Customer Endpoints
Manage your AFA customer profile, usage, and API keys.
Customer Endpoints
These endpoints let you manage your customer profile, monitor usage, and create or revoke API keys.
All customer endpoints require authentication. The customer is identified from the API key used in the request.
GET /v1/customer/profile
Returns the authenticated customer's profile and tier details.
Response
{
"customer_id": "user_abc123",
"email": "dev@example.com",
"tier": {
"slug": "developer",
"name": "Developer",
"monthly_analyses": 2000,
"monthly_enhancements": 50,
"rate_limit_per_minute": 30,
"max_repos": 5,
"features": ["all_providers", "cli", "config_management", "github_app", "mcp_server", "rest_api"]
},
"stripe_customer_id": "cus_...",
"created_at": "2026-03-20T10:00:00Z"
}GET /v1/customer/usage
Returns usage for the current billing month (or a specified month).
Query parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
month | string | Current month | Month in YYYY-MM format |
Request
curl -H "Authorization: Bearer uk_afa_..." \
"https://api.afa.undercurrentholdings.com/v1/customer/usage?month=2026-03"Response
{
"customer_id": "user_abc123",
"year_month": "2026-03",
"analyses": 142,
"enhancements": 8
}GET /v1/customer/keys
List all API keys belonging to the authenticated customer.
Response
[
{
"key_id": "key_abc123",
"name": "Portal key for user_abc123",
"created_at": "2026-03-20T10:00:00Z",
"enabled": true,
"meta": {
"product": "afa",
"customer_id": "user_abc123",
"tier": "developer"
}
}
]The key value is not returned -- it is only available at creation time.
POST /v1/customer/keys
Create a new API key for the authenticated customer. The key inherits the customer's current tier and rate limits.
Request body
| Field | Type | Default | Description |
|---|---|---|---|
name | string | Auto-generated | Human-readable key name |
curl -X POST https://api.afa.undercurrentholdings.com/v1/customer/keys \
-H "Authorization: Bearer uk_afa_..." \
-H "Content-Type: application/json" \
-d '{"name": "CI pipeline key"}'Response
{
"key_id": "key_def456",
"key": "uk_afa_live_xyz789...",
"name": "CI pipeline key"
}Important: The key field is only returned at creation time. Store it securely -- you cannot retrieve it again.
DELETE /v1/customer/keys/{key_id}
Revoke a key belonging to the authenticated customer. AFA verifies ownership before revoking -- you can only revoke your own keys.
Request
curl -X DELETE https://api.afa.undercurrentholdings.com/v1/customer/keys/key_abc123 \
-H "Authorization: Bearer uk_afa_..."Response
{
"key_id": "key_abc123",
"status": "revoked"
}Errors
| Status | Cause |
|---|---|
| 403 | Key does not belong to this customer |
| 404 | No customer associated with this key |
| 500 | Failed to revoke key |
| 501 | Unkey not configured (self-hosted without Unkey) |
POST /v1/customer/provision
Provision a new customer record. This endpoint is called by the portal during signup and requires service-level authentication (legacy X-AFA-Token). Unkey customer keys cannot call this endpoint -- this prevents privilege escalation.
Request body
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
customer_id | string | Yes | -- | Unique customer identifier |
email | string | No | "" | Customer email |
tier | string | No | "community" | One of: community, developer, team, enterprise |
stripe_customer_id | string | No | "" | Stripe customer ID |
installation_id | int | No | 0 | GitHub App installation ID |
Response
{
"customer_id": "user_abc123",
"tier": "developer",
"status": "provisioned",
"api_key": "uk_afa_live_..."
}The api_key field is included when Unkey is configured and key creation succeeds. Store it securely.
Errors
| Status | Cause |
|---|---|
| 403 | Called with Unkey customer key (requires service auth) |
| 500 | Provisioning failed |