> ## Documentation Index
> Fetch the complete documentation index at: https://docs.crustdata.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Permissions

> List every Crustdata API endpoint with your account's access status, enabled and disabled response fields, and effective rate limits — in one free GET request.

Use this endpoint to see exactly what your API key can do: which endpoints
your account can call, which response fields each returns, and the rate limit
that applies to you per endpoint. It is read-only — to change your access,
contact your Crustdata account manager.

<Note>
  This endpoint is **free** — checking your permissions does not consume any
  credits. It is rate limited to 300 requests per minute.
</Note>

## Endpoint

```
GET https://api.crustdata.com/account/endpoints
```

Authenticate with your API key in the `Authorization` header. Permissions are
account-wide: every API key on your account shares the same access.

## Query parameters

All parameters are optional filters and combine with AND. A filter that
matches nothing returns `200` with an empty `endpoints` array — not a `404`.

| Parameter  | Example                 | Effect                                                         |
| ---------- | ----------------------- | -------------------------------------------------------------- |
| `path`     | `?path=/company/enrich` | Exact endpoint-path match.                                     |
| `category` | `?category=Company`     | Endpoints in that product category (case-insensitive).         |
| `status`   | `?status=enabled`       | Only `enabled` or `not_enabled` endpoints; other values `400`. |

## Example request

<CodeGroup>
  ```bash Request theme={"theme":"vitesse-black"}
  curl --request GET \
    --url 'https://api.crustdata.com/account/endpoints?path=/company/enrich' \
    --header 'authorization: Bearer YOUR_API_KEY'
  ```

  ```python Python theme={"theme":"vitesse-black"}
  import requests

  resp = requests.get(
      "https://api.crustdata.com/account/endpoints",
      headers={"Authorization": "Bearer YOUR_API_KEY"},
  )
  for endpoint in resp.json()["endpoints"]:
      print(endpoint["path"], endpoint["status"], endpoint["effective_rate_limit_rpm"])
  ```

  ```json Response theme={"theme":"vitesse-black"}
  {
    "api_version": "2025-11-01",
    "token_limit_rpm": 200,
    "endpoints": [
      {
        "path": "/company/enrich",
        "category": "Company",
        "status": "enabled",
        "effective_rate_limit_rpm": 40,
        "fields": {
          "enabled": ["basic_info", "basic_info.all_domains", "basic_info.company_type", "..."],
          "disabled": ["social_profiles.crunchbase", "hiring.recent_openings"]
        }
      },
      {
        "path": "/person/professional_network/search/live",
        "category": "Person",
        "status": "not_enabled",
        "effective_rate_limit_rpm": 10,
        "fields": {
          "enabled": [],
          "disabled": ["basic_profile", "professional_network", "..."]
        }
      }
    ]
  }
  ```
</CodeGroup>

## Response fields

| Field                                  | Type           | Description                                                                            |
| -------------------------------------- | -------------- | -------------------------------------------------------------------------------------- |
| `api_version`                          | string         | API version the listing covers (currently `2025-11-01`).                               |
| `token_limit_rpm`                      | number \| null | Aggregate requests-per-minute ceiling for your API key across all endpoints.           |
| `endpoints[].path`                     | string         | Endpoint path, as you would call it.                                                   |
| `endpoints[].category`                 | string         | Product category: `Company`, `Person`, `Jobs`, `Web`, `LinkedIn & Social`, or `Other`. |
| `endpoints[].status`                   | string         | `enabled` — your account can call it; `not_enabled` — it requires an upgrade.          |
| `endpoints[].effective_rate_limit_rpm` | number \| null | The requests-per-minute limit that applies to your account for this endpoint.          |
| `endpoints[].fields.enabled`           | string\[]      | Response fields your account receives from this endpoint.                              |
| `endpoints[].fields.disabled`          | string\[]      | Response fields withheld from your account.                                            |

## How to read the field lists

* On an **enabled** endpoint, `fields.disabled` lists the specific fields your
  plan does not include — the endpoint works, but those fields are omitted
  from its responses.
* On a **not\_enabled** endpoint, `fields.enabled` is empty and
  `fields.disabled` lists everything the endpoint can return — the full set
  you would unlock by enabling it.
* **Batch endpoints** (`/batch/...`) inherit their fields from the matching
  non-batch endpoint, so their own field lists may be empty — check the base
  endpoint's entry for the field detail.
* Field names are dotted paths (for example `basic_info.company_type`)
  matching the response structure of the endpoint.

## Errors

| Status | Body                                                                            | Cause                                            |
| ------ | ------------------------------------------------------------------------------- | ------------------------------------------------ |
| `401`  | `{ "message": "Missing API key in request" }`                                   | No `Authorization` header.                       |
| `401`  | `{ "message": "Invalid API key in request" }`                                   | `Authorization` header carries an invalid key.   |
| `400`  | `{ "error": "Invalid status 'x'; expected one of ['enabled', 'not_enabled']" }` | `status` filter outside `enabled`/`not_enabled`. |
| `429`  | —                                                                               | More than 300 requests per minute.               |

## What to do next

* **Check your balance** — see [Credits](/general/credits) before large batches.
* **Understand per-endpoint limits** — see [Rate limits](/general/rate-limits).
* **See what fields cost** — review [Pricing](/general/pricing) for credit costs per endpoint.
