API Terms of Use
Last Updated: April 3, 2026
1. API Access
Access to the Ricord API requires a valid API key issued through your Ricord account dashboard. Each API key is intended for use with a single application. You may generate multiple keys for multiple applications, but sharing a single key across unrelated applications is prohibited. API access is subject to these terms, our Terms of Service, and our Acceptable Use Policy.
2. Authentication
All API requests must include a valid Bearer token in the Authorization header:
You must not:
- Embed API keys in client-side code (JavaScript bundles, mobile apps, or any code distributed to end users).
- Share API keys in public repositories, documentation, or communications.
- Use another user's API key or allow others to use yours.
If you believe a key has been compromised, revoke it immediately from your dashboard and generate a new one.
3. Rate Limits
API rate limits are enforced per API key based on your account tier:
| Tier | Rate Limit | Burst |
|---|---|---|
| Free | 100 req/min | 20 req/sec |
| Pro | 600 req/min | 60 req/sec |
| Team | 1,200 req/min | 120 req/sec |
| Enterprise | Custom | Custom |
Rate-limited responses return HTTP 429 with a Retry-After header indicating the number of seconds to wait before retrying.
4. Covered API Endpoints
These API Terms apply to all endpoints under the following namespaces:
/v1/knowledge/*Knowledge base CRUD, search, and extraction endpoints./v1/memory/*Memory storage, retrieval, and semantic search endpoints./v1/chat/completionsChat completion proxy with automatic knowledge injection.
Additional endpoints may be added over time. New endpoints are governed by these terms upon release.
5. Data Handling
Understanding how Ricord processes and stores data through the API is critical. Here is how we handle your data:
- Conversation processing — conversation content sent through the chat completions endpoint is processed in real-time for knowledge extraction only. Raw conversation content is not persisted beyond the extraction processing window.
- Request metadata — metadata about API requests (timestamps, endpoint, response codes, token counts) is retained for billing, analytics, and abuse prevention purposes.
- No conversation storage — Ricord does not store raw conversation content beyond the extraction processing pipeline. Once extraction is complete, the source conversation is discarded.
- Extracted knowledge — knowledge extracted from your conversations is stored in your tenant-isolated knowledge base in accordance with our Privacy Policy and applicable data retention settings.
6. API Availability
| Tier | Availability |
|---|---|
| Free | Best-effort, no SLA. May experience degraded performance during peak usage. |
| Pro / Team | 99.9% monthly uptime SLA (excluding scheduled maintenance). |
| Enterprise | 99.9% SLA with custom support terms and dedicated escalation. |
Scheduled maintenance windows are communicated at least 48 hours in advance via email and our status page.
7. API Versioning
Ricord maintains backward compatibility for a minimum of six months after a new API version is released. When breaking changes are introduced in a new version, the previous version will continue to function for at least six months. Deprecation notices are sent via email to the address associated with your Ricord account and posted in our API changelog. We strongly recommend subscribing to deprecation notifications and testing against new versions as soon as they are available.
8. API Key Revocation
Ricord reserves the right to revoke API keys at any time if we determine, in our sole discretion, that the associated account or usage violates our Acceptable Use Policy, these API Terms, or our Terms of Service. Where possible, we will provide advance notice and an opportunity to remediate before revocation. In cases of severe or imminent threat, revocation may be immediate.
9. No Warranty on Extraction Accuracy
IMPORTANT: Ricord provides no warranty regarding the accuracy, completeness, or reliability of knowledge extracted through the API.
Responses from the /v1/chat/completions endpoint may contain auto-injected knowledge that is inaccurate, incomplete, outdated, or contextually inappropriate. This is an inherent characteristic of AI-powered knowledge extraction and recall systems.
Client applications that integrate with the Ricord API must implement their own verification, validation, and fact-checking mechanisms before presenting extracted knowledge to end users or using it in decision-making processes. Ricord AI shall not be held liable for any decisions, actions, or outcomes based on inaccurate auto-extracted knowledge delivered through the API.
10. Limitation of Liability
To the maximum extent permitted by applicable law:
- Ricord AI's total aggregate liability for any claims arising from your use of the API shall not exceed the amount you paid to Ricord AI in the twelve (12) months preceding the claim.
- In no event shall Ricord AI be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, business opportunities, or goodwill, regardless of the theory of liability.
- These limitations apply to all claims, whether based on warranty, contract, tort, or any other legal theory, even if Ricord AI has been advised of the possibility of such damages.
The liability caps and exclusions in this section are consistent with those set forth in our Terms of Service.
11. Changes to These Terms
We may update these API Terms from time to time. Material changes will be communicated via email at least 30 days before they take effect. Continued use of the Ricord API after changes become effective constitutes acceptance of the updated terms. If you do not agree with the changes, you must stop using the API and revoke your API keys.
Questions about these API Terms? Contact us at legal@ricord.ai.