oCoreoCore Docs
API Reference

A P I Keys

List API keys

Returns a paginated list of all API keys with optional search.

GET
/admin/api-keys

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Query Parameters

pageinteger

Page number

limitinteger

Page size

searchstring

Search filter

curl -X GET "//api.ocore.dev/api/admin/api-keys?page=0&limit=0&search=%3Cstring%3E" \
  -H "Authorization: <token>"

OK

{
  "apiKeys": [
    {}
  ],
  "total": 0
}

Revoke an API key

Revokes an API key, immediately invalidating it.

DELETE
/admin/api-keys/{id}

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Path Parameters

idRequiredstring

API Key ID

Format: "uuid"
curl -X DELETE "//api.ocore.dev/api/admin/api-keys/497f6eca-6276-4993-bfeb-53cbbbba6f08" \
  -H "Authorization: <token>"

OK

{
  "message": "string"
}

List tenant API keys

Lists API keys for the current organization.

GET
/api-keys

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

curl -X GET "//api.ocore.dev/api/api-keys" \
  -H "Authorization: <token>"

OK

{
  "apiKeys": [
    {
      "createdAt": "string",
      "expiresAt": "string",
      "id": "string",
      "lastUsedAt": "string",
      "mcpActive": true,
      "mcpAllowlistMode": "string",
      "mcpInstanceIds": [
        "string"
      ],
      "mcpPermissions": [
        "string"
      ],
      "mcpPreset": "string",
      "mcpProjectIds": [
        "string"
      ],
      "mcpReadOnly": true,
      "mcpReconnectRequired": true,
      "mcpReconnectRequiredMessage": "string",
      "mcpToolAllowlist": [
        "string"
      ],
      "name": "string",
      "permissions": [
        "string"
      ],
      "prefix": "string",
      "scope": "string"
    }
  ],
  "total": 0
}

Create tenant API key

Creates an organization-scoped API key and returns the plaintext key once.

POST
/api-keys

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Request Body

application/jsonRequired

API key creation request

expiresAtstring
mcpActiveboolean
mcpAllowlistModestring
mcpInstanceIdsarray<string>
mcpPermissionsarray<string>

Phase 64: Granular MCP access control.

mcpPresetstring
mcpProjectIdsarray<string>
mcpReadOnlyboolean
mcpToolAllowlistarray<string>
namestring
permissionsarray<string>
scopestring
curl -X POST "//api.ocore.dev/api/api-keys" \
  -H "Authorization: <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "expiresAt": "string",
    "mcpActive": true,
    "mcpAllowlistMode": "string",
    "mcpInstanceIds": [
      "string"
    ],
    "mcpPermissions": [
      "string"
    ],
    "mcpPreset": "string",
    "mcpProjectIds": [
      "string"
    ],
    "mcpReadOnly": true,
    "mcpToolAllowlist": [
      "string"
    ],
    "name": "string",
    "permissions": [
      "string"
    ],
    "scope": "string"
  }'

Created

{
  "createdAt": "string",
  "expiresAt": "string",
  "id": "string",
  "lastUsedAt": "string",
  "mcpActive": true,
  "mcpAllowlistMode": "string",
  "mcpInstanceIds": [
    "string"
  ],
  "mcpPermissions": [
    "string"
  ],
  "mcpPreset": "string",
  "mcpProjectIds": [
    "string"
  ],
  "mcpReadOnly": true,
  "mcpReconnectRequired": true,
  "mcpReconnectRequiredMessage": "string",
  "mcpToolAllowlist": [
    "string"
  ],
  "name": "string",
  "permissions": [
    "string"
  ],
  "plaintextKey": "string",
  "prefix": "string",
  "scope": "string"
}

Get tenant API key

Gets one API key from the current organization.

