Официальные SDK

Типизированные клиенты для REST API для пяти наиболее запрашиваемых языков. Каждый включает bearer-аутентификацию, повторные попытки с экспоненциальным откатом для 429 и 5xx и хелпер verifyWebhookSignature для HMAC-SHA256-верификации заголовка X-Abundera-Signature. Лицензия MIT.

Источник правды: /docs/openapi.json · Проблемы: support@abundera.ai

TS
TypeScript

Node 18+ · без зависимостей в рантайме

@abundera/qr-pro

npmView →
Py
Python

3.9+ · httpx

abundera-qr-pro

PyPIView →
Go
Go

1.21+ · только stdlib

github.com/abundera/qr-pro-go

Go modulesView →
Rb
Ruby

3.0+ · Faraday

abundera-qr-pro

RubyGemsView →
PHP
PHP

8.1+ · Guzzle / PSR-18

abundera/qr-pro

PackagistView →

TypeScript / Node

@abundera/qr-pro

Node 18+. Никаких зависимостей в рантайме. Сборки ESM и CJS.

Установка

npm install @abundera/qr-pro

Создать код

import { AbunderaQRProClient } from "@abundera/qr-pro";

const client = new AbunderaQRProClient({
  apiKey: process.env.ABUNDERA_API_KEY!,
});

const code = await client.createCode({
  destination_url: "https://example.com/launch",
  label: "Spring launch poster",
});

console.log(code.short_url);

Верификация вебхука

import { verifyWebhookSignature } from "@abundera/qr-pro";

verifyWebhookSignature({
  signature: req.headers["x-abundera-signature"],
  body: rawBody,
  secret: process.env.ABUNDERA_WEBHOOK_SECRET!,
});
// throws on bad signature / skew, safe to parse body after this line

Исходный код на GitHub →

Python

abundera-qr-pro

Python 3.9+. Одна зависимость (httpx). Синхронные и асинхронные клиенты.

Установка

pip install abundera-qr-pro

Создать код

from abundera_qr_pro import Client

with Client(api_key="abnd_qrpro_...") as c:
    code = c.create_code(
        destination_url="https://example.com/launch",
        label="Spring launch poster",
    )
    print(code.short_url)

Верификация вебхука

from abundera_qr_pro import verify_webhook_signature
from abundera_qr_pro.webhook import WebhookVerificationError

try:
    verify_webhook_signature(
        signature=request.headers["X-Abundera-Signature"],
        body=request.body,
        secret=os.environ["ABUNDERA_WEBHOOK_SECRET"],
    )
except WebhookVerificationError:
    return "", 400

Исходный код на GitHub →

Go

github.com/abundera/qr-pro-go

Go 1.21+. Standard library only. Context-aware throughout.

Установка

go get github.com/abundera/qr-pro-go

Создать код

import qrpro "github.com/abundera/qr-pro-go"

c, _ := qrpro.New(os.Getenv("ABUNDERA_API_KEY"))
ctx := context.Background()

code, err := c.CreateCode(ctx, qrpro.CodeCreate{
    DestinationURL: "https://example.com/launch",
    Label:          "Spring launch poster",
})
if err != nil { log.Fatal(err) }
fmt.Println(code.ShortURL)

Верификация вебхука

if err := qrpro.VerifyWebhookSignature(
    r.Header.Get("X-Abundera-Signature"),
    body,
    os.Getenv("ABUNDERA_WEBHOOK_SECRET"),
    0, // default 300s tolerance
); err != nil {
    http.Error(w, "bad signature", http.StatusBadRequest)
    return
}

Исходный код на GitHub →

Ruby

abundera-qr-pro

Ruby 3.0+. Built on Faraday. Plays nicely with Rails initialisers.

