WebSight
Tracking

Server-side API

Send events from your backend with an API key.

There is a small server-side endpoint for recording an event from your backend with an API key. It is a legacy, limited interface. For almost everything, the script tag and websight.track are the right tools.

Get your key

Your account has a single API key on the Settings screen. Use the card there to generate one, copy it, and regenerate it if it leaks. Regenerating invalidates the old key immediately.

Send an event

Make a POST to /api/events with your key as a Bearer token:

curl -X POST https://websight.srexrg.me/api/events \
  -H "Authorization: Bearer <your-api-key>" \
  -H "Content-Type: application/json" \
  -d '{"name": "purchase", "domain": "yourdomain.com", "description": "42 EUR"}'

The body has three fields:

FieldRequiredNotes
nameYesEvent name. Lowercased on the server.
domainYesYour site's domain. A leading protocol and www. are stripped.
descriptionNoFree text, stored with the event.

A missing or unknown key returns 401. Missing name or domain returns an error. On success the endpoint returns a JSON success message.

What it does and does not do

Server events are not sessionized. They are recorded against a synthetic api:<your-account> visitor and never create a session, so they do not affect visitor counts, sessions, or any of the session-based reports. They record that a named event happened, and little more.

This is a legacy interface kept for backward compatibility. It takes a single name, domain, and description, not arbitrary event properties. For real custom events with properties, use websight.track from the browser, which is sessionized and counts toward your reports.

The endpoint and its shape may change. For status and the latest, see the repository at github.com/srexrg/websight.