Base URL
All API endpoints are relative to your Shootbin instance URL:https://your-shootbin-domain.com/api/projects.
Plan requirement
Authentication
All requests must include anAuthorization header with a Bearer token. You also need to send Accept: application/json so the API returns JSON error responses instead of HTML redirects.
401 errors.
Content types
| Request type | Content-Type header |
|---|---|
| JSON body (projects, approvals, annotations) | application/json |
| File uploads (photos, revisions) | multipart/form-data (set automatically by curl -F) |
Content-Type: application/json for file upload requests, curl handles the correct multipart boundary when you use the -F flag.
Response format
Successful responses return JSON. The shape varies by endpoint, but collection endpoints follow this general structure:201 Created with the new resource. Delete endpoints return 204 No Content with an empty body.
Error responses
All errors return a JSON object. Common HTTP status codes you will encounter:| Status | Meaning |
|---|---|
400 | Validation error, check the errors field for field-level messages |
401 | Missing or invalid API token |
403 | Valid token but insufficient permissions or wrong plan |
404 | Resource not found or does not belong to the requested project/album |
422 | Unprocessable entity, business rule violation (e.g. selection limit exceeded) |

