API Reference
The AgentBridge REST API follows predictable conventions. All requests use JSON bodies. All responses return a consistent envelope. This page covers the global rules that apply to every endpoint.
Base URL #
All API endpoints are relative to this base URL. The API is served exclusively over HTTPS — plain HTTP requests receive a 301 Moved Permanently redirect. HSTS is enabled with a max-age of one year and includeSubDomains. All data is hosted in AWS ap-south-1 (Mumbai).
If you are using the TypeScript SDK, the base URL is configured automatically. You can override it via the baseUrl constructor option for testing or self-hosted deployments.
Versioning #
The current API is v1. There is no version prefix in the URL — all endpoints are available directly under the base URL (e.g. /api/mcp/execute, not /v1/api/mcp/execute).
When breaking changes are introduced in the future, they will be published under a versioned path prefix (e.g. /v2/) with a minimum 6-month deprecation notice and migration guide. Non-breaking additions (new fields in responses, new optional parameters, new endpoints) are made to v1 without versioning.
Request Format #
- All request bodies must be valid JSON (UTF-8 encoded)
- Set
Content-Type: application/jsonon every POST, PUT, and PATCH request - Authenticate with
Authorization: Bearer <your-api-key>(see Authentication) - Query parameters use standard URL encoding
- Request body size limit: 1 MB
curl -X POST https://api.agentbridge.in/api/mcp/execute \
-H "Authorization: Bearer ab_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"provider": "slack",
"tool": "send_message",
"params": {
"channel": "C012AB3CD",
"text": "Hello from AgentBridge"
}
}'Response Format #
Success Response #
Successful responses return HTTP 200 or 201 with a JSON envelope:
{
"status": "success",
"data": { /* endpoint-specific payload */ },
"latencyMs": 247,
"executionId": "exec_01HXZ..."
}"success" for successful responses.
/mcp/execute responses. Unique identifier for the execution, usable for log lookup.
Error Response #
Errors return the appropriate HTTP status code with a JSON error envelope:
{
"statusCode": 422,
"message": "Provider returned an error",
"error": "Unprocessable Entity",
"providerError": {
"code": "object_not_found",
"message": "Could not find page with ID: abc123"
}
}422 responses. Contains the raw error body from the upstream provider. Shape varies by provider.
See the Error Reference for the complete error catalog with provider-specific examples.
All Endpoints #
| Method | Path | Description | Auth |
|---|---|---|---|
| POST | /auth/signup |
Create a new AgentBridge account | None |
| POST | /auth/login |
Log in and receive a JWT session cookie | None |
| POST | /auth/logout |
Invalidate the current JWT session | JWT |
| POST | /api/mcp/execute |
Execute a tool on a connected provider | Bearer |
| GET | /integrations/providers |
List all available MCP providers and their tools | Bearer / JWT |
| POST | /integrations |
Create a new integration (store OAuth tokens) | Bearer / JWT |
| DELETE | /integrations/:providerId |
Disconnect and remove an integration | Bearer / JWT |
| GET | /logs |
List execution logs with pagination | Bearer / JWT |
| GET | /logs/:id |
Get a single execution log by ID | Bearer / JWT |
| GET | /api-keys |
List all API keys for the authenticated account | Bearer / JWT |
| POST | /api-keys |
Create a new API key | Bearer / JWT |
| DELETE | /api-keys/:id |
Revoke and delete an API key | Bearer / JWT |
HTTP Status Codes #
| Status | Meaning | Common Cause | Retryable |
|---|---|---|---|
| 200 | OK | Request succeeded; data in response body | N/A |
| 201 | Created | Resource created successfully (API key, integration) | N/A |
| 400 | Bad Request | Missing or invalid request body parameters | No |
| 401 | Unauthorized | API key missing, malformed, or revoked | No |
| 403 | Forbidden | API key scope insufficient for this operation | No |
| 404 | Not Found | Resource not found, or provider integration not connected | No |
| 409 | Conflict | Integration for this provider already exists | No |
| 422 | Unprocessable Entity | Provider returned an error (check providerError) | No |
| 429 | Too Many Requests | Rate limit exceeded; retry after X-RateLimit-Reset | Yes |
| 500 | Internal Server Error | AgentBridge server error; safe to retry with backoff | Yes |
| 502 | Bad Gateway | Upstream provider API unreachable or returned invalid response | Yes |
Pagination #
Endpoints that return lists (e.g. GET /logs, GET /api-keys) support offset-based pagination via page and limit query parameters.
1.
20. Maximum: 100.
The response envelope for paginated endpoints includes total count and current position:
{
"status": "success",
"data": {
"data": [ /* array of items */ ],
"total": 84,
"page": 2,
"limit": 20
},
"latencyMs": 43
}curl "https://api.agentbridge.in/logs?page=2&limit=50" \
-H "Authorization: Bearer ab_live_xxxx"To calculate whether more pages exist, check if page * limit < total. If true, increment page and make another request.
Content Negotiation #
The API always responds with Content-Type: application/json; charset=utf-8. All responses are JSON. Do not set Accept headers that exclude JSON — requests with an Accept header that cannot be satisfied will receive a 406 Not Acceptable response.
Request bodies must also be JSON. Sending Content-Type: application/x-www-form-urlencoded or multipart/form-data will result in a 400 Bad Request error.