Salfio
APIReference

Get the caller's organization

Returns the organization associated with the bearer token. Singleton endpoint — there is no `{organizationId}` in the path and there is no way for a caller to read a different organization's record. **Spec-vs-implementation note (SAL-232).** The spec exposes `plan` and `rateLimits.*` fields; today the organization model does not carry a per-org plan or rate-limit override. The response stubs `plan` to `"free"` and populates `rateLimits` with the system-wide defaults (100 requests/min per org, 50 requests/min per endpoint). When per-org overrides land (SAL-220 follow-up #7) the same wire fields will start reflecting per-org values — the response shape is designed to be forwards-compatible.

GET
/organization

Authorization

bearerAuth
AuthorizationBearer <token>

Salfio API tokens start with the literal prefix sk_live_ followed by 32 base62 characters (≈190 bits of entropy). Tokens are hashed at rest with argon2id and shown to the user only once at creation.

In: header

Response Body

application/json

application/json

application/json

curl -X GET "https://api.salfio.com/v1/organization"
{
  "meta": {
    "cursor": "string",
    "hasMore": true
  },
  "data": {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "name": "Acme Inc.",
    "slug": "acme",
    "plan": "free",
    "defaultTimezone": "Europe/Amsterdam",
    "defaultCurrency": "EUR",
    "rateLimits": {
      "organizationPerMinute": 100,
      "endpointPerMinute": 50
    },
    "createdAt": "2019-08-24T14:15:22Z",
    "updatedAt": "2019-08-24T14:15:22Z"
  }
}
{
  "error": {
    "code": "unauthorized",
    "message": "Authentication required"
  }
}
{
  "error": {
    "code": "rate_limited",
    "message": "Rate limit exceeded",
    "details": {
      "retry_after_seconds": 30
    }
  }
}

Update a user's profile

Updates whitelisted profile fields. The endpoint intentionally does not accept identity-bound fields — `email`, `clerkUserID`, and the canonical `id` are owned by Clerk and cannot be changed through the API. Unknown fields in the body are silently ignored.

Update the caller's organization

Updates the whitelisted fields on the caller's organization. Only `name`, `defaultTimezone`, and `defaultCurrency` are writable. **`plan` is billing-bound** — an attempt to update it is rejected with `400 invalid_argument` rather than silently ignored, so a partner misreading the spec gets a clear error rather than a false sense of success. **`slug` is stable** for the same reason — changing it breaks dashboard deep links and other external references. Both return 400 when present in the body. Other unknown fields are silently ignored.