ChangePulse is a production-ready public API that allows developers to register website URLs and manage them as monitored sources.
Using simple API key authentication, third-party applications can create, list, and delete sources through a clean REST interface. The backend was generated with AI and then refined in Xano to ensure secure access, predictable behavior, and real-world usability as a consumable public API.
API Documentation
Base URL: https://x8ki-letl-twmt.n7.xano.io/api:QOvnVq46
Authentication: All endpoints require an x-api-key header.
POST /v1/sources
Create a new monitored website source.
bash
curl -X POST "https://x8ki-letl-twmt.n7.xano.io/api:QOvnVq46/v1/sources" \
-H "Content-Type: application/json" \
-H "x-api-key: test-api-key-123" \
-d '{"url": "https://example.com"}'
## Demo
The API can be tested directly using curl or any HTTP client.
Below is a simple end-to-end example showing how a third-party application would interact with the API:
1. Create a source using POST /v1/sources
2. Retrieve sources using GET /v1/sources
3. Remove a source using DELETE /v1/sources/{source_id}
These examples demonstrate the full lifecycle of a monitored source using API key authentication.
## The AI Prompt I Used
I am building a public API in Xano.
Context:
- Tables already exist: api_key, source, item, webhook, webhook_delivery, event_log
- The api_key table contains an extra table-reference field called user_id that cannot be deleted
- I want to ignore this field and proceed cleanly
Your task:
1. Treat api_key as the authentication entity (API-key-based auth only)
2. Ignore user_id completely — do not use it in any endpoints or logic
3. Design API endpoints assuming api_key is standalone
4. When referencing ownership, always use api_key.id
Start by:
- Defining API key auth middleware logic in Xano
- Then define POST /v1/sources and GET /v1/sources
## How I Refined the AI-Generated Code
After generating the initial backend structure with AI, I refined the implementation directly in Xano to ensure correct behavior and production readiness.
Key refinements included:
- Correcting API key validation logic so requests fail only when a key is missing or invalid, not when it is present.
- Updating HTTP header access to use bracket notation for `x-api-key`, which is required when headers contain hyphens.
- Fixing endpoint path issues that caused unintended 404 errors during testing.
- Iteratively testing each endpoint using Xano’s Run feature and curl commands to validate request flow and error handling.
These refinements ensured the API behaved predictably, securely, and consistently for third-party consumers.
## My Experience with Xano
Xano made it possible to go from an AI-generated backend to a functional, production-ready API very quickly.
The visual API builder helped make request flow and logic easy to reason about, while the integrated database removed the need for additional infrastructure. The main learning curve was understanding how Xano’s visual components map to traditional backend concepts like middleware, validation, and conditionals.
Overall, Xano proved to be a strong platform for refining AI-generated backend code into something reliable and usable in real-world applications.
Top comments (0)