v1 public docs2026.05-v1

API Reference

A secure external API for FaithGPT responses with clean Markdown, Scripture-aware guardrails, documented JSON shapes, and request-level usage accounting.

Base URL

https://api.faithgpt.io/v1

Auth

Bearer API key

Contract

JSON + OpenAPI

Read docs Docs JSON OpenAPI

Base URL

https://api.faithgpt.io/v1

Endpoints

4

Guardrails

10

Artifacts

11

Protocol

HTTPS

Sign-in required

Dashboard

Signed-in Max customers can create, pause, resume, revoke, and inspect API key prefixes from the dashboard view. Raw keys are shown once.

API key

Sign in to create keys

Sign in required
API docs

Requests

Sign in

Recent API request records

Credits Used

Sign in

Backend-calculated usage

Completed

Sign in

Successful persisted requests

Average Latency

Sign in

Measured from real requests

Daily API Usage

Last 7 UTC days

Day 1

Day 2

Day 3

Day 4

Day 5

Day 6

Day 7

Usage appears here after real API requests are recorded for this account.

Rate Limit Status

Daily creditsSign in
Monthly creditsSign in

Endpoint Breakdown

No endpoint usage recorded yet.

Recent Requests

View docs
TimestampEndpointStatusCreditsLatency
Real request records will appear here after this account calls the API.

Sign in with a Max account to create and manage API keys.

Create a key to view real prefixes, status, scopes, caps, and usage controls. Raw keys are shown only immediately after creation.

Quickstart

Authenticated request

Generate a FaithGPT answer

curl
curl https://api.faithgpt.io/v1/faithgpt/answer \
  -H "Authorization: Bearer fgpt_live_your_key" \
  -H "Content-Type: application/json" \
  -d '{
    "prompt": "Explain Romans 8:28 with pastoral care.",
    "responseFormat": "markdown",
    "maxOutputTokens": 600
  }'

Every runtime URL uses https://api.faithgpt.io/v1. Use your own key in the Authorization header.

Real request builder

Playground

Sign in and enable API access before creating keys. Without a key, the playground can still build requests but cannot run them.

Request body

API keys are still validated by the backend. This page never stores the key you enter.

Live cURL
curl https://api.faithgpt.io/v1/faithgpt/answer \
  -H "Authorization: Bearer fgpt_live_your_key" \
  -H "Content-Type: application/json" \
  -d '{
  "prompt": "Explain Romans 8:28 with pastoral care.",
  "responseFormat": "markdown",
  "maxOutputTokens": 600
}'

Quick links

OpenAPI specRate limitsError codes

Endpoints

Endpoint docs are generated from /api/faithgpt-api.docs.json. Benchmark harness routes stay out of the public OpenAPI contract.

Return a clean Markdown FaithGPT answer using the production harness without FaithGPT rendering tags.

Request JSON
{
  "prompt": "Explain Romans 8:28 with pastoral care.",
  "responseFormat": "markdown",
  "maxOutputTokens": 600
}
Response Shape
{
  "id": "string",
  "answerMarkdown": "string",
  "citations": "array",
  "usage": "input/output token details",
  "billing": "backend-calculated credit usage metadata"
}
promptInjectionsensitiveDataunsafeOutputcostAbuse

Authentication

Access

Bearer keys

FaithGPT API keys are sent as Bearer tokens, stored as secure hashes, scoped by endpoint family, and can be rotated or revoked.

Header
Authorization: Bearer fgpt_live_your_key

Create and manage keys from your signed-in FaithGPT account. The raw key is shown once at creation; future views show only the prefix.

Security

Hash API keys at rest; show only key prefix after creation.

Require scopes for each endpoint family.

Block API access unless the signed-in account has API access enabled.

Apply per-key, per-user, per-IP, per-route, and global rate limits.

Preflight estimated credit usage and stop requests above configured caps.

Reconcile credits after actual input and output tokens are known.

Strip FaithGPT rendering tags such as <bible> before external responses.

Separate instructions from untrusted project knowledge, files, and web sources.

Store request IDs, latency, route, model, status, token accounting, abuse flags, and safety decisions.

Never expose benchmark evaluation materials, runner metadata, provider keys, deployment URLs, or operations paths.

Usage And Account Controls

Backend calculated

Credit Usage

Credit usage is calculated on the backend, estimated before generation, and reconciled after actual input and output tokens are known.

Account managed

Controls

Account and API controls can configure key scopes, daily and monthly usage caps, rate limits, revocation, and request telemetry.

Responses

Rate Limit Headers

X-RateLimit-Limit

Maximum requests or credit units allowed in the current window.

X-RateLimit-Remaining

Remaining capacity before the key is limited.

X-RateLimit-Reset

Unix timestamp when the current window resets.

Retry-After

Seconds to wait before retrying when a 429 response is returned.

Errors

JSON

Error Envelope

Response
{
  "error": {
    "message": "Too many requests. Try again in 12 seconds.",
    "type": "rate_limit_error",
    "code": "rate_limited"
  },
  "request_id": "req_..."
}
400bad_request

Malformed JSON or a missing required field.

401invalid_api_key

Missing, malformed, revoked, or unknown API key.

402insufficient_credits

The request exceeds account credits or configured caps.

403insufficient_scope

The key does not have access to this endpoint.

429rate_limited

The key, account, IP, or route exceeded a configured limit.

500server_error

Unexpected server error. Retry with exponential backoff.