Errors, limits & scopes
Errors
Every error is:
{ "error": { "code": "rate_limited", "message": "...", "details": {} }, "request_id": "req_..."}Codes: invalid_request 400, unauthorized 401, forbidden 403, not_found 404,
not_linked 409, rate_limited / usage_capped 429 (with Retry-After),
upstream_error 502, internal_error 500.
not_linked means your platform identity has no account in that app yet - sign up there with the
same email, then re-mint or refresh your key.
Pagination
List endpoints take ?limit= (1-100, default 50) and ?cursor=, returning
{ "data": [...], "next_cursor": "..." | null }. Cursors are opaque; pass them back verbatim.
Rate limits & AI caps
- 120 requests/min per key (standard), 20/min for AI-invoking endpoints.
- Daily AI caps per key during the beta: coach 25, cross-app bridges 10, pitch drafting 10.
GET /v1/meshows your usage today and remaining limits.
Scopes
| Scope | Grants |
|---|---|
rndtoo:read / oos:read / regen:read | Read that app’s data (yours + reference) |
*:write | Reserved; not granted during beta |
ai:invoke | Coach, bridges, pitch drafting (capped) |
platform:read | Cross-app aggregates (dashboard, year in review) |
platform:admin | Operator tooling; implies everything |
Beta keys get read scopes for every app linked to your email, plus ai:invoke and
platform:read. Write scopes ship after the beta.
Health-content policy
Organic OS payloads and coach responses always include a disclaimer field. Interaction checks
return severity framing with mechanism and recommendation, never a bare safe/unsafe verdict.
Agents consuming these endpoints should relay the disclaimer.