Account Management API

Manage your Zeodyn account programmatically. All endpoints require Bearer token authentication via API key.

POST /api/v1/auth/register

Send a magic-link sign-in email. Creates an account if the email is new. No API key required. Rate limited to 3 requests per hour per IP.

Request

curl -X POST https://zeodyn.com/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email": "agent@example.com"}'

Response (202 Accepted)

{
  "message": "If that address is registered, a sign-in link has been sent."
}

This endpoint always returns 202 regardless of whether the email exists, to prevent account enumeration.

GET /api/v1/account

Retrieve your account details, current tier, subscription status, and usage statistics.

Request

curl https://zeodyn.com/api/v1/account \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "email": "user@example.com",
  "name": null,
  "createdAt": "2026-02-20T12:00:00.000Z",
  "tier": "pro",
  "subscription": {
    "isActive": true,
    "isPaid": true,
    "isCanceling": false,
    "currentPeriodEnd": "2026-03-20T12:00:00.000Z"
  },
  "usage": {
    "dailyScans": 5,
    "dailyScanLimit": "unlimited",
    "monthlyApiCalls": 42,
    "monthlyApiCallLimit": 1000
  },
  "counts": {
    "watchedSites": 3,
    "watchedSitesLimit": 10,
    "apiKeys": 1,
    "apiKeysLimit": 1,
    "webhooks": 1,
    "webhooksLimit": 1
  }
}

GET /api/v1/account/plans

List all available Scanner tiers with pricing and limits. No authentication required. Responses are cached for 1 hour.

Request

curl https://zeodyn.com/api/v1/account/plans

Response (200 OK)

{
  "plans": [
    {
      "tier": "free",
      "name": "Scanner Free",
      "price": "Free",
      "priceMonthlyGbp": 0,
      "limits": {
        "scansPerDay": 10,
        "watchedSites": 3,
        "apiCallsMonthly": 100,
        "apiKeysMax": 1,
        "webhooksMax": 0
      }
    },
    {
      "tier": "pro",
      "name": "Scanner Pro",
      "price": "£19/month",
      "priceMonthlyGbp": 19,
      "limits": {
        "scansPerDay": "unlimited",
        "watchedSites": 10,
        "apiCallsMonthly": 1000,
        "apiKeysMax": 1,
        "webhooksMax": 1
      }
    }
  ]
}

Create a Stripe checkout session for subscribing to a paid tier. Returns a checkout URL to redirect the user to.

Request

curl -X POST https://zeodyn.com/api/v1/account/subscribe \
  -H "Authorization: Bearer zd_live_xxxxx" \
  -H "Content-Type: application/json" \
  -d '{"tier": "pro"}'

Response — new subscription (200 OK)

{
  "checkoutUrl": "https://checkout.stripe.com/c/pay/...",
  "expiresAt": "2026-02-23T12:00:00.000Z",
  "note": "Open this URL in a browser to complete payment. The link expires in 24 hours."
}

If upgrading from an existing subscription (e.g. Pro to Growth), the upgrade is applied immediately with proration:

Response — upgrade (200 OK)

{
  "upgraded": true,
  "tier": "growth",
  "note": "Subscription upgraded from pro to growth. Proration applied."
}

POST /api/v1/account/manage

Create a Stripe billing portal session for managing your subscription, payment methods, and invoices.

Request

curl -X POST https://zeodyn.com/api/v1/account/manage \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "portalUrl": "https://billing.stripe.com/p/session/...",
  "note": "Open this URL in a browser to manage your subscription, payment methods, and invoices."
}

API Key Management

Manage your API keys programmatically. Keys are masked in list responses — the full key is only returned once at creation time.

GET /api/v1/account/api-keys

Request

curl https://zeodyn.com/api/v1/account/api-keys \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "keys": [
    {
      "id": "a1b2c3d4-...",
      "keyPrefix": "zd_live_abc12345...",
      "label": "Production",
      "scopes": ["scanner:read"],
      "lastUsedAt": "2026-02-22T10:30:00.000Z",
      "createdAt": "2026-02-20T12:00:00.000Z",
      "isActive": true
    }
  ],
  "keyLimit": 1,
  "keysUsed": 1
}

POST /api/v1/account/api-keys

Request

curl -X POST https://zeodyn.com/api/v1/account/api-keys \
  -H "Authorization: Bearer zd_live_xxxxx" \
  -H "Content-Type: application/json" \
  -d '{"label": "CI Pipeline"}'

Response (201 Created)

{
  "key": {
    "id": "b2c3d4e5-...",
    "keyPrefix": "zd_live_xyz98765...",
    "label": "CI Pipeline",
    "scopes": ["scanner:read"],
    "createdAt": "2026-02-22T10:30:00.000Z",
    "isActive": true
  },
  "fullKey": "zd_live_xyz98765..."
}

The full key is only returned once at creation time. Store it securely — you cannot retrieve it again.

DELETE /api/v1/account/api-keys/{id}

Revoke an API key by ID. You cannot revoke the key you are currently using to authenticate the request.

Request

curl -X DELETE https://zeodyn.com/api/v1/account/api-keys/b2c3d4e5-... \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "revoked": true,
  "id": "b2c3d4e5-..."
}

Error responses

Status	Meaning
401	Missing or invalid API key
404	Account or subscription not found
409	Cannot revoke the key currently in use, or subscription conflict
429	Rate limit exceeded

See the authentication guide for details on API key setup and usage.

