公式 SDK

最もリクエストの多い 5 言語に対応した REST API の型付きクライアント。Bearer トークン認証、429 と 5xx での指数バックオフリトライ、X-Abundera-Signature ヘッダーの HMAC-SHA256 検証用 verifyWebhookSignature ヘルパーを標準装備。MIT ライセンス。

情報源: /docs/openapi.json · 問い合わせ: support@abundera.ai

TS
TypeScript

Node 18+ · ランタイム依存ゼロ

@abundera/qr-pro

npm詳細 →
Py
Python

3.9+ · httpx

abundera-qr-pro

PyPI詳細 →
Go
Go

1.21+ · stdlib only

github.com/abundera/qr-pro-go

Go モジュール詳細 →
Rb
Ruby

3.0+ · Faraday

abundera-qr-pro

RubyGems詳細 →
PHP
PHP

8.1+ · Guzzle / PSR-18

abundera/qr-pro

Packagist詳細 →

TypeScript / Node

@abundera/qr-pro

Node 18+。ランタイム依存ゼロ。ESM と CJS ビルド。

インストール

npm install @abundera/qr-pro

コードを作成する

import { AbunderaQRProClient } from "@abundera/qr-pro";

const client = new AbunderaQRProClient({
  apiKey: process.env.ABUNDERA_API_KEY!,
});

const code = await client.createCode({
  destination_url: "https://example.com/launch",
  label: "Spring launch poster",
});

console.log(code.short_url);

Webhook を検証する

import { verifyWebhookSignature } from "@abundera/qr-pro";

verifyWebhookSignature({
  signature: req.headers["x-abundera-signature"],
  body: rawBody,
  secret: process.env.ABUNDERA_WEBHOOK_SECRET!,
});
// 署名不正またはスキューで例外をスロー, この行の後でボディを安全にパースできます

Source on GitHub →

Python

abundera-qr-pro

Python 3.9+. Single dependency (httpx). Sync and async clients.

インストール

pip install abundera-qr-pro

コードを作成する

from abundera_qr_pro import Client

with Client(api_key="abnd_qrpro_...") as c:
    code = c.create_code(
        destination_url="https://example.com/launch",
        label="Spring launch poster",
    )
    print(code.short_url)

Webhook を検証する

from abundera_qr_pro import verify_webhook_signature
from abundera_qr_pro.webhook import WebhookVerificationError

try:
    verify_webhook_signature(
        signature=request.headers["X-Abundera-Signature"],
        body=request.body,
        secret=os.environ["ABUNDERA_WEBHOOK_SECRET"],
    )
except WebhookVerificationError:
    return "", 400

Source on GitHub →

Go

github.com/abundera/qr-pro-go

Go 1.21+. Standard library only. Context-aware throughout.

インストール

go get github.com/abundera/qr-pro-go

コードを作成する

import qrpro "github.com/abundera/qr-pro-go"

c, _ := qrpro.New(os.Getenv("ABUNDERA_API_KEY"))
ctx := context.Background()

code, err := c.CreateCode(ctx, qrpro.CodeCreate{
    DestinationURL: "https://example.com/launch",
    Label:          "Spring launch poster",
})
if err != nil { log.Fatal(err) }
fmt.Println(code.ShortURL)

Webhook を検証する

if err := qrpro.VerifyWebhookSignature(
    r.Header.Get("X-Abundera-Signature"),
    body,
    os.Getenv("ABUNDERA_WEBHOOK_SECRET"),
    0, // default 300s tolerance
); err != nil {
    http.Error(w, "bad signature", http.StatusBadRequest)
    return
}

Source on GitHub →

Ruby

abundera-qr-pro

Ruby 3.0+. Built on Faraday. Plays nicely with Rails initialisers.

