Test & live modes
Every workspace has two fully isolated environments. Test mode is your sandbox for building and experimenting; live mode acts on real workspace data. The API key you use decides which one a request hits — there's nothing else to configure.
Two environments, one API
The API surface is identical in both modes. Test-mode keys (mtb_test_) read and write an isolated sandbox; live-mode keys (mtb_live_) act on your real CRM, invoices, inventory, files, and AI. Objects never cross between modes — a client you create in test mode will never appear in live, and vice versa.
The key decides the mode
There's no mode parameter. Authenticate with a test key and the request runs in the sandbox; authenticate with a live key and it runs against real data. Every response also includes a livemode field and the X-RateLimit-Plan header so you always know where you are.
# Sandbox — safe to experiment, seeded with sample data
curl https://api.mytabulon.com/v1/clients \
-H "Authorization: Bearer mtb_test_..."
# Live — real workspace data
curl https://api.mytabulon.com/v1/clients \
-H "Authorization: Bearer mtb_live_..."Switching in the dashboard
Flip the Test mode switch in the developer dashboard sidebar. Keys, request logs, usage, and webhooks all filter to the mode you're viewing, and an amber banner reminds you when you're in test mode. Create a key while in test mode and you get a test key; the same for webhook endpoints.
The sandbox
Each workspace's sandbox starts pre-seeded with sample clients, a lead, a deal, an invoice, inventory, a project with a task, and a storage bucket — so your very first GET returns something. Sandbox uploads are capped at 1.5 MB per object and AI responses are simulated (no tokens used). Webhooks fire only to test-mode endpoints.
Going live
When your integration works in test mode, switching to production is just swapping the key: create a live key with the same scopes, move it into your server's secrets, and you're done. No code changes required.