Platform API Overview

Base URL
Authentication
Session Auth (Control Plane)
API Key Auth (Data Plane)
Response Format
Common Error Codes
Rate Limits
OpenAPI Spec

Base URL

https://api.polpo.sh

Authentication

The Polpo API uses two authentication methods:

Session Auth (Control Plane)

Used for managing organizations, projects, and API keys. Requires a session token from Better Auth.

Authorization: Bearer <session_token>

API Key Auth (Data Plane)

Used for agent operations — completions, tasks, missions, events. Requires a project API key.

Authorization: Bearer sk_live_...

Response Format

All responses return JSON. Successful responses return the resource directly. Errors return:

{
  "error": "Human-readable message",
  "code": "machine_readable_code"
}

Common Error Codes

Code	Status	Description
`unauthorized`	401	Missing or invalid authentication
`invalid_api_key`	401	API key not found or revoked
`not_found`	404	Resource doesn’t exist
`conflict`	409	Resource already exists (duplicate slug)
`bad_request`	400	Missing required parameter
`internal_error`	500	Server error

Rate Limits

Free tier: 10 requests/second per API key. Rate limit headers:

X-RateLimit-Limit: 10
X-RateLimit-Remaining: 9
Retry-After: 1

OpenAPI Spec

The full OpenAPI 3.1 specification is available at:

GET /v1/openapi.json

Create an organization

Overview

Organizations

Projects

Webhooks

Platform API Overview

Base URL

Authentication

Session Auth (Control Plane)

API Key Auth (Data Plane)

Response Format

Common Error Codes

Rate Limits

OpenAPI Spec

Overview

Organizations

Projects

Webhooks

​Base URL

​Authentication

​Session Auth (Control Plane)

​API Key Auth (Data Plane)

​Response Format

​Common Error Codes

​Rate Limits

​OpenAPI Spec

Base URL

Authentication

Session Auth (Control Plane)

API Key Auth (Data Plane)

Response Format

Common Error Codes

Rate Limits

OpenAPI Spec