OutReply API

API Changelog

Every shipping change to the OutReply Developer API. Non-breaking additions happen continuously; breaking changes are reserved for major version bumps (/api/v2).

Action-based monthly quotas & publish guardrails

New May 2026

• New quota model. Quotas now meter the actions that actually cost money — publishes and comment replies — separately from cheap reads. Counters reset on the 1st of each UTC month, not every 24h.
• Free tier = 60 publishes / 200 replies / 10 000 reads every month, forever. Pro = 500 / 3 000 / 100 000. Elite = 3 000 / 20 000 / 1 000 000. See the Tiers & limits table for the full matrix.
• New error code MONTHLY_QUOTA_EXCEEDED (HTTP 429) with quota, tier, limit, used, resets_at and upgrade_url in the body.
• Platform-aware per-page publish guardrails. Independent of tier, protects connected accounts from each platform's spam heuristics with tuned ceilings: Facebook 10/h · 40/24h, Instagram 8/h · 30/24h, LinkedIn 3/h · 15/24h, TikTok 10/h · 50/24h, X 50/h · 300/24h. Plus a 60 s min gap between scheduled posts on the same page and a 500/brand/24h runaway safety-net. Returns 429 PAGE_PUBLISH_GUARDRAIL or BRAND_PUBLISH_GUARDRAIL with retry_after_seconds.
• Quota-warning webhook retargeted. account.quota.warning now fires at 80% of a monthly bucket (once per month per bucket) instead of the old per-day budget, so alerts line up with how you actually spend.
• Sandbox tokens deprecated. No new outreply_test_* keys are minted. New signups get a read-only outreply_live_* key on the Free tier instead. Existing sandbox tokens keep working; migrate when convenient.
• GET /account + GET /dashboard/api-keys/usage now return a monthly block with per-bucket {used, limit, remaining} and the per-brand/per-page guardrail config.

Webhooks v1 & OpenAPI spec

New April 2026

• Webhooks. Subscribe to post.published, post.failed, comment.received, comment.replied, and account.quota.warning events. HMAC-SHA256 signed. Manage them from Dashboard → API → Webhooks.
• Automatic retries. Failed deliveries retry 5 times with exponential backoff (30s → 2h). Endpoints auto-disable after 20 consecutive failures.
• Secret rotation. One-click rotate; previous secret stays valid for 24h so receivers deploy the new key without downtime. Both signatures are sent during the grace window.
• OpenAPI 3.1 spec. Machine-readable spec at GET /api/v1/openapi.json. One-click copy for Postman from the docs topbar.
• Sandbox tokens. Every new signup now receives an outreply_test_* token (100 lifetime calls, read-only) so you can try the API before subscribing.
• Idempotency-Key header. Safe retries on POST/PATCH/DELETE. Replays return the cached response with Idempotency-Replayed: true; mismatched bodies return 409 IDEMPOTENCY_KEY_MISMATCH.
• Error catalog. Full list of error codes with fixes at GET /api/v1/errors.
• Quota warning webhook. Fires once per 24h when your daily request budget crosses 80% — build alerting before you hit the ceiling.
• Collaborator-issued tokens. Full-access collaborators can now create API keys on behalf of a brand. Keys auto-revoke the moment the collaborator is removed, and every create / revoke is written to the brand's audit log.
• Zapier & Make.com integrations. New manage:webhooks scope + public /api/v1/webhooks endpoints let integration platforms subscribe to events on your behalf. Official Make.com and Zapier apps are in private beta — see the Integrations guide.
• Official Node.js & Python SDKs — now live. npm install @outreply/node (npm) and pip install outreply (PyPI). Ergonomic resource-oriented clients with automatic Idempotency-Key, exponential-backoff retries, typed errors, and a zero-dep HMAC webhook verifier. Sources: outreply-node, outreply-python.

Higher Pro limits

Improved March 2026

• Pro rate limit raised 20/min → 60/min; daily cap 20,000 → 50,000.
• Pro storage quota raised to 1 GB, per-file upload limit to 100 MB.
• Dashboard now shows your current tier plus the upgrade delta inline.

Initial Public API

New February 2026

• Scoped bearer-token authentication (outreply_live_*).
• Endpoints for brands, pages, posts (schedule / cancel / list), comments (list / reply), and media (upload / list / delete).
• Per-request audit log retained for 30 days.
• Tiered quotas, per-key IP allowlists, brand-scoped keys.

Want updates in your inbox? Follow api@outreply.com.