Authentication and rate limits
Authentication and rate limits
Section titled “Authentication and rate limits”Today (public beta, as-of 2026-07)
Section titled “Today (public beta, as-of 2026-07)”| Surface | Auth | Limit |
|---|---|---|
Reads: /api/health, /api/tracts/*, /api/listings/*, /api/underwrite, /api/metrics/scorecard, /api/mcp-tools, /api/openapi.json |
none | 30 calls/min/IP |
/mcp (all six tools) |
none | 30 calls/min/IP |
Private: /api/state, /api/deals, /api/run-listings |
shared write secret — operator-only, not issued | — |
Exceeding the limit returns 429 with a JSON error; wait a minute. The limiter is a sliding per-minute window per IP. Limits are enforceable under the terms and may change during beta; changes land in the changelog.
There is nothing to sign up for yet. The private endpoints are the operator’s personal write rail (UI state sync, deal ledger, manual runs); no external keys exist for them.
Planned (F2)
Section titled “Planned (F2)”- OAuth 2.1 (authorization code + PKCE) for third-party MCP and API clients.
- Self-serve API keys, prefix
cvm_, issued from a dashboard, revocable. - Scopes:
read:tracts(stays free),read:deals,run:underwrite. Keys buy higher limits and stability, not different numbers. - Audit logging on key issuance, scope grants, and private-endpoint calls.
Billing and paid tiers remain deferred behind an explicit product gate (P8); the beta is free.
The bright line
Section titled “The bright line”No output of this system may be used for tenant screening or for credit decisions. This is a Fair Credit Reporting Act prohibition, not a courtesy note: the service is not a consumer reporting agency and its outputs are not consumer reports. Automated valuations are not appraisals — median ARV miss 20.1% against 744 resales, as-of 2026-06 (accuracy).