Guides

Changelog

All notable changes to the Open Paws API are documented here.

Versioning Policy

The Open Paws API uses URL-based versioning (/v1/). Breaking changes are announced at least 30 days in advance and documented here.

See API Stability for our full compatibility policy.

2026-04-25

Removed

Dark fleet routes: The six dark fleet stub routes added on 2026-04-12 (/v1/corporate-watch/{path*}, /v1/volunteer/{path*}, /v1/intelligence/{path*}, /v1/fundraising/{path*}, /v1/media-intel/{path*}, /v1/policy-watch/{path*}) were removed in PR #50 (2026-04-21). They returned 503 with no backing services and never carried real traffic. Env vars in env.example are legacy from that period — restoration depends on those services existing first.

2026-04-12

Added

Dark fleet routes (Alpha / Internal Preview): Added six env-var gated internal preview routes (PR #36). Subsequently removed in PR #50 (2026-04-21) — see 2026-04-25 entry.
- /v1/corporate-watch/{path*}
- /v1/volunteer/{path*}
- /v1/intelligence/{path*}
- /v1/fundraising/{path*}
- /v1/media-intel/{path*}
- /v1/policy-watch/{path*}

2026-03-17

Breaking Changes

API versioning: All public API endpoints now use /v1/ prefix (e.g., /search/all → /v1/search/all). The /health endpoint remains unversioned. Update your base URLs and API client paths accordingly.
Free tier rate limit: Increased from 1 req/hour to 10 req/hour to support developer evaluation workflows.

Added

Data collection opt-out: All outbound requests to AI providers now include X-Data-Collection: deny header for explicit data retention opt-out.

Improved

Documentation: Added realistic advocacy-themed examples to all endpoint request/response documentation (content generation, chat, intent detection, legal guidance, issue tracking, knowledge search, company investigation)
Pricing transparency: All endpoint descriptions now include per-request pricing information
Internal endpoints: Clerk webhook endpoint marked as internal-only in API reference

Fixed

Legal guidance endpoint: Now accepts both prompt and situation fields for backward compatibility with different client implementations
Company investigation schema: Added website and researchFocus fields to match actual API behavior
OSINT personal profile: Added user tracking ID to n8n payload for result delivery

2026-03-16

Fixed

Security: Stripe webhook signature verification now uses constant-time comparison (was using ===)
Security: Search queries now escape ILIKE wildcard characters (%, _) to prevent pattern injection
Privacy: Removed verbose debug logging from API key handlers that could expose user objects

Improved

Developer API: Extracted shared Zuplo Developer API client to reduce code duplication across API key handlers (-381 lines)
Test coverage: Added 70 new tests covering API key handlers, Stripe billing handlers, and search handlers (294 → 364 total)

2026-02-28

Added

Getting Started guide: Step-by-step authentication, first request examples, search types, rate limits
Pricing page: Plan comparison table, per-endpoint pricing, nonprofit discounts
Interactive playground: "Try it" buttons for search endpoints in documentation

2026-01-09

Added

Initial API release: 12 public endpoints across Search, OSINT, Content, Chat, Legal, Tracking, and Knowledge categories
Developer portal: API key management (create, list, roll, update, delete)
Stripe billing: Pay As You Go plan with usage-based metering
Nonprofit discounts: 50% for small nonprofits, 25% for large nonprofits

Last modified on May 4, 2026

API Stability Observability

Guides

Changelog

All notable changes to the Open Paws API are documented here.

Versioning Policy

The Open Paws API uses URL-based versioning (/v1/). Breaking changes are announced at least 30 days in advance and documented here.

See API Stability for our full compatibility policy.

2026-04-25

Removed

Dark fleet routes: The six dark fleet stub routes added on 2026-04-12 (/v1/corporate-watch/{path*}, /v1/volunteer/{path*}, /v1/intelligence/{path*}, /v1/fundraising/{path*}, /v1/media-intel/{path*}, /v1/policy-watch/{path*}) were removed in PR #50 (2026-04-21). They returned 503 with no backing services and never carried real traffic. Env vars in env.example are legacy from that period — restoration depends on those services existing first.

2026-04-12

Added

Dark fleet routes (Alpha / Internal Preview): Added six env-var gated internal preview routes (PR #36). Subsequently removed in PR #50 (2026-04-21) — see 2026-04-25 entry.
- /v1/corporate-watch/{path*}
- /v1/volunteer/{path*}
- /v1/intelligence/{path*}
- /v1/fundraising/{path*}
- /v1/media-intel/{path*}
- /v1/policy-watch/{path*}

2026-03-17

Breaking Changes

API versioning: All public API endpoints now use /v1/ prefix (e.g., /search/all → /v1/search/all). The /health endpoint remains unversioned. Update your base URLs and API client paths accordingly.
Free tier rate limit: Increased from 1 req/hour to 10 req/hour to support developer evaluation workflows.

Added

Data collection opt-out: All outbound requests to AI providers now include X-Data-Collection: deny header for explicit data retention opt-out.

Improved

Documentation: Added realistic advocacy-themed examples to all endpoint request/response documentation (content generation, chat, intent detection, legal guidance, issue tracking, knowledge search, company investigation)
Pricing transparency: All endpoint descriptions now include per-request pricing information
Internal endpoints: Clerk webhook endpoint marked as internal-only in API reference

Fixed

Legal guidance endpoint: Now accepts both prompt and situation fields for backward compatibility with different client implementations
Company investigation schema: Added website and researchFocus fields to match actual API behavior
OSINT personal profile: Added user tracking ID to n8n payload for result delivery

2026-03-16

Fixed

Security: Stripe webhook signature verification now uses constant-time comparison (was using ===)
Security: Search queries now escape ILIKE wildcard characters (%, _) to prevent pattern injection
Privacy: Removed verbose debug logging from API key handlers that could expose user objects

Improved

Developer API: Extracted shared Zuplo Developer API client to reduce code duplication across API key handlers (-381 lines)
Test coverage: Added 70 new tests covering API key handlers, Stripe billing handlers, and search handlers (294 → 364 total)

2026-02-28

Added

Getting Started guide: Step-by-step authentication, first request examples, search types, rate limits
Pricing page: Plan comparison table, per-endpoint pricing, nonprofit discounts
Interactive playground: "Try it" buttons for search endpoints in documentation

2026-01-09

Added

Initial API release: 12 public endpoints across Search, OSINT, Content, Chat, Legal, Tracking, and Knowledge categories
Developer portal: API key management (create, list, roll, update, delete)
Stripe billing: Pay As You Go plan with usage-based metering
Nonprofit discounts: 50% for small nonprofits, 25% for large nonprofits

Last modified on May 4, 2026

API Stability Observability