Changelog

Changelog

March 13, 2026

March 13, 2026

Public API Reference Launch

The Prolifi Public API documentation is now live in the API Reference tab with full interactive endpoint documentation, request/response schemas, and code examples.

API endpoints (23 total)

  • PlansGET /plans, GET /plans/{id}
  • CustomersPOST, GET, PATCH, DELETE /customers, GET /customers/{id}
  • SubscriptionsPOST, GET, PATCH, DELETE /subscriptions, plus pause and resume (coming soon)
  • InvoicesGET /invoices, GET /invoices/{id}, POST /invoices/{id}/finalize, POST /invoices/{id}/void
  • Usage EventsPOST /events, POST /events/batch, GET /customers/{id}/usage
  • EntitlementsPOST /entitlements/check, GET /customers/{id}/entitlements

Developer guides

Six new guides covering the API fundamentals:

  • Authentication — API key types (secret/public), test and live environments, permission model
  • Errors — Standardised error format with 9 machine-readable error types and handling guidance
  • Pagination — Offset-based pagination with limit, offset, and has_more response fields
  • Rate Limiting — Per-key rate limits, X-RateLimit-* headers, and Retry-After handling
  • Idempotency — Safe request retries with Idempotency-Key header and 24-hour cached responses
  • IP Whitelisting — Optional IP-based access restrictions scoped by environment

OpenAPI specification

Full OpenAPI 3.1.0 specification published with:

  • Complete request/response schemas for all endpoints
  • Multiple request examples per endpoint
  • Reusable error response definitions
  • Bearer token authentication (secret and public keys)

Accuracy fixes

Post-launch review to ensure documentation and implementation are fully aligned:

  • Error types — Live-mode-disabled error changed from authentication_error to permission_error (403) for consistency. The Forbidden response now covers both read-only and live-mode cases.
  • EntitlementsGET /customers/{id}/entitlements now computes the remaining field (limit - current_usage) rather than relying on upstream data, matching the POST /entitlements/check behaviour.
  • Pause/resume responses — Added missing 404 and 403 responses to POST /subscriptions/{id}/pause and POST /subscriptions/{id}/resume endpoints.
  • Example UUIDs — Fixed invalid hex character in example UUIDs across the specification.
  • Rate limit headers — Documented that X-RateLimit-Limit and X-RateLimit-Remaining headers are present on every response, not just 429.

Other changes

  • Updated the Developers getting started guide with links to the live API Reference
  • API Reference tab now includes Overview, Guides, and endpoint sections with per-resource summaries