API authentication

Authenticate protected Plandalf API requests, confirm the active user, and understand which organization the API will use.

OpenAPI endpoint API authentication
GET /api/users/me
Request URL
https://api.plandalf.com/api/users/me
Authentication
Bearer token
Operation ID
getCurrentUser

Authentication has one job: prove who is making the request before you read or change commerce data. Start by checking identity, then make the smallest real API call from your server.

Do this before any catalog, checkout, or automation call

Make GET /api/users/me work first. It tells you whether the token is valid and which organization Plandalf will use for organization-scoped records.

The path

  1. Keep API credentials in environment variables, server secrets, or your platform’s secret manager. Do not put them in JavaScript that ships to the browser.

  2. Every protected API request should include Authorization: Bearer <token> and Accept: application/json.

  3. Call GET /api/users/me before moving on. If this fails, the next API page will fail too.

  4. The response includes current_organization. Catalog, checkout, and automation routes use that context for organization-owned data.

Identity endpoint

Use this as the first server-side smoke test. It proves the bearer token works and shows the organization context later API calls will inherit.

Endpoint

Get current user

Returns the authenticated user and current organization context for protected API calls.

GET /api/users/me
Base URL
https://api.plandalf.com
Authentication
Bearer token
Availability
Protected API
Operation ID
getCurrentUser
Request URL
https://api.plandalf.com/api/users/me

Headers

headerAuthorizationstringrequired

Send Bearer <token>. Requests without a valid bearer credential cannot resolve the authenticated user or current organization.

headerAcceptstringdefault: application/json

Ask API routes to return JSON.

headerContent-Typestringdefault: application/json

Include this when the request sends a JSON body.

Identity request

Request
curl "https://api.plandalf.com/api/users/me" \
  -H "Authorization: Bearer $PLANDALF_API_KEY" \
  -H "Accept: application/json"
const response = await fetch("https://api.plandalf.com/api/users/me", {
  headers: {
    Authorization: `Bearer ${process.env.PLANDALF_API_KEY}`,
    Accept: "application/json",
  },
});

if (!response.ok) {
  throw new Error(`Plandalf authentication failed: ${response.status}`);
}

const identity = await response.json();

Identity response

The identity check is not just a ping. It shows the user and organization context that later API calls will inherit. Keep the first read small: confirm the user, confirm current_organization, then move on.

Identity response

200 Response
{
  "id": "usr_123",
  "email": "founder@example.com",
  "current_organization": {
    "id": "org_123",
    "name": "Example Studio",
    "timezone": "Australia/Sydney"
  }
}

Invalid token

401 Response
{
  "message": "Unauthenticated."
}

Response fields

idstring

The authenticated user’s route key.

emailstring

The email address for the authenticated Plandalf user.

plandalf_jwtstring

A signed Plandalf JWT for browser or embedded surfaces that need to identify the current user. Treat it as sensitive.

current_organizationobjectrequired

The organization currently selected for the authenticated user. Organization-scoped API routes use this context.

current_organization.idstring

The organization route key.

current_organization.namestring

The name shown inside Plandalf.

current_organization.timezonestring

The timezone used for organization display and date handling.

organizationsarray

Other organizations available to the authenticated user.

Error fields

messagestring

Authentication failure message returned when the bearer token is missing, expired, or invalid.

Where credentials belong

Credential placement

Server routesprivate

Best for catalog reads, checkout session creation, automation setup, and anything that touches private records.

Browser checkoutpublic

Use the checkout SDK for browser behavior. Do not expose API bearer credentials in front-end code.

Do not rely on URL tokens

If an older integration depends on URL-based authentication, treat it as compatibility behavior and move it behind the Authorization header before going live.

Next calls

  • Catalog API: read products and plans after the token resolves the right organization.
  • Checkout SDK: pair server-side API calls with client-side checkout behavior.
  • Webhooks: fan external events into Plandalf workflows.

Feature detail