Docs
This is the product-facing reference for the public API. The same identity, tenant, style version, avatar family, style options, size, and WebP output are intended to remain stable within a major release.
Core Endpoints
GET /v1/avatar: returns an avatar asset directlyGET /v1/avatar/link: stores the generated avatar in configured object storage and returns signed-link metadataGET /avatar/<kind>/<identity>/webp: path-style public avatar URLGET /docs/openapi.json: machine-readable API description
Operational Endpoints
GET /healthz is public for load balancers and uptime checks. GET /metrics is loopback-only and returns 404 to non-local peers.
Namespace Support
Use tenant and style_version to keep visual identity spaces separate between products or rollout phases.
GET https://hashavatar.app/v1/[email protected]&tenant=acme&style_version=v2&algorithm=sha512&kind=wizard&background=white&accessory=hat&color=deep-sea-blue&expression=cool&shape=squircle&format=webp&size=256
Anonymous IDs
Send an internal stable id or a one-way application hash instead of raw personal data.
printf '%s' '[email protected]' | sha256sum | cut -d' ' -f1
Rate Limits
The public service applies origin-side rate limits, with stricter limits on /v1/avatar/link, direct avatar requests with persist=true, and /og.png because object storage writes and Open Graph image rendering are more expensive than direct rendering.
Timeouts
Avatar generation and storage operations are bounded by server-side timeouts so expensive requests cannot monopolise the origin indefinitely.
Errors
400: invalid kind, unsupported algorithm or format, size, or missing identity408: generation or storage timeout429: rate limit exceeded500: rendering or storage failure
OpenAPI
For generated clients or tooling, use /docs/openapi.json.