Skip to main content
Skip to main content
Sign InGet free API key
Get free API key →

API Keys#

Create and manage API keys programmatically. Keys are prefixed gc_ and stored as HMAC-SHA256 hashes. The raw key is returned once on creation and cannot be retrieved again.

POST/v1/keys

Create a new API key. Returns the full raw key. Store it immediately.

AuthBearer token required

Request body

{
        "name": string  // required — human-readable label (1–100 chars)
      }

Response

{
        "key": string,       // full raw key — shown ONCE, store securely
        "key_id": string,    // 16-char hex ID for management
        "name": string,
        "created_at": string // ISO 8601 UTC
      }
curl -X POST https://api.gotcontext.ai/v1/keys \
        -H "Authorization: Bearer YOUR_CLERK_JWT" \
        -H "Content-Type: application/json" \
        -d '{"name": "Production server"}'

Error responses

422Missing name field or name too long (>100 chars)
401Authentication required
503Key storage unavailable (both Postgres and Redis down)
GET/v1/keys

List all API keys for the authenticated user. Returns masked key values. The raw key cannot be retrieved after creation.

AuthBearer token required

Response

{
        "keys": [
          {
            "key_id": string,
            "name": string,
            "masked_key": string,    // e.g. "gc_****ab12"
            "created_at": string,    // ISO 8601 UTC
            "last_used": string|null,
            "status": "active" | "revoked"
          }
        ]
      }
curl https://api.gotcontext.ai/v1/keys \
        -H "Authorization: Bearer YOUR_CLERK_JWT"
DELETE/v1/keys/:id

Revoke an API key by ID. Takes effect immediately. The key is rejected by the auth middleware within milliseconds.

AuthBearer token required

Response

{
        "success": true,
        "key_id": string
      }
curl -X DELETE https://api.gotcontext.ai/v1/keys/YOUR_KEY_ID \
        -H "Authorization: Bearer YOUR_CLERK_JWT"

Error responses

404Key ID not found
400Key is already revoked
401Authentication required

Billing#

Billing is handled by Polar. The checkout and portal endpoints return redirect URLs. Do not call these from server-side code without a user session.

POST/v1/billing/checkout

Create a Polar checkout session to upgrade to Pro. Returns a URL to redirect the user to.

AuthBearer token required (Clerk JWT)

Request body

{
        "plan": "pro"   // currently the only valid value
      }

Response

{
        "checkout_url": string  // redirect the user to this URL
      }
curl -X POST https://api.gotcontext.ai/v1/billing/checkout \
        -H "Authorization: Bearer YOUR_CLERK_JWT" \
        -H "Content-Type: application/json" \
        -d '{"plan": "pro"}'

Error responses

400Unknown plan (only 'pro' is valid)
503Billing service unavailable or POLAR_PRO_PRODUCT_ID not configured
401Authentication required
POST/v1/billing/portal

Get the Polar customer portal URL to manage subscription, payment method, and invoices.

AuthBearer token required (Clerk JWT)

Response

{
        "portal_url": string  // redirect the user to this URL
      }
curl -X POST https://api.gotcontext.ai/v1/billing/portal \
        -H "Authorization: Bearer YOUR_CLERK_JWT"

Error responses

404No billing account found: user has not subscribed yet
503Billing service unavailable
401Authentication required

CLI Output Compressor (git diff, pytest, npm)#

POST/v1/filter-cli

Compress verbose CLI output such as git diffs, test results, and npm install logs. Automatically detects the command type and applies type-specific compression. Typical savings: 80-99% on verbose output.

AuthBearer token required
Auto-detection supports git diff, pytest, jest, npm/yarn install, and other common CLI formats. Provide command_hint to skip detection and use a specific compressor.

Request body

{
        "output": string,        // required — raw CLI output to compress (min 1 char)
        "command_hint": string|null // optional — hint: "git_diff", "test_output", etc.
                          //            auto-detected if omitted
      }

Response

{
        "filtered": string,      // compressed CLI output
        "original_chars": number,
        "filtered_chars": number,
        "savings_pct": number,   // e.g. 92.3
        "detected_type": string|null // e.g. "git_diff", "pytest"
      }
curl -X POST https://api.gotcontext.ai/v1/filter-cli \
        -H "Authorization: Bearer gc_your_key_here" \
        -H "Content-Type: application/json" \
        -d '{
          "output": "diff --git a/src/main.py b/src/main.py\n...",
          "command_hint": "git_diff"
        }'

Error responses

422Missing or empty output field
401Missing or invalid Bearer token
503CLI filter engine not available

Lifetime Token Savings (account)#

GET/v1/savings

Retrieve your cumulative compression savings across all time. Shows total compressions, tokens processed, tokens saved, and an estimated dollar amount saved based on mid-range model pricing.

