API reference
Comprehensive reference for every ScaiKey API endpoint, organized by resource area. Each page is self-contained — endpoint signatures, parameters, request and response shapes, and the full schema definitions referenced.
If you spot drift between these pages and the running platform, regenerate from _generate_api_reference.py against the current backend.
Endpoint groups#
| Group | Endpoints |
|---|---|
| Admin Auth | 4 |
| Admin Roles | 6 |
| App Assignments | 9 |
| Applications | 7 |
| Audit | 5 |
| Authentication | 9 |
| Authorized Apps | 2 |
| Custom Attributes | 5 |
| Dashboard | 2 |
| Federation | 12 |
| Groups | 19 |
| Identity Providers | 18 |
| MCP Agents | 7 |
| MFA | 11 |
| OIDC | 11 |
| Organizational Units | 7 |
| Partners | 5 |
| Platform OAuth | 10 |
| Platform Settings | 4 |
| Portal Auth | 6 |
| Profile | 4 |
| Registration Requests | 6 |
| SCIM 2.0 | 18 |
| SCIM Bulk | 1 |
| SCIM Groups | 6 |
| SCIM Tokens | 6 |
| SCIM Users | 6 |
| Sessions | 14 |
| Tenants | 5 |
| Users | 17 |
| Webhooks | 12 |
| public | 4 |
| registration | 4 |
What's not on this page#
- MCP Server tools — the 96 MCP-tool endpoints for AI agent integrations aren't documented here. They're a separate surface and warrant their own page family.
- Internal endpoints —
/_internal/*is platform-internal and not part of the public contract.
Authentication#
Every endpoint uses Bearer JWT. To obtain a token, see Quickstart for service-to-service or Tutorials for the user-facing flow.
Cross-cutting reference pages#
- OAuth endpoints — authorize / token / userinfo / discovery / jwks / end_session, both platform and tenant flavors.
- Admin API overview — the conceptual map of admin resources and access tiers.
- Webhooks — receiving-side spec for the events ScaiKey emits.