Skip to main content
GET
/
api
/
logo
Proxy a company logo lookup
curl --request GET \
  --url https://app.puffle.ai/api/logo \
  --header 'Authorization: Bearer <token>'

Overview

Server-side proxy to Google’s favicon service (google.com/s2/favicons) that returns an image binary for the given domain. The proxy exists solely to sidestep browser CORS issues when rendering company logos in the UI — it has no Puffle-specific logic or enrichment. The response is a raw image stream (typically image/png or image/x-icon), not JSON. Cache-Control is set to 24 h on the browser and 7 days at the CDN edge.

Query parameters

  • domain — bare hostname (acme.com). No protocol, path, port, or query string. Consecutive dots rejected. Invalid shapes return 400.
  • sz — optional edge length in pixels. Allowlist: 16, 32, 48, 64, 128, 256. Anything else is silently clamped to 64.

This endpoint has no POST

Only GET is exposed. There is no logo upload surface on this route — logos are always proxied, never stored. For company data beyond the icon, use the enrichment column endpoints under POST /api/lists/{id}/columns.

AI agent notes

Agents rarely need this. It returns bytes, not data. Prefer the list + enrichment endpoints (e.g. createListColumn) for structured company information. Use /api/logo only when you specifically need the image to render (e.g. generating a preview card).404 is not an error condition. A 404 with empty body means Google has no favicon indexed for the domain — treat as “no logo available” and move on.502 is transient. Empty body, safe to retry after a short backoff. Do not loop — one retry is enough; if it fails twice in a row, surface “logo unavailable” to the UI.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

domain
string
required

Bare hostname (e.g. acme.com). No protocol, path, port, or query string — and no consecutive dots. Invalid shapes return 400.

sz
enum<string>

Pixel size. Defaults to 64. Values outside the allowlist are replaced with 64 rather than rejected.

Available options:
16,
32,
48,
64,
128,
256

Response

Image bytes (typically image/png or image/x-icon). Content-Type mirrors the upstream response. Cache-Control sets max-age=86400, s-maxage=604800.