Account Management API

Manage your Zeodyn account programmatically. All endpoints require Bearer token authentication via API key.

POST /api/v1/auth/register

Send a magic-link sign-in email. Creates an account if the email is new. No API key required. Rate limited to 3 requests per hour per IP.

Request

curl -X POST https://zeodyn.com/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email": "agent@example.com"}'

Response (202 Accepted)

{
  "message": "If that address is registered, a sign-in link has been sent."
}

This endpoint always returns 202 regardless of whether the email exists, to prevent account enumeration.

GET /api/v1/account

Retrieve your account details, current tier, subscription status, and usage statistics.

Request

curl https://zeodyn.com/api/v1/account \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "email": "user@example.com",
  "name": null,
  "createdAt": "2026-02-20T12:00:00.000Z",
  "tier": "pro",
  "subscription": {
    "isActive": true,
    "isPaid": true,
    "isCanceling": false,
    "currentPeriodEnd": "2026-03-20T12:00:00.000Z"
  },
  "usage": {
    "dailyScans": 5,
    "dailyScanLimit": "unlimited",
    "monthlyApiCalls": 42,
    "monthlyApiCallLimit": 1000
  },
  "counts": {
    "watchedSites": 3,
    "watchedSitesLimit": 10,
    "apiKeys": 1,
    "apiKeysLimit": 1,
    "webhooks": 1,
    "webhooksLimit": 1
  }
}

GET /api/v1/account/plans

List all available Scanner tiers with pricing and limits. No authentication required. Responses are cached for 1 hour.

Request

curl https://zeodyn.com/api/v1/account/plans

Response (200 OK)

{
  "plans": [
    {
      "tier": "free",
      "name": "Scanner Free",
      "price": "Free",
      "priceMonthlyGbp": 0,
      "limits": {
        "scansPerDay": 10,
        "watchedSites": 3,
        "apiCallsMonthly": 100,
        "apiKeysMax": 1,
        "webhooksMax": 0
      }
    },
    {
      "tier": "pro",
      "name": "Scanner Pro",
      "price": "£19/month",
      "priceMonthlyGbp": 19,
      "limits": {
        "scansPerDay": "unlimited",
        "watchedSites": 10,
        "apiCallsMonthly": 1000,
        "apiKeysMax": 1,
        "webhooksMax": 1
      }
    }
  ]
}

Create a Stripe checkout session for subscribing to a paid tier. Returns a checkout URL to redirect the user to.

Request

curl -X POST https://zeodyn.com/api/v1/account/subscribe \
  -H "Authorization: Bearer zd_live_xxxxx" \
  -H "Content-Type: application/json" \
  -d '{"tier": "pro"}'

Response — new subscription (200 OK)

{
  "checkoutUrl": "https://checkout.stripe.com/c/pay/...",
  "expiresAt": "2026-02-23T12:00:00.000Z",
  "note": "Open this URL in a browser to complete payment. The link expires in 24 hours."
}

If upgrading from an existing subscription (e.g. Pro to Growth), the upgrade is applied immediately with proration:

Response — upgrade (200 OK)

{
  "upgraded": true,
  "tier": "growth",
  "note": "Subscription upgraded from pro to growth. Proration applied."
}

POST /api/v1/account/manage

Create a Stripe billing portal session for managing your subscription, payment methods, and invoices.

Request

curl -X POST https://zeodyn.com/api/v1/account/manage \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "portalUrl": "https://billing.stripe.com/p/session/...",
  "note": "Open this URL in a browser to manage your subscription, payment methods, and invoices."
}

API Key Management

Manage your API keys programmatically. Keys are masked in list responses — the full key is only returned once at creation time.

GET /api/v1/account/api-keys

Request

curl https://zeodyn.com/api/v1/account/api-keys \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "keys": [
    {
      "id": "a1b2c3d4-...",
      "keyPrefix": "zd_live_abc12345...",
      "label": "Production",
      "scopes": ["scanner:read"],
      "lastUsedAt": "2026-02-22T10:30:00.000Z",
      "createdAt": "2026-02-20T12:00:00.000Z",
      "isActive": true
    }
  ],
  "keyLimit": 1,
  "keysUsed": 1
}

POST /api/v1/account/api-keys

Request

curl -X POST https://zeodyn.com/api/v1/account/api-keys \
  -H "Authorization: Bearer zd_live_xxxxx" \
  -H "Content-Type: application/json" \
  -d '{"label": "CI Pipeline"}'

Response (201 Created)

{
  "key": {
    "id": "b2c3d4e5-...",
    "keyPrefix": "zd_live_xyz98765...",
    "label": "CI Pipeline",
    "scopes": ["scanner:read"],
    "createdAt": "2026-02-22T10:30:00.000Z",
    "isActive": true
  },
  "fullKey": "zd_live_xyz98765..."
}

The full key is only returned once at creation time. Store it securely — you cannot retrieve it again.

DELETE /api/v1/account/api-keys/{id}

Revoke an API key by ID. You cannot revoke the key you are currently using to authenticate the request.

Request

curl -X DELETE https://zeodyn.com/api/v1/account/api-keys/b2c3d4e5-... \
  -H "Authorization: Bearer zd_live_xxxxx"

Response (200 OK)

{
  "revoked": true,
  "id": "b2c3d4e5-..."
}

Error responses

Status	Meaning
401	Missing or invalid API key
404	Account or subscription not found
409	Cannot revoke the key currently in use, or subscription conflict
429	Rate limit exceeded

See the authentication guide for details on API key setup and usage.