# MyPostShare API Documentation for LLMs This document is written for AI coding assistants, agents, and developers implementing the MyPostShare API directly in an application. Do not treat this file as a UI specification. It is an implementation reference for backend integration. --- # Product Summary MyPostShare is a social media API for SaaS products and developer platforms. It provides: - Hosted OAuth connect sessions for end-user social accounts - Tenant-scoped end users - Social connection inventory - Immediate social post publishing - Scheduled social post publishing - Per-platform delivery results - API-key authenticated public endpoints - Dashboard-managed apps, API keys, redirect URLs, credentials, usage, and logs Base API URL: ```text https://mypostshare.com/api ``` Human documentation: ```text https://mypostshare.com/docs ``` LLM full text documentation: ```text https://mypostshare.com/llms-full.txt ``` --- # Integration Model MyPostShare is designed for products that have their own users and want those users to connect social accounts. Important concepts: - Organization: Customer tenant that owns apps, users, billing, and logs. - App: A customer application inside an organization. - API key: Bearer token used by the customer backend to call public API endpoints. - End user: A user from the customer product, identified by `externalUserId`. - Connect session: Hosted OAuth session used to connect one social platform for an end user. - Social connection: A connected social account for an end user and platform. - Post request: A request to publish immediately or schedule content. - Delivery result: Platform-level publishing result for a post request. Recommended implementation flow: 1. Create an app in the MyPostShare dashboard. 2. Create an API key for the app. 3. Configure redirect URLs in the dashboard. 4. Configure customer-owned provider credentials or use managed credentials where available. 5. From the customer backend, create or upsert an end user with `POST /v1/end-users`. 6. Create a connect session with `POST /v1/connect-sessions`. 7. Send the user to the returned `connectUrl`. 8. After OAuth completes, list connections with `GET /v1/end-users/:externalUserId/connections`. 9. Publish with `POST /v1/posts` or schedule with `POST /v1/posts/scheduled`. 10. Poll post status with `GET /v1/posts/:id` or list requests with `GET /v1/posts`. --- # Authentication All public API requests require an API key. Send it as a bearer token: ```http Authorization: Bearer YOUR_API_KEY ``` Recommended backend environment variable: ```bash MYPOSTSHARE_API_KEY="YOUR_API_KEY" MYPOSTSHARE_API_URL="https://mypostshare.com/api" ``` Never expose the API key in a browser, mobile client, or public repository. Call MyPostShare from your backend. --- # Supported Platforms Use these platform keys in API requests: ```text linkedin facebook instagram twitter youtube threads pinterest reddit ``` Notes: - `twitter` is the API key for X / Twitter. - A platform must be connected for the target end user before publishing to it. - Managed credentials may not be active for every platform in every environment. --- # Status Values Connect session statuses are lower-case in API responses: ```text pending redirected connected failed expired ``` Social connection statuses: ```text connected disconnected error ``` Post request statuses: ```text pending processing published failed partial_success scheduled cancelled ``` Post delivery statuses: ```text pending processing published failed cancelled ``` --- # Endpoint Reference All endpoint paths below are relative to: ```text https://mypostshare.com/api ``` ## POST /v1/end-users Create or upsert a tenant-scoped end user. Use this before creating connect sessions or publishing posts. Authentication: ```http Authorization: Bearer YOUR_API_KEY ``` Request body: ```json { "externalUserId": "user_123", "displayName": "Alex Morgan", "email": "alex@example.com", "metadata": { "plan": "pro", "source": "web-app" } } ``` Fields: - `externalUserId` string, required. Unique user ID from the customer product. - `displayName` string, optional. Human-readable label. - `email` string, optional. Email for operator visibility. - `metadata` object, optional. Free-form customer metadata. cURL: ```bash curl -X POST "https://mypostshare.com/api/v1/end-users" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "displayName": "Alex Morgan", "email": "alex@example.com", "metadata": { "plan": "pro", "source": "web-app" } }' ``` Example response: ```json { "id": "4ea64e37-6c19-43a0-8ef5-1a7e7e2b0b89", "externalUserId": "user_123", "displayName": "Alex