Reference
Credentials
User credential vault APIs, including resolve/check endpoints for runtimes.
Endpoint Map
| Method | Path | Auth | Purpose |
|---|---|---|---|
GET | /api/v1/credentials | Flexible auth | List current user credentials |
DELETE | /api/v1/credentials/:id | Flexible auth | Delete owned credential |
POST | /api/v1/credentials/jwt | Flexible auth | Store JWT credential |
POST | /api/v1/credentials/apikey | Flexible auth | Store API key credential |
GET | /api/v1/credentials/oauth/:serviceType/auth | Flexible auth | OAuth auth URL (currently placeholder) |
GET | /api/v1/credentials/oauth/:serviceType/callback | Flexible auth | OAuth callback (currently placeholder) |
POST | /api/v1/credentials/resolve | Flexible auth + scope check | Resolve multiple service credentials |
GET | /api/v1/credentials/check/:serviceType | Flexible auth + scope check | Check if credential exists for service |
When using API key auth on resolve/check, key must include credentials:resolve scope.
Store JWT Credential
POST /api/v1/credentials/jwt
Authorization: Bearer <jwt>
Content-Type: application/json
{
"serviceType": "gateway_api",
"token": "<jwt-or-token>",
"expiresAt": "2026-04-01T00:00:00.000Z"
}Store API Key Credential
POST /api/v1/credentials/apikey
Authorization: Bearer <jwt>
Content-Type: application/json
{
"serviceType": "slack",
"apiKey": "xoxb-..."
}Resolve Credentials
POST /api/v1/credentials/resolve
X-Api-Key: gk_xxx
X-User-Id: usr_123
Content-Type: application/json
{
"serviceTypes": ["gateway_api", "slack"]
}{
"credentials": {
"gateway_api": "...",
"slack": "..."
},
"missing": [],
"authUrls": {}
}Check Credential for One Service
GET /api/v1/credentials/check/gateway_api
X-Api-Key: gk_xxx
X-User-Id: usr_123Returns hasCredential plus metadata, or authUrl when missing.
OAuth Endpoints
/oauth/:serviceType/auth and /oauth/:serviceType/callback currently return 501 placeholder responses.