Sandbox

Test your integration with Park Graph's sandbox environment. All API calls use test data — no real payments are processed.

Sandbox accepts the same models documented per platform — e.g. claude-sonnet-4-5-20250929, gpt-5, gemini-2.5-pro. Last updated April 2026.

Getting Started

Create an API key in your dashboard
Use the sandbox base URL for all requests
Test with sample lots and sessions

Sandbox Base URLtext

https://parkgraph.com/api/v1/

Test API Key

Sandbox API keys use the prefix pk_test_ instead of pk_live_. Create one in your dashboard.

Test requestbash

curl -H "Authorization: Bearer pk_test_..." \
  "https://parkgraph.com/api/v1/lots/search?location=Vail,CO"

Sample Data

The sandbox includes pre-configured test lots:

Test Lot - DowntownDenver, CO$5/hr100 spaces

Test Lot - AirportDIA, CO$8/hr200 spaces

Test Lot - MountainVail, CO$12/hr45 spaces

Test Cards

When creating sessions in sandbox mode, use Stripe test card numbers:

4242 4242 4242 4242Successful payment

4000 0000 0000 0002Card declined

4000 0000 0000 32203D Secure required

Try it from each AI platform

Working examples for the three primary integration paths. Each uses sandbox keys (pk_test_) and the current recommended model from agents/models.ts.

// claude_desktop_config.json — connect Claude Desktop to the Park Graph MCP sandbox
{
  "mcpServers": {
    "parkgraph-sandbox": {
      "command": "npx",
      "args": ["-y", "parkgraph-mcp@1.2.0"],
      "env": {
        "PARKGRAPH_API_KEY": "pk_test_...",
        "PARKGRAPH_API_URL": "https://parkgraph.com/api/v1"
      }
    }
  }
}

// Then in Claude (model: claude-sonnet-4-5-20250929) ask:
//   "Find parking near Vail, CO and start a session for plate CO-7891"
// Claude will call searchParking -> startSession via MCP.

Sandbox vs Production

Sandbox uses the same API endpoints and response formats as production.

The only differences: pk_test_ keys, test Stripe data, and pre-seeded lots.

When ready, swap your API key prefix from pk_test_ to pk_live_.

Security model

The Park Graph sandbox environment sits behind the same security perimeter as the dashboard and the public website. The notes below summarise the controls that apply to every sandbox environment request; a deeper write-up lives in the developer changelog.

Authentication
Every authenticated request carries an API key in the Authorization header (`Bearer pk_live_…`). Keys are issued per project from /dashboard/api-keys. Rotation is an HTTP DELETE + re-create in the dashboard; old keys are revoked immediately. Live and sandbox keys use the `pk_live_` and `pk_test_` prefixes so they cannot be confused in code review.
Transport security
TLS 1.3 with HSTS preloaded on every host (parkgraph.com, *.parkgraph.com). Plaintext requests are rejected at the edge with HTTP 426. Certificates are issued through the public Let's Encrypt CA and pinned in the CT logs.
Payment handling
Card data is tokenised inside Stripe Elements on the driver's device — Park Graph never observes raw PANs and is therefore SAQ-A scope. Sessions reference Stripe PaymentIntents by id only; webhooks are signed by Stripe using HMAC-SHA256 and verified server-side before any state change.
Data retention
Driver email addresses and license plates are retained for the lifetime of the operator's relationship with Park Graph (or 30 days after a verified delete request, whichever comes first). Search-only requests with no booking outcome are anonymised after 24 hours. Aggregated occupancy data has no personal identifiers and is retained indefinitely.
Audit trail
Every write — session create, end, extend, refund, rate change, agent registration — appends an immutable row to the audit_log table with actor type, actor id, and the diff. The log is exposed to operators through the dashboard activity feed and via a per-lot CSV export. Deletes are tombstoned, not hard-removed.

Rate limits

Limits are enforced per API key (or per IP for unauthenticated reads) using a rolling token bucket. Every response carries X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset headers; 429 responses additionally carry Retry-After. Bursts above the per-minute budget should be backed off with jitter — the official SDK does this automatically.

Scope	Budget	Window
Public read endpoints (search, lot detail, health)	120 requests	per IP per minute
Authenticated read endpoints (sessions, payouts, webhooks)	600 requests	per API key per minute
Authenticated write endpoints (create / end / extend session, refunds)	120 requests	per API key per minute
Sandbox endpoints (`pk_test_…` keys)	30 requests	per key per minute

Need a higher ceiling? Email developers@parkgraph.com with your projected throughput and we will lift the burst budget on a per-key basis.

