Public API · v1
Every public surface — stamps, artists, storefronts — readable by machine. Convention organizers, magazines, suppliers, anyone who needs to verify a piece or list working artists.
| Method | Path | Description |
|---|---|---|
| GET | /api/public/v1/stamps | Most recent stamps, paginated |
| GET | /api/public/v1/stamps/{hash} | Verify a stamp by hash |
| GET | /api/public/v1/artists | Public artists, filterable by country |
| GET | /api/public/v1/artists/{handle} | Artist profile + recent pieces |
| GET | /api/public/v1/storefronts | Active storefronts, filterable by tier |
| GET | /api/public/v1/storefronts/{slug} | Storefront detail + listings |
Anonymous calls are allowed for cacheable read endpoints, capped at 30 requests/minute. For higher limits or a partner integration, request a key from your account settings.
# header Authorization: Bearer tos_xxxxxxxxxxxxxxxxxxxxxxxx # or x-api-key: tos_xxxxxxxxxxxxxxxxxxxxxxxx
curl https://tattooos.ink/api/public/v1/stamps?limit=5
{
"data": [
{
"hash": "abc123…",
"created_at": "2026-05-08T14:22:01.000Z",
"piece": { "id": "...", "title": "...", "image_url": "...",
"artist_handle": "@artist", "artist_name": "Artist Name" },
"verify_url": "https://tattooos.skin/stamp/abc123…"
}
],
"next_cursor": "…"
}List endpoints accept limit (max 100) and cursor. The response's next_cursor is null when there are no more pages.
Responses set cache-control: public, max-age=60, s-maxage=300 and access-control-allow-origin: * — safe to call from any origin and cache aggressively at the edge.
For drop-in iframe cards (stamp · artist · storefront), see /embed. No key required.