How the API works
The public developer API origin is:
Code
External routes are versioned under /v1. The internal application mount may differ; the public
OpenAPI projection is the authority for external clients.
Authentication
Requests use bearer API keys. Create and manage keys yourself in the console — keys are hashed at rest, scoped to your developer account, revocable, and metered. The raw key is shown once at creation.
Code
The response envelope
Every calculation response comes back in the same envelope, so you can handle results uniformly:
- the computed
result; - the calculation method;
- the runout or iteration count;
- a margin estimate where Monte Carlo is used;
- the engine identifier;
- validation and caveat notes when relevant.
Errors
Errors are stable, typed, and safe to show to developers. They explain how to fix invalid inputs without leaking internal route names, stack traces, or account state. See Errors & troubleshooting.
Rate limits and metering
The API meters usage against a credit ledger. Successful calls draw down credits; validation and auth failures are never charged. Free credits get you started, and you top up your credit wallet in the console when you're ready for production traffic. Requests fail closed with a clear, machine-readable error when credits or rate limits are exhausted.