AIRLERT-OPEN-API Partner developer guide

AIRlert POSTs selected HUB messages to your HTTPS endpoint as signed JSON. Your system verifies the request, stores or routes the event, and returns an accepted HTTP status.

OpenAPI JSON Open API overview Download HTML Sign in

Flow
  1. A HUB message is ingested by AIRlert.
  2. The portal stores it in user_data.
  3. If the HUB is in allowed_hub_ids, AIRlert POSTs the event to your endpoint.
  4. Your endpoint verifies authentication and returns HTTP 200 or 202.
Request
MethodPOST
Content typeapplication/json; charset=utf-8
Event headerX-Airlert-Event: hub.message.ingested
Delivery idX-Airlert-Delivery-Id
User agentAIRLERT-OPEN-API/1.0

Your production endpoint is configured server-side. Example target format: http://mirror.airlert.co.uk/php/your-partner-endpoint

Payload

The payload shape is stable. Field names below match the OpenAPI document.

{
    "type": "airlert.hub.message.ingested",
    "schema_version": "1.0",
    "event_id": "airlert-9a8b7c6d5e4f3210abcd1234-a1b2c3d4",
    "occurred_at_unix": 1781766000,
    "occurred_at": "2026-06-18T06:20:00Z",
    "source": "airlert_portal",
    "ingest_endpoint": "tttupload.php",
    "hub": {
        "canonical_hub_id": 42,
        "user_data_hub_id": 42,
        "hub_name": "Bedroom hub",
        "user_id": 3
    },
    "message": {
        "location": "Room 1",
        "sensor": "Bed pad",
        "raw": "Not Return to Bed",
        "presented": "Not Return to Bed",
        "user_data_id": 123456
    }
}
Authentication to verify
  • Check Authorization: Bearer ... against the token agreed for your endpoint.
  • Check X-Airlert-Signature when a shared_secret is configured.
  • The signature format is sha256=<hex>.
  • The algorithm is HMAC-SHA256 over the exact raw JSON request body using shared_secret.
Response and logging
  • Return HTTP 200 or 202 when accepted.
  • Other statuses, cURL errors, timeouts, invalid URLs, or JSON encode failures are recorded as failed delivery attempts.
  • AIRlert logs each attempt in Outbound Traffic using channel open_api.

Open Outbound Traffic

OpenAPI document

Use the live OpenAPI JSON for schema validation and generated client/server code.

http://mirror.airlert.co.uk/php/airlert_open_api_spec.php