Morgan", "email": "alex@example.com", "metadata": { "plan": "pro", "source": "web-app" }, "createdAt": "2026-03-21T08:00:00.000Z", "updatedAt": "2026-03-21T08:00:00.000Z" } ``` ## GET /v1/end-users/:externalUserId Get one end user by customer-defined external user ID. Path parameters: - `externalUserId` string, required. cURL: ```bash curl -X GET "https://mypostshare.com/api/v1/end-users/user_123" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Example response: ```json { "id": "4ea64e37-6c19-43a0-8ef5-1a7e7e2b0b89", "externalUserId": "user_123", "displayName": "Alex Morgan", "email": "alex@example.com", "connectionSummary": { "total": 2, "connected": 1, "failed": 0 } } ``` ## GET /v1/end-users/:externalUserId/connections List connected social accounts for an end user. Use this to show connection status in a customer UI or to confirm readiness before publishing. Path parameters: - `externalUserId` string, required. cURL: ```bash curl -X GET "https://mypostshare.com/api/v1/end-users/user_123/connections" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Example response: ```json [ { "id": "7c7f00f5-3412-4546-8cb7-3f095b16fe49", "platform": "linkedin", "status": "connected", "tokenStatus": "active_refreshable", "canAutoRefresh": true, "needsReconnect": false, "remoteAccountId": "H8a9UFibz4", "remoteUsername": "ALEX_MORGAN", "accountType": "person", "accessTokenExpiresAt": "2026-03-22T08:00:00.000Z", "refreshTokenExpiresAt": null, "lastErrorCode": null, "lastErrorMessage": null, "lastSyncedAt": "2026-03-21T08:00:00.000Z", "createdAt": "2026-03-21T08:00:00.000Z", "updatedAt": "2026-03-21T08:00:00.000Z" } ] ``` ## DELETE /v1/end-users/:externalUserId/connections/:platform Disconnect one platform for an end user. Path parameters: - `externalUserId` string, required. - `platform` string, required. One of `linkedin`, `facebook`, `instagram`, `twitter`, `youtube`, `threads`, `pinterest`, `reddit`. cURL: ```bash curl -X DELETE "https://mypostshare.com/api/v1/end-users/user_123/connections/linkedin" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Success response: ```text 204 No Content ``` ## POST /v1/connect-sessions Create a hosted OAuth connect session. The response includes `connectUrl`. Redirect or open this URL for the end user. The hosted flow handles provider authorization and redirects back to the customer `redirectUri`. Request body: ```json { "externalUserId": "user_123", "platform": "linkedin", "redirectUri": "https://client.example.com/oauth/callback" } ``` Fields: - `externalUserId` string, required. End user identifier already created for the current app. - `platform` string, required. Platform key. - `redirectUri` string, required. Must be allowlisted in the dashboard. - `displayName` string, optional. Display label for hosted connect context. - `email` string, optional. End-user email for visibility. - `metadata` object, optional. Free-form metadata. cURL: ```bash curl -X POST "https://mypostshare.com/api/v1/connect-sessions" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "platform": "linkedin", "redirectUri": "https://client.example.com/oauth/callback" }' ``` Example response: ```json { "id": "9469c610-999a-4cb0-9807-a7037947d6b5", "status": "pending", "platform": "linkedin", "externalUserId": "user_123", "expiresAt": "2026-03-21T08:15:00.000Z", "connectUrl": "https://mypostshare.com/connect/9469c610-999a-4cb0-9807-a7037947d6b5", "createdAt": "2026-03-21T08:00:00.000Z", "updatedAt": "2026-03-21T08:00:00.000Z" } ``` ## GET /v1/connect-sessions/:id Get connect session status. Use this to poll for completion after sending a user through the hosted OAuth flow. Path parameters: - `id` string, required. Connect session ID. cURL: ```bash curl -X GET "https://mypostshare.com/api/v1/connect-sessions/9469c610-999a-4cb0-9807-a7037947d6b5" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Example response: ```json { "id": "9469c610-999a-4cb0-9807-a7037947d6b5", "status": "connected", "platform": "linkedin", "externalUserId": "user_123", "errorCode": null, "errorMessage": null, "createdAt": "2026-03-21T06:58:10.000Z", "updatedAt": "2026-03-21T06:58:48.753Z", "completedAt": "2026-03-21T06:58:48.753Z", "expiresAt": "2026-03-21T07:13:10.000Z" } ``` ## POST /v1/posts Publish immediately. Creates a direct publish request and attempts delivery right away. Request body: ```json { "externalUserId": "user_123", "title": "Launch update", "content": "Testing MyPostShare direct posting from docs.", "platforms": ["linkedin"], "mediaUrl": "https://example.com/image.png", "thumbnailUrl": "https://example.com/thumb.png", "metadata": { "source": "api-docs" } } ``` Fields: - `externalUserId` string, required. Connected end user to publish on behalf of. - `content` string, required. Main post content. - `platforms` string array, required. Platform keys to deliver to. - `title` string, optional. Optional title or headline used by supported providers. - `mediaUrl` string, optional. Optional media URL. - `thumbnailUrl` string, optional. Optional thumbnail URL. - `metadata` object, optional. Customer metadata attached to the request. cURL: ```bash curl -X POST "https://mypostshare.com/api/v1/posts" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "title": "Launch update", "content": "Testing MyPostShare direct posting from docs.", "platforms": ["linkedin"], "metadata": { "source": "api-docs" } }' ``` Example response: ```json { "id": "e3143cd2-fb9e-42cf-aa45-f7e711d4823d", "mode": "immediate", "status": "published", "externalUserId": "user_123", "title": "Launch update", "content": "Testing MyPostShare direct posting from docs.", "mediaUrl": null, "thumbnailUrl": null, "creditCost": 5, "scheduleAt": null, "processedAt": "2026-03-21T08:01:00.000Z", "createdAt": "2026-03-21T08:00:59.000Z", "updatedAt": "2026-03-21T08:01:00.000Z", "platformResults": [ { "id": "a06c0ae0-a642-42b5-bcb4-b5cd6ae721ad", "platform": "linkedin", "status": "published", "externalId": "urn:li:share:7441018768555757568", "errorCode": null, "errorMessage": null, "attemptCount": 1, "createdAt": "2026-03-21T08:00:59.000Z", "updatedAt": "2026-03-21T08:01:00.000Z" } ] } ``` ## POST /v1/posts/scheduled Schedule a post. Creates a scheduled publish request for a future time. A background worker publishes later. Request body: ```json { "externalUserId": "user_123", "content": "Scheduled via MyPostShare.", "platforms": ["linkedin", "twitter"], "scheduleAt": "2026-03-22T09:30:00.000Z", "metadata": { "campaign": "launch-week" } } ``` Fields: - `externalUserId` string, required. - `content` string, required. - `platforms` string array, required. - `scheduleAt` string, required. Future ISO 8601 timestamp. - `title` string, optional. - `mediaUrl` string, optional. - `thumbnailUrl` string, optional. - `metadata` object, optional. cURL: ```bash curl -X POST "https://mypostshare.com/api/v1/posts/scheduled" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "content": "Scheduled via MyPostShare.", "platforms": ["linkedin", "twitter"], "scheduleAt": "2026-03-22T09:30:00.000Z", "metadata": { "campaign": "launch-week" } }' ``` Example response: ```json { "id": "40bb5e88-4868-4336-af0c-f18dd7a5eb45", "mode": "scheduled", "status": "scheduled", "externalUserId": "user_123", "title": null, "content": "Scheduled via MyPostShare.", "mediaUrl": null, "thumbnailUrl": null, "creditCost": 8, "scheduleAt": "2026-03-22T09:30:00.000Z", "processedAt": null, "createdAt": "2026-03-21T08:00:00.000Z", "updatedAt": "2026-03-21T08:00:00.000Z", "platformResults": [ { "platform": "linkedin", "status": "pending", "externalId": null, "errorCode": null, "errorMessage": null, "attemptCount": 0 }, { "platform": "twitter", "status": "pending", "externalId": null, "errorCode": null, "errorMessage": null, "attemptCount": 0 } ] } ``` ## GET /v1/posts/:id Get one post request. Use this to poll a specific immediate or scheduled post. Path parameters: - `id` string, required. Post request ID. cURL: ```bash curl -X GET "https://mypostshare.com/api/v1/posts/e3143cd2-fb9e-42cf-aa45-f7e711d4823d" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Example response: ```json { "id": "e3143cd2-fb9e-42cf-aa45-f7e711d4823d", "mode": "immediate", "status": "published", "externalUserId": "user_123", "platformResults": [ { "platform": "linkedin", "status": "published", "externalId": "urn:li:share:7441018768555757568" } ] } ``` ## GET /v1/posts List post requests. Use for dashboard views, recent activity, support tools, and status feeds. Query parameters: - `externalUserId` string, optional. - `status` string, optional. Example: `scheduled`, `published`, `failed`. - `platform` string, optional. - `dateFrom` string, optional ISO 8601 date. - `dateTo` string, optional ISO 8601 date. cURL: ```bash curl -X GET "https://mypostshare.com/api/v1/posts?externalUserId=user_123&status=published" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Example response: ```json [ { "id": "e3143cd2-fb9e-42cf-aa45-f7e711d4823d", "mode": "immediate", "status": "published", "externalUserId": "user_123" }, { "id": "40bb5e88-4868-4336-af0c-f18dd7a5eb45", "mode": "scheduled", "status": "scheduled", "externalUserId": "user_123" } ] ``` --- # Direct Implementation Guide for AI Assistants When implementing MyPostShare in a customer product: 1. Use a server-side API wrapper. 