API Reference

Base URL: https://win9-5.com
Auth: Authorization: Bearer <api_key>
All requests and responses are JSON. All endpoints require a valid API key unless noted.
Support: api@browserbox.io

🔑 Authentication

Include your API key in the Authorization header on every request:

curl -H "Authorization: Bearer bbx_your_api_key_here" \
  https://win9-5.com/api/v1/balance

API keys are issued after purchasing a minute pack on the pricing page. Keys are prefixed with bbx_ and contain 48 hex characters.

POST /api/v1/sessions

Create an isolated browser session. Deducts minutes from your balance.

Request Body

Field	Type	Required	Description
`minutes`	number	No	Session duration (default: 30, max: 120)

Example

curl -X POST https://win9-5.com/api/v1/sessions \
  -H "Authorization: Bearer bbx_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"minutes": 30}'

Response 201

{
  "sessionId": "cc57975684b942fc...",
  "loginUrl": "https://bbx-instance.run.app/login?token=...",
  "region": "us-central1",
  "serviceName": "bbx-abc123",
  "minutes_allocated": 30,
  "balance_minutes": 270,
  "expires_at": 1770612214916
}

The loginUrl is what you pass to <browserbox-webview src="..."> or open directly.

GET /api/v1/sessions/:id

Get status of an active session.

Example

curl https://win9-5.com/api/v1/sessions/cc57975684b942fc... \
  -H "Authorization: Bearer bbx_abc123..."

Response 200

{
  "sessionId": "cc57975684b942fc...",
  "loginUrl": "https://bbx-instance.run.app/login?token=...",
  "region": "us-central1",
  "serviceName": "bbx-abc123",
  "created_at": 1770611914916,
  "expires_at": 1770612214916,
  "remaining_ms": 297663,
  "minutes_allocated": 30,
  "minutes_elapsed": 2,
  "deleted": false
}

DELETE /api/v1/sessions/:id

End a session early. Unused minutes are refunded to your balance (rounded up to nearest minute consumed).

Example

curl -X DELETE https://win9-5.com/api/v1/sessions/cc57975684b942fc... \
  -H "Authorization: Bearer bbx_abc123..."

Response 200

{
  "ok": true,
  "minutes_used": 3,
  "minutes_refunded": 27,
  "balance_minutes": 297
}

GET /api/v1/balance

Check your remaining minute balance.

Example

curl https://win9-5.com/api/v1/balance \
  -H "Authorization: Bearer bbx_abc123..."

Response 200

{
  "balance_minutes": 297,
  "owner_email": "you@example.com",
  "created_at": 1770611909,
  "last_used_at": 1770611914
}

GET /api/v1/pricing

Get available products and prices. No authentication required.

Example

curl https://win9-5.com/api/v1/pricing

Response 200

{
  "minute_packs": [
    { "name": "BrowserBox 60 Minutes",   "minutes": 60,   "price_cents": 500 },
    { "name": "BrowserBox 300 Minutes",  "minutes": 300,  "price_cents": 2000 },
    { "name": "BrowserBox 1000 Minutes", "minutes": 1000, "price_cents": 6000 }
  ],
  "subscription": {
    "name": "BrowserBox Persistent (Monthly)",
    "price_cents": 2900,
    "interval": "month"
  },
  "session_defaults": {
    "default_minutes": 30,
    "max_minutes": 120
  }
}

POST /api/v1/checkout

Create a Stripe Checkout session to purchase minutes. No authentication required.

Request Body

Field	Type	Required	Description
`product`	string	Yes	`minutes_60`, `minutes_300`, `minutes_1000`, or `subscription`
`email`	string	No	Pre-fill customer email on checkout

Example

curl -X POST https://win9-5.com/api/v1/checkout \
  -H "Content-Type: application/json" \
  -d '{"product": "minutes_300", "email": "you@example.com"}'

Response 200

{
  "checkout_url": "https://checkout.stripe.com/c/pay/cs_live_..."
}

Redirect your user to checkout_url to complete payment.

Error Responses

All errors return JSON with an error field:

{ "error": "Insufficient minutes", "balance_minutes": 0, "requested_minutes": 30 }

Status Codes

Code	Meaning
400	Bad request — missing or invalid parameters
401	Missing or malformed Authorization header
403	Invalid API key
404	Session not found or not owned by your key
402	Insufficient minute balance
503	Stripe not configured (billing unavailable)

Embedding with <browserbox-webview>

After creating a session, embed the browser in your web app using the custom element:

<script src="https://win9-5.com/browserbox-webview.js" type="module"></script>

<browserbox-webview
  src="https://bbx-instance.run.app/login?token=..."
  style="width:100%; height:600px;"
></browserbox-webview>

Key Attributes

Attribute	Description
`src`	The `loginUrl` from the create session response
`request-timeout`	API call timeout in ms (default: 15000)

Key Events

Event	Detail
`api-ready`	Webview connected and ready for API calls
`did-navigate`	`{ url }` — page navigation occurred
`title-change`	`{ title }` — page title changed
`favicon-change`	`{ favicon }` — favicon URL changed
`did-start-loading`	Page started loading
`did-stop-loading`	Page finished loading

Key Methods

Method	Description
`navigateTo(url)`	Navigate to a URL
`goBack()` / `goForward()`	Browser history navigation
`reload()`	Reload current page
`getURL()`	Get current page URL
`getTitle()`	Get current page title
`createTab(url)`	Open a new tab
`closeTab(tabId)`	Close a tab