インストール

gem install abundera-qr-pro
# or in Gemfile
gem "abundera-qr-pro"

コードを作成する

require "abundera/qr_pro"

client = Abundera::QRPro::Client.new(api_key: ENV.fetch("ABUNDERA_API_KEY"))

code = client.create_code(
  destination_url: "https://example.com/launch",
  label: "Spring launch poster",
)

puts code.short_url

Webhook を検証する

require "abundera/qr_pro/webhook"

begin
  Abundera::QRPro::Webhook.verify!(
    signature: request.headers["X-Abundera-Signature"],
    body: request.raw_post,
    secret: ENV.fetch("ABUNDERA_WEBHOOK_SECRET"),
  )
rescue Abundera::QRPro::Webhook::InvalidSignature
  head :bad_request
end

Source on GitHub →

PHP

abundera/qr-pro

PHP 8.1+. Works with any PSR-18 HTTP client (Guzzle by default). Laravel and Symfony service providers ship in the same package.

インストール

composer require abundera/qr-pro

コードを作成する

use Abundera\QrPro\Client;

$client = new Client(apiKey: getenv('ABUNDERA_API_KEY'));

$code = $client->createCode(
    destinationUrl: 'https://example.com/launch',
    label: 'Spring launch poster',
);

echo $code->shortUrl;

Webhook を検証する

use Abundera\QrPro\Webhook;
use Abundera\QrPro\WebhookException;

try {
    Webhook::verify(
        signature: $_SERVER['HTTP_X_ABUNDERA_SIGNATURE'] ?? '',
        body: file_get_contents('php://input'),
        secret: getenv('ABUNDERA_WEBHOOK_SECRET'),
    );
} catch (WebhookException $e) {
    http_response_code(400);
    exit;
}

Source on GitHub →

What every SDK covers

Codeslist, get, create, update, delete, slug check, import.
AnalyticsJSON and CSV exports with from/to date filters.
Groupslist, create, delete, assign codes.
Webhookslist, create (with secret), delete, plus a signature-verify helper.
User/me, account export.

Admin, Stripe-webhook, and infra endpoints are intentionally out of scope for SDKs — they are service-to-service only. The full endpoint list is in the OpenAPI 3.1 spec.

Postman collection

One-click import into Postman or Insomnia: /docs/postman.json (regenerated from the OpenAPI spec on every deploy). Every request is pre-configured with the bearer-token auth header template — set your API key once at the collection level and every endpoint inherits it.

Prefer raw OpenAPI? Postman supports OpenAPI 3.1 natively: File → Import → Link, then paste https://pro.qr.abundera.ai/docs/openapi.json.

Versioning policy

SDKs follow SemVer and are versioned independently of the API. An SDK bugfix (0.1.0 → 0.1.1) does not change the API version. An additive API change (new endpoint, new optional field) does not force an SDK major bump.

SDK patch (0.1.x) — bugfix, docs, no public-API change. Safe to auto-update.
SDK minor (0.x.0) — new methods to cover new API endpoints, or ergonomic additions. Backwards compatible.
SDK major (1.0.0 → 2.0.0) — rename, removal, type-shape change. Only when the API majors, or when fixing a long-standing SDK ergonomic bug that can’t ship in a minor.

API versioning. The URL prefix is the major version. Today: /api/... (v1). A breaking change ships as /api/v2/..., with v1 kept alive at least 12 months and Deprecation + Sunset response headers throughout the deprecation window. Full definition of “breaking” at /docs/changelog/.

Support window. The latest minor on the current major receives security fixes. Older majors get security patches on request for paying Pro customers.

Example apps

Minimal runnable apps showing code creation, destination update, analytics read, and webhook signature verification:

node-express — TypeScript + Express, webhook endpoint with replay protection.
fastapi — Python 3.11 + FastAPI, signature verification helper wired in.
gin — Go 1.21 + Gin, idiomatic handler pattern.
rails — Rails 7 + Sidekiq, webhook handler as a job.
laravel — Laravel 11, signed-route webhook controller.

Each example is CI-tested against a mocked API. Clone, set ABUNDERA_API_KEY and ABUNDERA_WEBHOOK_SECRET, run.

Don’t see your language?

The OpenAPI 3.1 spec is the source of truth. Generate a client in any language with openapi-generator, or write a thin wrapper yourself — the API is small (six core resources, bearer-token auth). If you’d like an official SDK for a language we don’t cover, email support@abundera.ai.