Examples
POST Send email via Resend
Wrap api.resend.com/emails so your agent can send emails without seeing your Resend API key or from address.
1. Create the action
curl -X POST https://narrowapi.com/api/v1/actions \
-H "Authorization: Bearer sk_..." \
-H "Content-Type: application/json" \
-d '{
"name": "Send welcome email",
"method": "POST",
"target_url": "https://api.resend.com/emails",
"auth_type": "bearer",
"auth_value": "re_your_resend_api_key",
"input_schema": [
{"name": "to", "type": "string", "required": true},
{"name": "subject", "type": "string", "required": true},
{"name": "body", "type": "string", "required": true}
],
"body_template": "{\"from\":\"hello@yourdomain.com\",\"to\":\"{{to}}\",\"subject\":\"{{subject}}\",\"html\":\"{{body}}\"}"
}'What's locked: The Resend API key and the from address are baked into the body template. The agent only controls to, subject, and body.
2. Create a token
curl -X POST https://narrowapi.com/api/v1/tokens \
-H "Authorization: Bearer sk_..." \
-H "Content-Type: application/json" \
-d '{"name": "email-agent", "action_ids": ["act_7kX2m9"]}'3. Agent executes
curl -X POST https://narrowapi.com/x/act_7kX2m9 \
-H "Authorization: Bearer sxt_..." \
-H "Content-Type: application/json" \
-d '{
"to": "customer@example.com",
"subject": "Welcome!",
"body": "<h1>Thanks for signing up</h1>"
}'POST Post a Slack message
Wrap the Slack chat.postMessage API. Lock the bot token and channel so your agent can only post to one specific channel.
1. Create the action
curl -X POST https://narrowapi.com/api/v1/actions \
-H "Authorization: Bearer sk_..." \
-H "Content-Type: application/json" \
-d '{
"name": "Post to #alerts",
"method": "POST",
"target_url": "https://slack.com/api/chat.postMessage",
"auth_type": "bearer",
"auth_value": "xoxb-your-slack-bot-token",
"input_schema": [
{"name": "text", "type": "string", "required": true}
],
"body_template": "{\"channel\":\"C04XXXXXXXX\",\"text\":\"{{text}}\"}"
}'What's locked: The Slack bot token and the channel ID are fixed server-side. The agent can only post text to this one channel.
2. Create a token
curl -X POST https://narrowapi.com/api/v1/tokens \
-H "Authorization: Bearer sk_..." \
-H "Content-Type: application/json" \
-d '{"name": "slack-bot", "action_ids": ["act_9pQ3r7"]}'3. Agent executes
curl -X POST https://narrowapi.com/x/act_9pQ3r7 \
-H "Authorization: Bearer sxt_..." \
-H "Content-Type: application/json" \
-d '{"text": "Deploy v2.3.1 completed successfully."}'POST Create a Stripe payment intent
Wrap the Stripe payment_intents API. Lock the secret key and currency so your agent can only create payment intents in a fixed currency.
1. Create the action
curl -X POST https://narrowapi.com/api/v1/actions \
-H "Authorization: Bearer sk_..." \
-H "Content-Type: application/json" \
-d '{
"name": "Create payment intent",
"method": "POST",
"target_url": "https://api.stripe.com/v1/payment_intents",
"auth_type": "bearer",
"auth_value": "sk_live_your_stripe_secret_key",
"input_schema": [
{"name": "amount", "type": "integer", "required": true,
"description": "Amount in cents"},
{"name": "description", "type": "string", "required": false}
],
"body_template": "{\"amount\":{{amount}},\"currency\":\"usd\",\"description\":\"{{description}}\"}"
}'What's locked: The Stripe secret key and currency (usd) are fixed. The agent controls amount and an optional description. It cannot access customers, subscriptions, or any other Stripe resource.
2. Create a token
curl -X POST https://narrowapi.com/api/v1/tokens \
-H "Authorization: Bearer sk_..." \
-H "Content-Type: application/json" \
-d '{"name": "payment-agent", "action_ids": ["act_5mL8n2"]}'3. Agent executes
curl -X POST https://narrowapi.com/x/act_5mL8n2 \
-H "Authorization: Bearer sxt_..." \
-H "Content-Type: application/json" \
-d '{"amount": 2500, "description": "Order #1042"}'