Norba · v1
API reference
Everything Norba exposes over HTTPS. JSON in, JSON out. The reference below mirrors the running gateway one-for-one — no XML to handcraft, no SDK required, but a typed TypeScript client is published on npm.
Base URL
api.norba.io
Version
v1
Public endpoints
22
Authentication
Every /v1/* endpoint requires an X-API-Key header — including the health probe, the reference catalogue, the Aviation Data API and the authenticated Shopping / Orders surfaces. Requests without the header (or with an unknown key) are rejected with 401 Unauthorized.
BASH·auth-header.sh
# 1. Export the key issued from the dashboard
export NORBA_KEY="nbr_live_a8b…"
# 2. Send it as X-API-Key on every request — public or authenticated.
curl --request GET \
--url https://api.norba.io/v1/aviation/airports \
--header "X-API-Key: $NORBA_KEY"
curl --request POST \
--url https://api.norba.io/v1/shopping/offers \
--header "X-API-Key: $NORBA_KEY" \
--header "Content-Type: application/json" \
--data '{ "origin": "LHR", "destination": "JFK", "depart_date": "2026-06-15" }'Errors & rate limits
Every error has a consistent JSON shape: a machine-readable error code, a human message and a request_id you can quote when contacting support.
| Code | Meaning |
|---|---|
| unauthenticated | Missing or invalid API key. |
| forbidden | API key valid but agency lacks permission. |
| not_found | Order, offer or subscription does not exist. |
| validation_failed | Request body fails schema validation. |
| offer_expired | Offer TTL passed — issue a new search. |
| inventory_lost | Seat sold to another booking before pricing. |
| payment_declined | Card authorization rejected. |
| airline_unavailable | Connector down or circuit breaker open. |
| rate_limited | Too many requests — back off and respect Retry-After. |
| internal | Server bug; includes a trace ID for support. |
Rate limits are sliding-window per agency. On 429 the response carries a Retry-After header in seconds.
All endpoints
NDC reference catalog
Shopping
Shopping API — coming soon. These endpoints are under active development. Shape and availability may change before GA.
Orders
Orders API — coming soon. These endpoints are under active development. Shape and availability may change before GA.
Aviation Data
- GET
/v1/aviation/airportsList airports - GET
/v1/aviation/airports/{id}Get airport - GET
/v1/aviation/airports/{id}/fullAirport — full unified profile - GET
/v1/aviation/airports/{id}/runwaysAirport runways - GET
/v1/aviation/airports/{id}/departuresAirport live departures - GET
/v1/aviation/airports/{id}/arrivalsAirport live arrivals - GET
/v1/aviation/airlinesList airlines - GET
/v1/aviation/airlines/{id}/fleet-summaryAirline fleet summary - GET
/v1/aviation/aircraft-typesList aircraft types - GET
/v1/tracking/statesLive aircraft states - GET
/v1/tracking/aircraft/{icao24}Aircraft state by icao24 - GET
/v1/reference/sourcesUpstream sources catalog