Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.linquid.io/llms.txt

Use this file to discover all available pages before exploring further.

OAuth Provider and Apps

This module includes two surfaces:
  • OAuth provider endpoints used by third-party clients
  • Workspace OAuth app management endpoints

Provider endpoints

  • GET /api/oauth/authorize
  • POST /api/oauth/authorize
  • POST /api/oauth/token
  • GET /api/oauth/userinfo
  • POST /api/oauth/revoke
Provider flow supports Authorization Code and PKCE patterns.

OAuth app management endpoints

  • GET /api/oauth/apps
  • POST /api/oauth/apps
  • GET /api/oauth/apps/:id
  • PATCH /api/oauth/apps/:id
  • DELETE /api/oauth/apps/:id
  • POST /api/oauth/apps/:id/rotate-secret

Permissions

  • integrations:read: list/get OAuth apps
  • integrations:manage: create/update/delete/rotate app secret

Key lifecycle behavior

  • New clientSecret is returned only on create and rotate.
  • Redirect URI allowlist is enforced during authorize flow.
  • Scope requests are validated at authorize/token stages.

UserInfo and revoke

  • /userinfo requires valid bearer access token and proper scopes.
  • /revoke follows OAuth revocation behavior and invalidates token material.

Common errors

  • 400: malformed authorize/token payload
  • 401: invalid client credentials
  • 403: insufficient scopes
  • 404: OAuth app not found in workspace scope