Documentation

Account

Account endpoints for RestoreCord.

Copy page

Authentication Model

RestoreCord accepts dashboard session tokens and scoped API keys in the Authorization header. API keys are sent as Bearer <keyId>.<secret> and are limited by their permission list and optional IP/CIDR allowlist.

API keys are automation credentials for customer API calls. Manage API keys from the RestoreCord dashboard.


Get Account

Returns the authenticated account. When called with an API key, the route intentionally returns a limited account payload.

Auth: Session or API key with READ_ACCOUNT.

GET/api/v3/users

Get Account

Retrieve account metadata for the authenticated user.

includeOptional
Location
query
Type
string
Session-auth only. Comma-separated optional sections: servers, bots, groups, onboarding, pendingRoleRestores. API-key responses ignore expanded dashboard data.
Example response JSON
{
  "success": true,
  "id": 123,
  "username": "restorecord_user",
  "email": "owner@example.com",
  "role": "business",
  "createdAt": "2026-06-07T10:00:00.000Z",
  "expiry": "2026-07-07T10:00:00.000Z"
}
Field
id
Type
number
Notes
Internal RestoreCord account ID.
Field
username
Type
string
Notes
Account username.
Field
email
Type
string
Notes
Account email address.
Field
role
Type
string
Notes
Current plan, usually free, premium, business, or enterprise.
Field
createdAt
Type
string
Notes
ISO timestamp.
Field
expiry
Type
string|null
Notes
Subscription expiry when present.

Errors and Limits

Status
401
Code
UNAUTHORIZED
When
Missing, expired, or invalid authentication.
Status
403
Code
FORBIDDEN
When
The token does not have access to the requested account data.
Status
429
Code
RATE_LIMITED
When
The request exceeded the account endpoint rate limit.
  • API-key authentication returns a limited account payload.
  • Expanded dashboard sections are only available to dashboard session requests.
  • API-key authentication still requires each endpoint-specific permission, documented on the relevant API page.