Getting started
In under five minutes you'll make your first authenticated request and read a blog's published content. All you need is the blog's API key and an HTTP client.
Prerequisites
- A blog created in DraftIn with at least one published post.
-
The blog's API key (the
X-API-Keyheader). See Authentication. -
An HTTP client:
curl, the browser'sfetchor Node 22+.
1. Keep your key safe
The API key grants read access to the blog's content. Keep it out of your source code — use an environment variable:
# Never commit this file. Add ".env" to your .gitignore.
DRAFTIN_API_KEY=dra_xxxxxxxxxxxxxxxxxxxxxxxxxxx 2. Learn the base URL
All public endpoints live under the /public prefix from
the production base
https://api.draftin.io. A full path looks like this:
https://api.draftin.io/public/posts 3. Make the first call
List the five most recent published posts. The key goes in the X-API-Key header; no other header is required for GET requests.
curl https://api.draftin.io/public/posts?limit=5 \
-H "X-API-Key: $DRAFTIN_API_KEY" const BASE = "https://api.draftin.io";
const res = await fetch(`${BASE}/public/posts?limit=5`, {
headers: { "X-API-Key": process.env.DRAFTIN_API_KEY },
});
if (!res.ok) throw new Error(`Request failed: ${res.status}`);
const { data: posts } = await res.json();
console.log(`${posts.length} posts loaded`); const BASE = "https://api.draftin.io";
interface Post {
id: string;
title: string;
slug: string;
status: "PUBLISHED";
publishedAt: string | null;
content: string;
}
const res = await fetch(`${BASE}/public/posts?limit=5`, {
headers: { "X-API-Key": process.env.DRAFTIN_API_KEY as string },
});
const { data: posts } = (await res.json()) as { data: Post[] };
posts.forEach((p) => console.log(p.title, "→", p.slug)); // Node 22+ — fetch is global, no dependencies needed.
// Run with: DRAFTIN_API_KEY=yourkey node list-posts.js
const BASE = "https://api.draftin.io";
async function main() {
const res = await fetch(`${BASE}/public/posts?limit=5`, {
headers: { "X-API-Key": process.env.DRAFTIN_API_KEY },
});
if (res.status === 401) {
console.error("Invalid or missing API key.");
process.exit(1);
}
const { data: posts } = await res.json();
console.table(posts.map((p) => ({ title: p.title, slug: p.slug })));
}
main().catch(console.error);
A successful response (200 OK) is a { success, data } envelope with the array of Post objects in data:
{
"success": true,
"data": [
{
"id": "clxxx101",
"title": "My First Post",
"subtitle": "Post subtitle",
"slug": "my-first-post",
"status": "PUBLISHED",
"publishedAt": "2026-06-01T12:00:00.000Z",
"content": "Post content in HTML or Markdown",
"blogId": "clxxx789",
"authorId": "clxxx123",
"categories": [],
"tags": []
}
]
} 4. Handle missing authentication
If the key is wrong or missing, the API responds 401 Unauthorized. Always check res.ok (or the status) before consuming the body:
const res = await fetch("https://api.draftin.io/public/posts", {
headers: { "X-API-Key": process.env.DRAFTIN_API_KEY },
});
switch (res.status) {
case 200:
return (await res.json()).data; // the payload comes in data
case 401:
throw new Error("Invalid or missing API key.");
default:
throw new Error(`Unexpected error: ${res.status}`);
}