Documentation

Account

Get account details, export data, and delete your account via the OrbitKit API.

Account endpoints provide an overview of the user’s profile, payment method, per-app subscriptions, and support account data export and deletion.

Endpoints

Method Path Description
GET /api/status Quick account status check
GET /api/account Full account details
GET /api/account/export Export all account data
DELETE /api/account Delete account permanently

Get account status

GET /api/status

A lightweight status check returning subscription state, app count, and whether a payment method is on file. Useful for checking eligibility before operations.

Response

{
  "subscription": "active",
  "planType": "monthly",
  "appCount": 2,
  "hasPaymentMethod": true,
  "hasApps": true
}

Get account details

GET /api/account

Returns the account overview: profile info, aggregate stats, payment method, and the account’s single subscription (OrbitKit uses one seat-based subscription per account; apps are seats on it).

Response

{
  "profile": {
    "email": "user@example.com",
    "displayName": "Jane Developer",
    "photoURL": null,
    "memberSince": 1700000000000
  },
  "stats": {
    "appCount": 3,
    "subscribedSites": 2
  },
  "paymentMethod": {
    "id": "pm_1234",
    "brand": "visa",
    "last4": "4242",
    "expMonth": 12,
    "expYear": 2027
  },
  "subscription": {
    "id": "sub_1234",
    "status": "active",
    "planType": "monthly",
    "quantity": 3,
    "cancelAtPeriodEnd": false,
    "currentPeriodEnd": 1712345678
  }
}

paymentMethod is null if no card is on file. subscription is null if the account has no subscription (or it’s canceled/none). status may be trialing during the first-app free trial (the API normalizes a usable trial to active in most places — see Subscriptions).

Export account data

GET /api/account/export

Exports all user data as a JSON file download. The response includes Content-Disposition: attachment; filename="orbitkit-export.json" so browsers will save it as a file.

Rate limit: 10/hour per user

Full example

curl -H "Authorization: Bearer $TOKEN" \
     https://api.orbitkit.io/api/account/export \
     -o orbitkit-export.json

var request = URLRequest(url: URL(string: "https://api.orbitkit.io/api/account/export")!)
request.setValue("Bearer \(token)", forHTTPHeaderField: "Authorization")

let (data, _) = try await URLSession.shared.data(for: request)
// Save data to file
let fileURL = FileManager.default.temporaryDirectory.appendingPathComponent("orbitkit-export.json")
try data.write(to: fileURL)

const res = await fetch("https://api.orbitkit.io/api/account/export", {
  headers: { Authorization: `Bearer ${token}` },
});
const blob = await res.blob();
const url = URL.createObjectURL(blob);
// Trigger download in browser
const a = document.createElement("a");
a.href = url;
a.download = "orbitkit-export.json";
a.click();

Response

{
  "exportedAt": "2025-04-01T12:00:00.000Z",
  "user": {
    "email": "user@example.com",
    "createdAt": 1700000000000,
    "appCount": 2
  },
  "apps": {
    "-NtestApp123": {
      "appName": "My Weather App",
      "createdAt": 1700000000000,
      "updatedAt": 1712345678000
    }
  },
  "sites": {
    "-NtestApp123": {
      "appName": "My Weather App",
      "slug": "my-weather-app",
      "deployed": true
    }
  },
  "policies": {
    "-NtestApp123": {
      "app-info": { "app_name": "My Weather App" }
    }
  }
}

Delete account

DELETE /api/account

Permanently deletes the user’s entire account. This action cannot be undone. It:

  1. Cancels the Stripe subscription immediately
  2. Releases all slugs and custom domain mappings
  3. Removes SSL certificates
  4. Schedules the Stripe customer for deletion ~120 days after the last charge (kept short-term so we can respond to any chargeback/dispute with evidence; a scheduled job hard-deletes it once the window elapses). If the customer was never charged, it’s deleted immediately.
  5. Deletes all files from Google Cloud Storage
  6. Deletes all database records
  7. Deletes the user account

Most data is removed within 30 days; billing/payment records (in Stripe) are retained for up to ~120 days for tax, accounting, fraud, and chargeback handling, then deleted. See the Terms of Service.

The endpoint is idempotent: if a prior call deleted the database record but not the auth user (e.g. transient failure), calling it again finishes the cleanup.

Response 204 No Content

No response body.