# Getting Started Five minutes from zero to a paginated session list. This walkthrough assumes you already have a Not AI integration provisioned and access to the dashboard at `dash.isnotai.com`. ## 1. Mint an API key API keys are created in the Not AI dashboard. Sign in at `dash.isnotai.com`, open the integration you want to read from, and create a new key under the **API Keys** section. Every key: - Starts with the literal prefix `aik_v1_` and is 47 characters in total (7-character prefix plus a 40-character base64url body). - Is shown once, at creation. Copy it into a secret store immediately. The dashboard does not display it again. - Is scoped to the integration it was minted under. The integration is implicit in the key, which is why no `/{integrationHash}` segment appears in any URL on this surface. - Is bound to a region. A key minted in the US dashboard authenticates against `https://api.isnotai.com`. A key minted in the EU dashboard authenticates against `https://api-eu.isnotai.com`. EU and US are fully isolated; a key does not cross the boundary. Export the key into your shell so the snippets below work without editing: ```bash export ISNOTAI_API_KEY="aik_v1_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" ``` ## 2. Verify connectivity The health probe is unauthenticated. Use it to confirm DNS resolves and the regional stack is up before you debug anything else: ```bash curl https://api.isnotai.com/health ``` Expected response (200): ```json { "status": "healthy", "version": "1.0.17.0", "timestamp": "2026-06-10T12:00:00.0000000+00:00" } ``` If this returns anything other than 200, the rest of this guide will not work. Check the [Not AI status page](https://status.isnotai.com) or your network egress before continuing. ## 3. Confirm your key resolves `GET /v1/integration` echoes the integration the presented key was matched to. It is the single best smoke test for a new credential, and it is what AI agents should call first to confirm they are pointed at the right account. ```bash curl https://api.isnotai.com/v1/integration \ -H "Authorization: Bearer $ISNOTAI_API_KEY" ``` Expected response (200): ```json { "data": { "id": "integration-abc123", "institutionName": "Example University", "planId": "pro", "apiKeyMasked": "aik_v1_********************************wxyz", "apiKeyLastUsedAt": "2026-06-10T11:59:58.123Z" } } ``` A `401` with `INVALID_API_KEY` means the key was missing, malformed, unknown, or pointed at the other region. See [Authentication](/developers/authentication) for the failure mode. ## 4. List a few sessions Every list endpoint follows the same shape: a `data` array plus a `pagination` envelope. The request-side page size parameter is `pageSize` (default 50, max 100); the response surfaces the effective value back in `pagination.limit`. ```bash curl "https://api.isnotai.com/v1/sessions?pageSize=5" \ -H "Authorization: Bearer $ISNOTAI_API_KEY" ``` Expected response (200, truncated): ```json { "data": [ { "id": "sess_01HV...", "userId": "user_abc", "status": "active", "createdAt": "2026-06-10T11:42:01.000Z" } ], "pagination": { "nextCursor": "eyJ0b2tlbiI6Ii4uLiJ9", "hasMore": true, "limit": 5 } } ``` Pass `nextCursor` back as `?cursor=...` on the next request to keep walking. See [Pagination](/developers/pagination) for the full iteration pattern and filter conventions (`startDate`, `endDate`, `status`, `botOnly`). ## The same call in Python ```python import os import requests BASE_URL = "https://api.isnotai.com" API_KEY = os.environ["ISNOTAI_API_KEY"] response = requests.get( f"{BASE_URL}/v1/sessions", headers={"Authorization": f"Bearer {API_KEY}"}, params={"pageSize": 5}, timeout=10, ) response.raise_for_status() payload = response.json() for session in payload["data"]: print(session["id"], session["status"]) next_cursor = payload["pagination"].get("nextCursor") ``` ## The same call in Node.js ```javascript const BASE_URL = "https://api.isnotai.com"; const API_KEY = process.env.ISNOTAI_API_KEY; const url = new URL(`${BASE_URL}/v1/sessions`); url.searchParams.set("pageSize", "5"); const response = await fetch(url, { headers: { Authorization: `Bearer ${API_KEY}` }, }); if (!response.ok) { throw new Error(`Not AI API ${response.status}`); } const payload = await response.json(); for (const session of payload.data) { console.log(session.id, session.status); } const nextCursor = payload.pagination?.nextCursor; ``` ## The same call in C# ```csharp using System.Net.Http.Headers; using System.Net.Http.Json; using System.Text.Json; var baseUrl = "https://api.isnotai.com"; var apiKey = Environment.GetEnvironmentVariable("ISNOTAI_API_KEY")!; using var client = new HttpClient { BaseAddress = new Uri(baseUrl) }; client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", apiKey); var response = await client.GetAsync("/v1/sessions?pageSize=5"); response.EnsureSuccessStatusCode(); var payload = await response.Content.ReadFromJsonAsync(); foreach (var session in payload.GetProperty("data").EnumerateArray()) { Console.WriteLine($"{session.GetProperty("id").GetString()} {session.GetProperty("status").GetString()}"); } string? nextCursor = payload.GetProperty("pagination").TryGetProperty("nextCursor", out var c) && c.ValueKind == JsonValueKind.String ? c.GetString() : null; ``` ## Where to go next - [Authentication](/developers/authentication). Both header forms, what `INVALID_API_KEY` covers, and key rotation. - [Pagination](/developers/pagination). Iterating list endpoints, cursor opacity, and per-endpoint limits. - [Rate Limits](/developers/rate-limits). Quota behavior, tier resolution, and `Retry-After` semantics. - [Error Handling](/developers/error-handling). Every stable error code and when to retry. - The full endpoint list and schemas in the API Reference (left navigation), generated from the [OpenAPI spec](/developers/spec/swagger.json).