Skip to main content
Returns the workspace, plan tier, key metadata, and - when event limits are enforced - current monthly usage for the presented API key. One call proves the key works and shows what it is attached to, which makes it the natural first request for integration setup and for coding agents verifying a pasted key.

Authentication

Send your API key in X-Pylva-Key. Rate limit is shared with the telemetry endpoints (1000 requests/min per key).
curl https://api.pylva.com/api/v1/whoami \
  -H "X-Pylva-Key: $PYLVA_API_KEY"

Response

{
  "org": { "slug": "acme", "name": "Acme" },
  "tier": "pro",
  "key": { "id": "deadbeef", "scope": "universal" },
  "limits": { "monthly_events": 1000000, "enforced": true },
  "usage": {
    "monthly_events_used": 1234,
    "monthly_events_limit": 1000000,
    "window_start": "2026-07-01T00:00:00.000Z",
    "window_end": "2026-08-01T00:00:00.000Z",
    "window_source": "calendar_month"
  },
  "docs_url": "https://docs.pylva.com",
  "agent_setup_url": "https://docs.pylva.com/setup-with-ai.md"
}
FieldNotes
org.slug, org.nameThe workspace this key belongs to.
tierfree, pro, scale, or enterprise. See Plans and limits.
key.idThe public key identifier - never the secret.
key.scopeCurrent Pylva Cloud keys report universal; legacy keys are upgraded to the same capability.
limits.monthly_eventsThe plan cap; null means unlimited.
limits.enforcedWhether event caps are enforced (false on self-hosted deployments by default).
usagenull when limits are not enforced, on unlimited plans, or if the lookup fails open - use limits.enforced to tell these apart.
Responses are never cached (Cache-Control: no-store).

Notes

  • A 401 INVALID_API_KEY here means the key is wrong or revoked - the same check as any other endpoint, but with a useful body on success.
  • Full schema: api.pylva.com/openapi.json.