AuthBearer token required

Response

{
        "total_compressions": number,
        "total_tokens_in": number,
        "total_tokens_saved": number,
        "savings_pct": number,              // e.g. 87.2
        "estimated_cost_saved_usd": number, // e.g. 12.45
        // Pricing basis: Opus 4.7 input rates ($5/MTok), valued at compression-time.
        // See /pricing for current rates. No model-specific breakdown is returned here.
      }
curl https://api.gotcontext.ai/v1/savings \
        -H "Authorization: Bearer gc_your_key_here"

Error responses

401Authentication required

Per-Account Semantic-Cache Similarity Thresholdv1.4.0#

The semantic-cache uses cosine similarity to match near-duplicate requests. Research (Portkey + Tianpan, April 2026) shows correct-hit and incorrect-hit similarity distributions overlap between ~0.85 and ~0.92, so a single global threshold is wrong for every non-median workload. Two endpoints let each tenant tune their own cutoff.

GET/v1/settings/semantic-cache-threshold

Read your current cosine-similarity cutoff. source=user means you've set an override; source=global means the server-wide default applies.

AuthBearer token required
Default is the server-wide threshold, currently ~0.95 similarity (corresponds to distance < 0.05).

Request body

— no body —

Response

{
        "threshold": 0.95,
        "source": "global"   // "user" | "global"
      }
curl https://api.gotcontext.ai/v1/settings/semantic-cache-threshold \
        -H "Authorization: Bearer gc_your_key_here"

Error responses

401Missing or invalid Bearer token
PUT/v1/settings/semantic-cache-threshold

Set or clear your per-tenant cutoff. Pass threshold: null to reset to the server default. Otherwise cosine similarity in [0.80, 0.99].

AuthBearer token required
Research-recommended values: 0.95-0.97 for factual/high-stakes workloads; 0.92 for balanced (the global default ballpark); 0.85-0.90 for FAQ/support where a slightly imprecise hit is cheap. The dashboard Semantic Cache panel surfaces this as a slider.

Request body

{ "threshold": 0.92 }

Response

{
        "threshold": 0.92,
        "source": "user"
      }
curl -X PUT https://api.gotcontext.ai/v1/settings/semantic-cache-threshold \
        -H "Authorization: Bearer gc_your_key_here" \
        -H "Content-Type: application/json" \
        -d '{"threshold": 0.92}'

Error responses

422threshold out of range (must be in [0.80, 0.99] or null)
401Missing or invalid Bearer token

Cache-Hit Source Breakdown (exact vs semantic)v1.4.0#

GET /v1/usage/by-cache responses now include a by_source object that splits the cache hits by which mechanism matched: the request-hash fastpath (exact) vs. the embedding-distance fallback (semantic). The invariant exact_hits + semantic_hits == semantic_cache.hitsholds across the response window.

{
        "period_days": 30,
        "semantic_cache": { "hits": 15, "misses": 35, "hit_rate": 0.30, … },
        "by_source": {
          "exact_hits": 12,
          "semantic_hits": 3,
          "misses": 35
        },
        …
      }

Dashboards that rendered only the combined hitscounter previously hid which half of the cache was doing the work. The breakdown lets operators see whether a workload is benefiting from fingerprinting (exact) or from embedding-based near-duplicate matching (semantic), and tune the per-tenant threshold (above) accordingly.

Email Deliverabilityv1.28.0#

gotcontext sends transactional emails for account events: welcome, team invites, API key expiry warnings, per-project budget alerts, and usage digests. v1.28.0 adds automatic suppression when a delivery fails permanently.

When Resend reports a hard bounce or spam complaint against your address, POST /webhooks/resend receives the event (Svix-verified), sets users.email_opt_out = true for that address, and stops all subsequent sends. This prevents repeated delivery to an address that has rejected mail, which protects sender reputation for every account on the platform.

What triggers suppression:

  • Hard bounce: the destination mail server permanently rejected the address (user does not exist, domain does not accept mail). Resend event type: email.bounced with bounce_type: permanent.
  • Spam complaint: the recipient marked the email as spam. Resend event type: email.complained.

Soft bounces (temporary failures, full inbox) do not trigger suppression.

Re-enabling notifications: if your address was suppressed in error (mis-delivered bounce report, overly aggressive spam filter), email support@gotcontext.ai to clear the opt-out flag. There is no self-serve toggle in the dashboard yet. Tracked for a future settings release.

Manual opt-out is available at GET /v1/unsubscribe?token=<signed-token>. Every transactional email includes a signed unsubscribe link in its footer. Visiting it sets email_opt_out = true for that user without requiring authentication.

Where to next

Quickstart
Connect your MCP client and run your first compression in under two minutes.
Recipes
Copy-paste tool sequences for the workflows you'll run most.
Troubleshooting
Symptom-to-fix for the errors people actually hit.
Glossary
Plain-language definitions for skeleton, fidelity, profiles, and the rest.