Error codes

Every error response uses the same envelope: { "error": { "code": "…", "message": "…", "request_id": "req_…" } }. The HTTP status indicates the broad class; the code field disambiguates within a class. Surface the request_id to your support team — we can look up the full server-side trace by id alone.

Code	HTTP status	Meaning
BAD_REQUEST	400	Required parameter missing or out of range. Response body lists the offending field.
UNAUTHORIZED	401	Missing or malformed Authorization header. Send `Authorization: Bearer pk_live_…`.
FORBIDDEN	403	API key is valid but the plan does not include this scope (e.g. agent or intelligence endpoints on Starter).
NOT_FOUND	404	Lot, session, or webhook id does not exist or has been deleted.
CONFLICT	409	Idempotent retry of a non-terminal session, or attempt to end an already-completed session.
RATE_LIMITED	429	Per-key burst budget exceeded. Inspect `Retry-After` and back off.
PAYLOAD_TOO_LARGE	413	Webhook delivery body or batch upload exceeds 1 MB.
INTERNAL	500	Unexpected server error. Park Graph automatically opens an incident and retries idempotent writes.
BAD_GATEWAY	502	Upstream payment processor returned an error. Safe to retry with the same idempotency key.

AI-agent use cases

Park Graph is built for agentic distribution: every commercial endpoint (search, availability, rates, sessions, refunds) is callable by an LLM through MCP, OpenAI Actions, Gemini function declarations, xAI function calling, Perplexity Agent API, or Microsoft Copilot plugins. The grid below maps the most common agent-driven workflows on top of the sandbox environment.

Conversational booking

An end user asks ChatGPT, Claude, Gemini, Grok, or Perplexity to find parking near a destination. The model calls /lots/search, summarises 3-5 lots with prices and walking distance, then on confirmation calls /sessions to start a session and returns the QR-coded receipt URL.

Travel-app companion

A flight-booking or hotel-booking assistant pre-fetches arrival-airport parking for the trip dates and displays inline lot suggestions inside its itinerary view. The same surface backs in-app booking and a fallback web checkout.

Voice-first ordering

Realtime voice assistants (e.g. gpt-realtime, Gemini Live, Grok Voice) confirm a lot, plate, and duration verbally, then call /sessions and read back the session code. Drivers never touch a screen until they walk away from the car.

Fleet dispatcher

An autonomous-vehicle fleet (rideshare, delivery, robotaxi) holds AV-fleet allocations with /av-fleet/dispatch, then commits the spot at handoff. See /developers/av-fleet for the AV-specific contract.

Procurement / expense agent

An accounts-payable agent reconciles staff parking against company-card statements by querying /sessions/search by plate, then files reimbursements through the agent's own ledger.

City planning analytics

A research agent queries /api/v2/intelligence/market-rate and /api/v2/intelligence/agent-demand for an address corridor, then drafts a report on rate elasticity and AI-agent traffic.

Architecture

Every Park Graph request — whether it arrives from the sandbox environment, the dashboard, the QR-driven mobile checkout, or an agent — runs through the same Next.js Edge front door, hits the same Postgres-backed core, and shares the same audit log and webhook fan-out. There is no divergent code path between "agent traffic" and "human traffic": anything an agent can do, a human can do, and vice versa.

Park Graph sandbox environment authentication and rate-limit pipeline — bearer token, scope check, idempotency, audit log, response — Five-step sandbox environment request pipeline that runs before any business logic — bearer auth, scope check, idempotency replay window, audit log write, structured response.

Park Graph AI agent integration stack: agent runtimes, dispatcher, public API, attribution analytics — The AI integration stack that sits on top of the public API — agent runtimes (ChatGPT, Claude, Gemini, Grok, Perplexity, Copilot, custom MCP), dispatcher, public API, and attribution analytics.

Park Graph data pipeline: operator dashboard edits flow through ingest validation into Postgres and out to materialised feeds and public surfaces — The data pipeline behind every Park Graph public surface — single ingest path, single source of truth in Postgres, multiple materialised feeds for AI consumers, search engines, and the public site.

Sandbox & getting help

Every operator gets a sandbox key prefixed with pk_test_. Sandbox traffic uses Stripe test mode, synthetic lots, and never charges a real card. Spin one up at /developers/sandbox, then point your client at https://parkgraph.com/api/v1 exactly as you would in production.

For integration help, reach the developer team at developers@parkgraph.com or open an issue on the public GitHub org. Status and incident history live at /developers/changelog; subscribe to the JSON feed for machine-readable updates.

Open the sandbox

Test keys, sample lots, and Stripe test cards.

Read the changelog

Every API and surface change, dated and tagged.

Talk to a human

Solutions team for enterprise rollouts and bespoke contracts.