usage.changed silent push so iOS clients refresh their balance immediately.
Authentication
All admin credit endpoints require the shared admin bearer token in theAuthorization header:
/internal/* endpoints. Rotate via your secrets manager when staffing changes.
If the secret is unset on the server, every endpoint returns 503 admin_unconfigured. If the bearer is missing, 401 missing_bearer. If it does not match, 403 invalid_admin_secret.
List configured currencies
Returns the project’s configured virtual currency types. The default project is configured withCRD = Credits and product grants tied to every IAP subscription tier.
Rate limit: 60 requests per minute.
200 response
503 with a descriptive detail.
Get balances for a user
Returns all virtual currency balances for one customer, keyed by Clerkuser_id.
Rate limit: 120 requests per minute.
Clerk user id (e.g.
user_2abcXYZ).When
true, includes balances of zero in the response. Default omits them.200 response
404 rc_customer_not_found if the user has no RevenueCat customer record (for example, they have never opened the app or hit any RC SDK call).
Grant or deduct credits
Adjust a user’s credit balance with a required audit reason. Positive amounts grant; negative amounts deduct. Zero is rejected with400 amount_must_be_nonzero.
Every call writes an auditable transaction on the RevenueCat dashboard and fires a usage.changed silent control envelope over the realtime gateway so the user’s iOS client refreshes its balance immediately without a foreground prompt. See silent control envelopes for the wire format.
Rate limit: 30 requests per minute.
Clerk user id of the customer to adjust.
Positive grants, negative deducts. Must be non-zero.
Audit-trail note shown on the RevenueCat dashboard. Required, 3–500 chars. Always include a ticket reference.
Virtual currency code. Defaults to
CRD (Credits).Optional client-supplied idempotency key (max 200 chars). Replaying the same key short-circuits duplicate adjustments.
200 response
Error codes
| Status | Detail | Meaning |
|---|---|---|
400 | amount_must_be_nonzero | The amount field was 0. |
401 | missing_bearer | No Authorization header. |
403 | invalid_admin_secret | Bearer did not match the configured admin secret. |
404 | rc_customer_not_found | The user has no RevenueCat customer record. |
502 | rc_call_failed: <type> | Upstream RevenueCat call raised an error. Retry or escalate. |
503 | admin_unconfigured | The admin secret or RevenueCat v2 credentials are unset server-side. |