2. Keep `MYPOSTSHARE_API_KEY` in backend environment variables. 3. Never call MyPostShare directly from a browser with the API key. 4. Use `externalUserId` from the customer application as the stable user mapping. 5. Always create or upsert the end user before connect sessions. 6. Always allowlist redirect URLs in the MyPostShare dashboard before using them. 7. After `POST /v1/connect-sessions`, return `connectUrl` to the customer frontend. 8. After OAuth redirect completion, check `GET /v1/end-users/:externalUserId/connections`. 9. Before publishing, verify the requested platforms are connected. 10. For scheduled posts, validate `scheduleAt` is a future ISO 8601 timestamp. 11. Store MyPostShare post request IDs in the customer database if later polling is needed. 12. Poll `GET /v1/posts/:id` for final delivery status. Recommended TypeScript server helper: ```ts type MyPostShareConfig = { apiKey: string; baseUrl?: string; }; export class MyPostShareClient { private apiKey: string; private baseUrl: string; constructor(config: MyPostShareConfig) { this.apiKey = config.apiKey; this.baseUrl = (config.baseUrl || 'https://mypostshare.com/api').replace(/\/$/, ''); } private async request(path: string, init: RequestInit = {}): Promise { const response = await fetch(`${this.baseUrl}${path}`, { ...init, headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${this.apiKey}`, ...(init.headers || {}), }, }); if (!response.ok) { const text = await response.text(); throw new Error(`MyPostShare API error ${response.status}: ${text}`); } if (response.status === 204) { return null as T; } return response.json() as Promise; } upsertEndUser(input: { externalUserId: string; displayName?: string; email?: string; metadata?: Record; }) { return this.request('/v1/end-users', { method: 'POST', body: JSON.stringify(input), }); } createConnectSession(input: { externalUserId: string; platform: string; redirectUri: string; }) { return this.request('/v1/connect-sessions', { method: 'POST', body: JSON.stringify(input), }); } listConnections(externalUserId: string) { return this.request(`/v1/end-users/${encodeURIComponent(externalUserId)}/connections`); } publishNow(input: { externalUserId: string; content: string; platforms: string[]; title?: string; mediaUrl?: string; thumbnailUrl?: string; metadata?: Record; }) { return this.request('/v1/posts', { method: 'POST', body: JSON.stringify(input), }); } schedulePost(input: { externalUserId: string; content: string; platforms: string[]; scheduleAt: string; title?: string; mediaUrl?: string; thumbnailUrl?: string; metadata?: Record; }) { return this.request('/v1/posts/scheduled', { method: 'POST', body: JSON.stringify(input), }); } getPost(id: string) { return this.request(`/v1/posts/${encodeURIComponent(id)}`); } } ``` Example Express routes: ```ts import express from 'express'; import { MyPostShareClient } from './mypostshare-client'; const router = express.Router(); const mypostshare = new MyPostShareClient({ apiKey: process.env.MYPOSTSHARE_API_KEY!, }); router.post('/social/connect', async (req, res, next) => { try { const { userId, platform } = req.body; await mypostshare.upsertEndUser({ externalUserId: userId }); const session = await mypostshare.createConnectSession({ externalUserId: userId, platform, redirectUri: 'https://your-app.example.com/social/callback', }); res.json({ connectUrl: (session as any).connectUrl }); } catch (error) { next(error); } }); router.post('/social/post', async (req, res, next) => { try { const post = await mypostshare.publishNow({ externalUserId: req.body.userId, content: req.body.content, platforms: req.body.platforms, }); res.json(post); } catch (error) { next(error); } }); ``` --- # Error Handling Guidance Typical API error response shape may include: ```json { "message": "Connect linkedin before posting to it.", "error": "Bad Request", "statusCode": 400 } ``` Recommended handling: - Treat 400 responses as validation or configuration errors. - Treat 401/403 responses as API key or permission errors. - Treat 404 responses as missing end user, connect session, connection, or post request. - Treat 5xx responses as retryable with exponential backoff. - Log the MyPostShare request ID if one is provided by infrastructure. Common integration mistakes: - Calling from frontend code with the API key. - Creating a connect session before creating the end user. - Using a redirect URI that is not allowlisted. - Publishing to a platform that is not connected for the end user. - Sending a scheduled post without a valid future `scheduleAt`. - Using `x` instead of `twitter` as