Установка

gem install abundera-qr-pro
# or in Gemfile
gem "abundera-qr-pro"

Создать код

require "abundera/qr_pro"

client = Abundera::QRPro::Client.new(api_key: ENV.fetch("ABUNDERA_API_KEY"))

code = client.create_code(
  destination_url: "https://example.com/launch",
  label: "Spring launch poster",
)

puts code.short_url

Верификация вебхука

require "abundera/qr_pro/webhook"

begin
  Abundera::QRPro::Webhook.verify!(
    signature: request.headers["X-Abundera-Signature"],
    body: request.raw_post,
    secret: ENV.fetch("ABUNDERA_WEBHOOK_SECRET"),
  )
rescue Abundera::QRPro::Webhook::InvalidSignature
  head :bad_request
end

Исходный код на GitHub →

PHP

abundera/qr-pro

PHP 8.1+. Works with any PSR-18 HTTP client (Guzzle by default). Laravel and Symfony service providers ship in the same package.

Установка

composer require abundera/qr-pro

Создать код

use Abundera\QrPro\Client;

$client = new Client(apiKey: getenv('ABUNDERA_API_KEY'));

$code = $client->createCode(
    destinationUrl: 'https://example.com/launch',
    label: 'Spring launch poster',
);

echo $code->shortUrl;

Верификация вебхука

use Abundera\QrPro\Webhook;
use Abundera\QrPro\WebhookException;

try {
    Webhook::verify(
        signature: $_SERVER['HTTP_X_ABUNDERA_SIGNATURE'] ?? '',
        body: file_get_contents('php://input'),
        secret: getenv('ABUNDERA_WEBHOOK_SECRET'),
    );
} catch (WebhookException $e) {
    http_response_code(400);
    exit;
}

Исходный код на GitHub →

What every SDK covers

Codeslist, get, create, update, delete, slug check, import.
AnalyticsJSON and CSV exports with from/to date filters.
Groupslist, create, delete, assign codes.
Webhookslist, create (with secret), delete, plus a signature-verify helper.
User/me, account export.

Admin, Stripe-webhook, and infra endpoints are intentionally out of scope for SDKs — they are service-to-service only. The full endpoint list is in the OpenAPI 3.1 spec.

Postman collection

One-click import into Postman or Insomnia: /docs/postman.json (regenerated from the OpenAPI spec on every deploy). Every request is pre-configured with the bearer-token auth header template — set your API key once at the collection level and every endpoint inherits it.

Prefer raw OpenAPI? Postman supports OpenAPI 3.1 natively: File → Import → Link, then paste https://pro.qr.abundera.ai/docs/openapi.json.

Versioning policy

SDKs follow SemVer and are versioned independently of the API. An SDK bugfix (0.1.0 → 0.1.1) does not change the API version. An additive API change (new endpoint, new optional field) does not force an SDK major bump.

SDK patch (0.1.x) — bugfix, docs, no public-API change. Safe to auto-update.
SDK minor (0.x.0) — new methods to cover new API endpoints, or ergonomic additions. Backwards compatible.
SDK major (1.0.0 → 2.0.0) — rename, removal, type-shape change. Only when the API majors, or when fixing a long-standing SDK ergonomic bug that can’t ship in a minor.

API versioning. The URL prefix is the major version. Today: /api/... (v1). A breaking change ships as /api/v2/..., with v1 kept alive at least 12 months and Deprecation + Sunset response headers throughout the deprecation window. Full definition of “breaking” at /docs/changelog/.

Support window. The latest minor on the current major receives security fixes. Older majors get security patches on request for paying Pro customers.

Example apps

Minimal runnable apps showing code creation, destination update, analytics read, and webhook signature verification:

node-express — TypeScript + Express, webhook endpoint with replay protection.
fastapi — Python 3.11 + FastAPI, signature verification helper wired in.
gin — Go 1.21 + Gin, idiomatic handler pattern.
rails — Rails 7 + Sidekiq, webhook handler as a job.
laravel — Laravel 11, signed-route webhook controller.

Each example is CI-tested against a mocked API. Clone, set ABUNDERA_API_KEY and ABUNDERA_WEBHOOK_SECRET, run.

Don’t see your language?

The OpenAPI 3.1 spec is the source of truth. Generate a client in any language with openapi-generator, or write a thin wrapper yourself — the API is small (six core resources, bearer-token auth). If you’d like an official SDK for a language we don’t cover, email support@abundera.ai.