GET
/api-keys/{id}

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Path Parameters

idRequiredstring

API key ID

curl -X GET "//api.ocore.dev/api/api-keys/<string>" \
  -H "Authorization: <token>"

OK

{
  "createdAt": "string",
  "expiresAt": "string",
  "id": "string",
  "lastUsedAt": "string",
  "mcpActive": true,
  "mcpAllowlistMode": "string",
  "mcpInstanceIds": [
    "string"
  ],
  "mcpPermissions": [
    "string"
  ],
  "mcpPreset": "string",
  "mcpProjectIds": [
    "string"
  ],
  "mcpReadOnly": true,
  "mcpReconnectRequired": true,
  "mcpReconnectRequiredMessage": "string",
  "mcpToolAllowlist": [
    "string"
  ],
  "name": "string",
  "permissions": [
    "string"
  ],
  "prefix": "string",
  "scope": "string"
}

Delete tenant API key

Revokes one API key from the current organization.

DELETE
/api-keys/{id}

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Path Parameters

idRequiredstring

API key ID

curl -X DELETE "//api.ocore.dev/api/api-keys/<string>" \
  -H "Authorization: <token>"

OK

{
  "message": "string"
}

Update tenant API key

Updates API key metadata and MCP permissions for the current organization.

PUT
/api-keys/{id}

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Request Body

application/jsonRequired

API key update request

mcpActiveboolean
mcpAllowlistModestring
mcpInstanceIdsarray<string>
mcpPermissionsarray<string>
mcpPresetstring
mcpProjectIdsarray<string>
mcpReadOnlyboolean
mcpToolAllowlistarray<string>
namestring
permissionsarray<string>

Path Parameters

idRequiredstring

API key ID

curl -X PUT "//api.ocore.dev/api/api-keys/<string>" \
  -H "Authorization: <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "mcpActive": true,
    "mcpAllowlistMode": "string",
    "mcpInstanceIds": [
      "string"
    ],
    "mcpPermissions": [
      "string"
    ],
    "mcpPreset": "string",
    "mcpProjectIds": [
      "string"
    ],
    "mcpReadOnly": true,
    "mcpToolAllowlist": [
      "string"
    ],
    "name": "string",
    "permissions": [
      "string"
    ]
  }'

OK

{
  "createdAt": "string",
  "expiresAt": "string",
  "id": "string",
  "lastUsedAt": "string",
  "mcpActive": true,
  "mcpAllowlistMode": "string",
  "mcpInstanceIds": [
    "string"
  ],
  "mcpPermissions": [
    "string"
  ],
  "mcpPreset": "string",
  "mcpProjectIds": [
    "string"
  ],
  "mcpReadOnly": true,
  "mcpReconnectRequired": true,
  "mcpReconnectRequiredMessage": "string",
  "mcpToolAllowlist": [
    "string"
  ],
  "name": "string",
  "permissions": [
    "string"
  ],
  "prefix": "string",
  "scope": "string"
}

Toggle tenant API key active state

Pauses or resumes MCP access for one API key in the current organization.

PATCH
/api-keys/{id}/toggle-active

Authorization

Authorization<token>

JWT Bearer token (format: Bearer {token})

In: header

Path Parameters

idRequiredstring

API key ID

curl -X PATCH "//api.ocore.dev/api/api-keys/<string>/toggle-active" \
  -H "Authorization: <token>"

OK

{
  "createdAt": "string",
  "expiresAt": "string",
  "id": "string",
  "lastUsedAt": "string",
  "mcpActive": true,
  "mcpAllowlistMode": "string",
  "mcpInstanceIds": [
    "string"
  ],
  "mcpPermissions": [
    "string"
  ],
  "mcpPreset": "string",
  "mcpProjectIds": [
    "string"
  ],
  "mcpReadOnly": true,
  "mcpReconnectRequired": true,
  "mcpReconnectRequiredMessage": "string",
  "mcpToolAllowlist": [
    "string"
  ],
  "name": "string",
  "permissions": [
    "string"
  ],
  "prefix": "string",
  "scope": "string"
}

Was this page helpful?
Edit on GitHub

Roles

Previous Page

Audit

Next Page