the platform key. --- # OAuth Redirect Behavior The customer provides `redirectUri` when creating a connect session. After provider authorization, the hosted flow redirects back to that URI with safe query parameters such as: ```text status=connected platform=linkedin connectSessionId=... externalUserId=user_123 appId=... remoteAccountId=... remoteUsername=... accountType=... ``` Failure redirects may include: ```text status=failed errorCode=provider_callback_failed ``` Do not expect provider access tokens in the redirect. Tokens are never sent to the customer frontend. --- # Pricing and Credits MyPostShare uses credit-based pricing for posting usage. Important billing concepts: - Connected end users are not the billing meter by themselves. - Connected social accounts are not the billing meter by themselves. - Immediate post requests consume credits. - Scheduled post requests consume credits. - Managed credential usage can add extra credit cost where applicable. - Credit balance and billing are managed in the dashboard. Current public docs present: - Immediate post API call: 5 credits - Scheduled post API call: 8 credits - Connected end users: unlimited - Charge trigger: only on posting Always check the live pricing page for current plan and credit details: ```text https://mypostshare.com/pricing ``` --- # Trust and Security Practices Trust page: ```text https://mypostshare.com/trust ``` Security practices: - API requests use bearer API keys. - API keys should be stored only in backend environments. - Hosted OAuth redirects use allowlisted redirect URLs. - Provider OAuth state is bound to connect sessions. - OAuth redirects back with safe fields only, never provider tokens. - Organization, app, end user, connection, post request, and audit records are tenant-scoped. - Public trust documentation does not claim SOC 2 or other certifications unless actually completed. --- # Roadmap Notes for AI Agents Do not invent endpoints that are not listed above. Currently documented public product API does not include: - Product webhooks - Public analytics metrics endpoint - Public MCP server - Inbox API - Ads API - Broadcasts - Contact CRM If a user asks to implement one of these, describe it as future work unless the repository has added new endpoints. --- # Minimal End-to-End Scenario Use this scenario when testing an integration: 1. Upsert end user: ```bash curl -X POST "https://mypostshare.com/api/v1/end-users" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "displayName": "Test User" }' ``` 2. Create connect session: ```bash curl -X POST "https://mypostshare.com/api/v1/connect-sessions" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "platform": "linkedin", "redirectUri": "https://your-app.example.com/oauth/callback" }' ``` 3. Open `connectUrl` from the response for the end user. 4. List connections: ```bash curl -X GET "https://mypostshare.com/api/v1/end-users/user_123/connections" \ -H "Authorization: Bearer YOUR_API_KEY" ``` 5. Publish immediately: ```bash curl -X POST "https://mypostshare.com/api/v1/posts" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "externalUserId": "user_123", "content": "Hello from MyPostShare.", "platforms": ["linkedin"] }' ``` 6. Store the returned `id` and poll: ```bash curl -X GET "https://mypostshare.com/api/v1/posts/POST_REQUEST_ID" \ -H "Authorization: Bearer YOUR_API_KEY" ``` --- # Machine-Readable Endpoint Summary ```json { "name": "MyPostShare", "baseUrl": "https://mypostshare.com/api", "auth": { "type": "bearer", "header": "Authorization", "format": "Bearer YOUR_API_KEY" }, "platformKeys": [ "linkedin", "facebook", "instagram", "twitter", "youtube", "threads", "pinterest", "reddit" ], "endpoints": [ { "method": "POST", "path": "/v1/end-users", "purpose": "Create or upsert end user" }, { "method": "GET", "path": "/v1/end-users/:externalUserId", "purpose": "Get end user" }, { "method": "GET", "path": "/v1/end-users/:externalUserId/connections", "purpose": "List social connections" }, { "method": "DELETE", "path": "/v1/end-users/:externalUserId/connections/:platform", "purpose": "Disconnect platform" }, { "method": "POST", "path": "/v1/connect-sessions", "purpose": "Create hosted OAuth connect session" }, { "method": "GET", "path": "/v1/connect-sessions/:id", "purpose": "Get connect session status" }, { "method": "POST", "path": "/v1/posts", "purpose": "Publish immediately" }, { "method": "POST", "path": "/v1/posts/scheduled", "purpose": "Schedule post" }, { "method": "GET", "path": "/v1/posts/:id", "purpose": "Get post request" }, { "method": "GET", "path": "/v1/posts", "purpose": "List post requests" } ] } ```