Sign up an agent and get a key + inbox
Provision a brand-new account entirely in code: this creates a tenant, a first inbox, and a first API key, then emails a 6-digit verification code to `human_email`. Call `verify` with that code to activate the account. This is the one unauthenticated endpoint — you use it to obtain your first API key, so there is no key to present yet. The `api_key` in the response is shown **once** and is never retrievable again — store it securely. Calling `sign_up` again with the same `human_email` is safe and idempotent: it returns the **same** account with a freshly **rotated** `api_key` (the previous key stops working) and re-sends the verification code if the previous one has expired — it never creates a duplicate account.
Provision a brand-new account entirely in code: this creates a tenant, a
first inbox, and a first API key, then emails a 6-digit verification code
to human_email. Call verify with that code to activate the account.
This is the one unauthenticated endpoint — you use it to obtain your first API key, so there is no key to present yet.
The api_key in the response is shown once and is never retrievable
again — store it securely. Calling sign_up again with the same
human_email is safe and idempotent: it returns the same account with
a freshly rotated api_key (the previous key stops working) and
re-sends the verification code if the previous one has expired — it never
creates a duplicate account.
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
The details an agent supplies to provision itself an account.
Response Body
application/json
application/json
application/json
curl -X POST "https://example.com/sign_up" \ -H "Content-Type: application/json" \ -d '{ "human_email": "user@example.com" }'{ "tenant_id": "34f5c98e-f430-457b-a812-92637d0c6fd0", "inbox_id": "string", "api_key": "string"}{ "name": "string", "message": "string"}{ "name": "validation", "errors": { "property1": "string", "property2": "string" }}Cumulative usage time-series GET
Return usage as a **cumulative time-series**: for each requested `usage_types` dimension, a list of `{ timestamp, value }` points where `value` is the **running total** at that bucket boundary. Counts (`inbox_count`, `message_count`, `thread_count`) accumulate over the window; `storage_bytes` reports the current live counter at each point. The window is `start`–`end` (ISO-8601, at most 90 days apart), bucketed by `period` seconds. The number of buckets — `(end − start) ÷ period` — may not exceed 500; use a larger `period` for a longer window. `limit` takes at most that many buckets from the tail of the window, and `descending` returns the newest bucket first. Requires the key's `metrics_read` permission; a key without it gets `403`.
Verify an agent account with its OTP POST
Activate an account created by `sign_up` by submitting the 6-digit code emailed to its `human_email`. On success the account is lifted off the restricted new-account limits to its full plan. The code expires 10 minutes after it is issued and allows 5 attempts. A wrong or expired code fails verification; obtain a fresh code by calling `sign_up` again with the same `human_email`. Unauthenticated — the account is verified by possession of the code, not by an API key.