POST /v1/disc/profile

Fetch a normalized DISC psychometric profile for a user in your organization.

This endpoint abstracts DISC provider complexity and returns a stable, tool-friendly structure that can be passed directly into SotsAI reasoning endpoints (such as /v1/advice).

Tip

For conceptual guidance and usage patterns, see:

→ DISC Profile (Concept & Usage)

---

Endpoint

POST https://sil-api.sotsai.co/v1/disc/profile

Auth

Send your organization API key in X-Sotsai-Api-Key.
Never expose this key to browsers or LLMs.

Rate limits

60/min per API key (organization).
Exceeding this limit returns 429.

Headers

Header	Required	Value
X-Sotsai-Api-Key	yes	sotsai_...
Content-Type	yes	application/json

---

Request body

Overview

• This endpoint is server-side only
• Email is required because the DISC provider uses it for lookup
• Profiles are fetched on demand and not persisted by SotsAI

---

Fields

email required string

Email address of the user whose DISC profile should be fetched.

• Used only to resolve the profile within your organization
• Combined with organization context to derive a deterministic provider identifier
• Not returned in the response
• Not exposed to other organizations

locale optional string default: 'en'

Language context forwarded to the DISC provider.

• Used for provider-side localization only
• Does not affect DISC score computation

Examples:

• en
• fr
• de

---

Example request

curl

curl -X POST "https://sil-api.sotsai.co/v1/disc/profile" \
  -H "Content-Type: application/json" \
  -H "X-Sotsai-Api-Key: <YOUR_API_KEY>" \
  -d '{
    "email": "user@company.com",
    "locale": "en"
  }'

TypeScript

// Server-side only. Do NOT expose X-Sotsai-Api-Key in client apps.

const res = await fetch("https://sil-api.sotsai.co/v1/disc/profile", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-Sotsai-Api-Key": process.env.SOTSAI_API_KEY!,
  },
  body: JSON.stringify({
    email: "user@company.com",
    locale: "en",
  }),
});

const profile = await res.json();

Python

# Server-side only. Do NOT expose X-Sotsai-Api-Key in client apps.

import os
import requests

resp = requests.post(
    "https://sil-api.sotsai.co/v1/disc/profile",
    headers={
        "Content-Type": "application/json",
        "X-Sotsai-Api-Key": os.environ["SOTSAI_API_KEY"],
    },
    json={
        "email": "user@company.com",
        "locale": "en",
    },
    timeout=15,
)

resp.raise_for_status()
profile = resp.json()

Responses

Status codes

Status	Meaning
200	OK
400	Invalid payload
401	Missing or invalid API key
403	Organization inactive / forbidden
404	DISC profile not found
429	Rate limited
500	Internal error
502	Provider error

Tip

Error responses include a stable error_code for programmatic handling. See Error codes for the full list.

Success response 200

Example response body

{
  "tool": "disc",
  "raw_scores": {
    "natural": {
      "D": 72,
      "I": 58,
      "S": 34,
      "C": 46
    },
    "adapted": {
      "D": 65,
      "I": 52,
      "S": 40,
      "C": 55
    }
  }
}

Error response (shape)

Example error response body

{
  "status": "error",
  "error_code": "PSY_PROFILE_NOT_FOUND",
  "message": "No DISC profile found for the specified user."
}

Notes

Idempotency

This endpoint is deterministic and side-effect free.

• safe to retry on network/timeouts/5xx
• safe to cache when context and profiles are unchanged

Idempotency keys are not required.

Logging and privacy

Avoid logging:

• email addresses
• full DISC profiles

Safe to log:

• HTTP status
• latency
• error codes