/v1/generate/public
No Authorization header is required. This endpoint is safe to call from a browser or mobile app.

Request body

project_id
string
required
Your Bondify project ID. You can find this in the dashboard under your project settings. Format: proj_xxxxxxxx.

Example request

curl -X POST https://api.bondify.dev/api/v1/generate/public \
  -H "Content-Type: application/json" \
  -d '{"project_id": "proj_xxxxxxxx"}'

Response

{
  "session_token": "sess_abc123xyz",
  "deeplink": "https://t.me/BondifyAuthBot?start=sess_abc123xyz"
}
session_token
string
A unique token that identifies this auth session. Pass it as session_token when calling POST /api/v1/verify/public to poll for the session’s status.
deeplink
string
A Telegram deep link that opens the Bondify bot and presents the user with a confirmation prompt. Open this URL in the user’s Telegram app — on web you can use window.open(deeplink), on mobile pass it to the device’s URL handler.

Errors

Next step

After calling this endpoint, open the deeplink in Telegram and begin polling POST /api/v1/verify/public every 2 seconds. See the Verify Session reference for the full polling flow and all possible response shapes.