Set your token
# Copy this from Nab mobile app Settings
export NAB_ACCESS_TOKEN="nab_your_access_token"For Developers
Make Nab calls from your product.
Use a user access token to start outbound Nab calls and read back call status, summaries, transcripts, recordings, and structured results.
Request API access
Base URL
Production API
All examples use the production service. Send JSON requests and pass tokens in the standard bearer authorization header.
https://app.heynab.com
Authorization: Bearer nab_your_token_here
Content-Type: application/jsonQuick curl examples
Copy, paste, run.
Start a call
export NAB_ACCESS_TOKEN="nab_your_access_token"
curl -sS -X POST https://app.heynab.com/call \
-H "Authorization: Bearer $NAB_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"phoneNumber": "+15551234567",
"contactName": "City Clinic",
"task": "Ask for the earliest available appointment next week.",
"idempotencyKey": "appointment-2026-06-24",
"estimatedDurationSec": 600
}'
List recent calls
export NAB_ACCESS_TOKEN="nab_your_access_token"
curl -sS "https://app.heynab.com/calls?limit=10" \
-H "Authorization: Bearer $NAB_ACCESS_TOKEN"
Get one result
export NAB_ACCESS_TOKEN="nab_your_access_token"
export NAB_CALL_ID="call_..."
curl -sS "https://app.heynab.com/call/$NAB_CALL_ID" \
-H "Authorization: Bearer $NAB_ACCESS_TOKEN"Step 1
Get an access token in Settings
Open the Nab mobile app, go to Settings, and copy your developer access token. Use that token from your backend to start calls and fetch call results. If you rotate the token in Settings, replace it anywhere your backend stores it.
# In Nab mobile app:
# Settings -> Developer Access Token -> Copy
export NAB_ACCESS_TOKEN="nab_your_access_token"GET /api/account/access-token
The mobile app uses this account endpoint to show the current token state.
POST /api/account/access-token
Settings can rotate the token. A fresh token replaces the previous one.
DELETE /api/account/access-token
Settings can revoke tokens when access should be removed.
Step 2
Start a call
Use the access token from your backend. Phone numbers must be E.164. The task should include the goal, context, and any hard boundaries for Nab.
curl -X POST https://app.heynab.com/call \
-H "Authorization: Bearer <access-token>" \
-H "Content-Type: application/json" \
-d '{
"phoneNumber": "+15551234567",
"contactName": "City Clinic",
"task": "Call to ask for the earliest available appointment next week.",
"idempotencyKey": "appointment-2026-06-24",
"estimatedDurationSec": 600
}'
# Response
{
"call_id": "call_..."
}Step 3
Get call results
Poll the call detail endpoint until the call reaches a final status. The detail response includes the summary, transcript, recording URL, and structured result when Nab has submitted one.
curl https://app.heynab.com/call/call_... \
-H "Authorization: Bearer <access-token>"
# Response
{
"call_id": "call_...",
"date": "2026-06-24T...",
"status": "completed",
"number": "+15551234567",
"task": "Call to ask for the earliest available appointment next week.",
"summary": "The clinic has an opening on Tuesday at 10:30.",
"transcript": "assistant: ...",
"recording_url": "https://app.heynab.com/channels/voice/recording/...",
"result": {
"appointmentAvailable": true,
"nextStep": "Confirm Tuesday at 10:30"
}
}POST /call
Starts a Nab call and returns a `call_id` for result lookup.
GET /calls?limit=50
Returns recent calls for the token owner with status, number, task, and date.
GET /call/:callId
Returns summary, transcript, recording URL, and structured result.
Security
Keep tokens server-side.
Treat access tokens like API keys. Store them in your backend or secret manager, never in a public client. Revoke and recreate the token if it may have been exposed.
# Revoke an access token
curl -X DELETE https://app.heynab.com/api/account/access-token \
-H "Authorization: Bearer <user-session-token>"