Errova

Direct Ingest API

Send Errova events without an SDK using the same wire contract the official SDKs use.

Use direct ingest when you are instrumenting a runtime without a dedicated SDK, building a central event relay, or you need full control over serialization, batching, or transport behavior. If your framework already has an SDK package, prefer that package first (recommended).

When Direct Ingest Is a Good Fit

  • Custom runtimes or platforms not covered by an official SDK.
  • Edge or proxy layers where you want tight control over request signing and retries.
  • Centralized event relays that transform or enrich events before forwarding.

Payload Shape

Send a single JSON event object or an array batch of up to 1000 events to POST /ingest/<public_key>/events. The most useful events include at least eventType, level, message, environment, and release.

JSON
{
  "eventType": "error",
  "level": "error",
  "message": "Checkout failed",
  "title": "Error: Checkout failed",
  "environment": "production",
  "release": "web@2026.03.31",
  "platform": "nextjs",
  "fingerprint": "checkout-timeout",
  "serverName": "web-1",
  "timestamp": "2026-03-31T12:00:00.000Z",
  "tags": {
    "service": "web",
    "feature": "checkout"
  },
  "user": {
    "id": "user_123",
    "email": "customer@example.com"
  },
  "context": {
    "cartId": "cart_42",
    "paymentProvider": "stripe"
  }
}

Batching

JSON
[
  {
    "eventType": "error",
    "level": "error",
    "message": "Checkout failed",
    "environment": "production"
  },
  {
    "eventType": "log",
    "level": "warning",
    "message": "Queue lag exceeded threshold",
    "environment": "production"
  }
]

Browser/Public Key Ingest

Bash
BROWSER_PUBLIC_KEY="<browser_public_dsn_key>"


curl -sS -X POST "https://ingest.errova.com/ingest/${BROWSER_PUBLIC_KEY}/events" \
  -H "Content-Type: application/json" \
  -H "Origin: https://app.example.com" \
  --data '{"eventType":"error","level":"error","message":"browser direct ingest"}'

Server-Signed Ingest

Bash
SERVER_PUBLIC_KEY="<server_signed_public_key>"
SERVER_SECRET_KEY="<server_signed_secret_key>"
EVENT_BODY='{"eventType":"error","level":"error","message":"server direct ingest"}'
TIMESTAMP="$(date -u +%s)"
NONCE="$(openssl rand -hex 16)"
BODY_SHA="$(printf '%s' "${EVENT_BODY}" | shasum -a 256 | awk '{print $1}')"
CANONICAL_PAYLOAD="$(printf '%s\n%s\n%s\n%s' "${TIMESTAMP}" "${NONCE}" "${SERVER_PUBLIC_KEY}" "${BODY_SHA}")"
SIGNATURE="$(printf '%s' "${CANONICAL_PAYLOAD}" | openssl dgst -sha256 -hmac "${SERVER_SECRET_KEY}" -binary | xxd -p -c 256)"


curl -sS -X POST "https://ingest.errova.com/ingest/${SERVER_PUBLIC_KEY}/events" \
  -H "Content-Type: application/json" \
  -H "X-Errova-Timestamp: ${TIMESTAMP}" \
  -H "X-Errova-Nonce: ${NONCE}" \
  -H "X-Errova-Signature: ${SIGNATURE}" \
  --data "${EVENT_BODY}"

Status Codes

  • 202: ingest accepted
  • 401: invalid or missing signed headers, replayed nonce, or bad signature
  • 403: origin policy rejected the request
  • 429: rate limit exceeded

Advanced custom clients can also POST signed burst-guard telemetry to /ingest/<public_key>/guard-signals using the same HMAC header contract, but the official SDKs already do this automatically.

For token creation, project creation, and key rotation, continue to Management API and Machine Tokens.