# Vartio

> EU-first website monitoring SaaS. HTTP, SSL, DNS, Ping, TCP/UDP and multi-step
> checks; alerts via email, Slack, Discord, PagerDuty, Teams, generic webhook;
> public status pages and a hosted "Is X Down?" catalogue of 1000+ services.
> Built for AI agents and humans alike: stable REST API, scoped API keys,
> machine-readable spec.

## API

- [Discovery document](https://api.vartio.dev/.well-known/vartio): single JSON
  document listing auth methods, OpenAPI/llms.txt URLs, rate limits, and the
  problem-details type base. Best first hit for an AI agent.
- [OpenAPI 3.0 spec](https://api.vartio.dev/api/openapi.yaml): full REST surface
  including monitors, alert channels, incidents, status pages, API keys, and
  the public "Is X Down?" catalogue
- [Swagger UI](https://api.vartio.dev/api/docs): interactive try-it explorer
- [llms-full.txt](https://api.vartio.dev/llms-full.txt): the same surface
  expanded with auth flow, common patterns, and copy-pasteable cURL examples

## Quickstart for agents

- [AI agent quickstart guide](https://vartio.dev/docs/ai-agents): create a
  monitor in 30 seconds with a single API call; covers API key creation,
  authentication, and the monitor schema

## Public catalogue (no auth required)

- [Is X Down? service list](https://api.vartio.dev/public/services): JSON array
  of 1000+ public internet services with current status and 30-day uptime
- [Single service](https://api.vartio.dev/public/services/{slug}): live status
  for one service, e.g. `/public/services/github` or `/public/services/openai`
- [On-demand check](https://api.vartio.dev/public/check?url={url}): one-shot
  HTTP probe of any URL with SSRF protection (rate-limited to 10/min/IP)

## Authentication

Vartio accepts two Bearer tokens on `Authorization: Bearer ...`. Public
endpoints (`/health`, `/public/*`, `/badge/*`, `/webhooks/stripe`) require
no auth.

- [API keys](https://api.vartio.dev/api/v1/api-keys) (recommended for agents):
  `vk_...` — created at https://vartio.dev/settings, scoped to one
  organization, no expiry, granular permissions like `monitors:read`
- [Login](https://api.vartio.dev/api/v1/auth/login): JWT (`eyJ...`) for
  browser sessions, expires after 24h

## Errors

All error responses are RFC 9457 problem-details documents
(`Content-Type: application/problem+json`):

```json
{
  "type": "https://vartio.dev/problems/vartio.validation.failed",
  "title": "Validation Failed",
  "status": 422,
  "detail": "validation failed",
  "code": "vartio.validation.failed",
  "error": "validation failed",
  "fields": {"email": "required"}
}
```

Branch on `code` for programmatic handling, not on the human-readable
`detail` or `title`. Stable codes are listed under "Error code catalog" in
[llms-full.txt](https://api.vartio.dev/llms-full.txt).

## Optional

- [Status page example](https://acme.status.vartio.dev): hosted public status
  page format that organizations can configure
- [GitHub repo](https://github.com/kalle-works/vartio.dev): source code,
  issues, contributing guide