Identity and scope of the calling key
Return the calling API key's **identity and scope** — the canonical "is my key valid, and what can it see?" probe. Returns identity/scope only; it never returns plan or limits (see `/metrics/usage` for usage). `scope_type` is `organization` for a key that reaches the whole tenant, or `inbox` for a key pinned to a single inbox. `scope_id` is the id that scope resolves to — the tenant for an organization key, the inbox for an inbox key. `inbox_id` is present only for an inbox-scoped key.
Return the calling API key's identity and scope — the canonical
"is my key valid, and what can it see?" probe. Returns identity/scope
only; it never returns plan or limits (see /metrics/usage for usage).
scope_type is organization for a key that reaches the whole tenant,
or inbox for a key pinned to a single inbox. scope_id is the id that
scope resolves to — the tenant for an organization key, the inbox for an
inbox key. inbox_id is present only for an inbox-scoped key.
The per-tenant API key. Sent as the x-api-key request header. The key
is tenant-scoped.
In: header
Response Body
application/json
application/json
application/json
curl -X GET "https://example.com/auth/me"{ "api_key_id": "string", "tenant_id": "string", "scope_type": "organization", "scope_id": "string", "inbox_id": "string"}{ "name": "string", "message": "string"}{ "name": "string", "message": "string"}List API keys GET
List the tenant's API keys, newest-first by default, with cursor pagination. Each entry carries the name, non-secret prefix, permissions, scope, and created/last-used timestamps — **never the secret**, which is shown only once at creation.
Resolve the authenticated tenant GET
Echoes the tenant the presented API key resolves to. Useful as an "is my key valid?" check. Returns `401` if the key is missing/invalid.