API Reference

API Overview

MCP Ambassador exposes two REST APIs: the Admin API for system management and the User API for client operations.


Base URLs

APIBase URLAuthentication
Admin APIhttps://your-host:9443/v1/adminAdmin session cookie or X-Admin-Key header
Client APIhttps://your-host:8443/v1X-Session-Token: amb_st_...

Authentication

Admin API

Admin endpoints require either:

  1. Session cookie — obtained by logging in via POST /v1/admin/login
  2. Admin API keyX-Admin-Key: adminkey_XXXXXXXXXXXXXXXX (less preferred)
# Login and get session cookie
curl -k -c cookies.txt \
  -X POST https://localhost:9443/v1/admin/login \
  -H "Content-Type: application/json" \
  -d '{"username": "admin", "password": "admin123"}'

# Use session cookie for subsequent requests
curl -k -b cookies.txt https://localhost:9443/v1/admin/users

Client API (Ambassador Client)

Client endpoints use ephemeral session tokens:

# Register (first time, with preshared key)
curl -k -X POST https://localhost:8443/v1/clients/register \
  -H "Content-Type: application/json" \
  -d '{
    "friendly_name": "VS Code - Dev Laptop",
    "host_tool": "vscode",
    "preshared_key": "amb_pk_your_key_here"
  }'
# → {"session_token": "amb_st_...", "user_id": "...", "ca_fingerprint": "..."}

# Fetch tool catalog
curl -k https://localhost:8443/v1/tools \
  -H "X-Session-Token: amb_st_your_token"

# Invoke a tool
curl -k -X POST https://localhost:8443/v1/tools/call \
  -H "X-Session-Token: amb_st_your_token" \
  -H "Content-Type: application/json" \
  -d '{"tool": "github.search_code", "arguments": {"query": "authentication"}}'

Admin API — Key Endpoints

Users

MethodPathDescription
GET/v1/admin/usersList all users
POST/v1/admin/usersCreate a user
GET/v1/admin/users/:idGet user details
PUT/v1/admin/users/:idUpdate user
DELETE/v1/admin/users/:idDeactivate user
POST/v1/admin/users/:id/reset-passwordReset user password

Groups

MethodPathDescription
GET/v1/admin/groupsList all groups
POST/v1/admin/groupsCreate a group
PUT/v1/admin/groups/:id/membersAdd/remove members
PUT/v1/admin/groups/:id/mcpsAssign MCPs to group

MCP Catalog

MethodPathDescription
GET/v1/admin/mcpsList all MCPs in catalog
POST/v1/admin/mcpsAdd MCP to catalog
POST/v1/admin/mcps/:id/validateValidate MCP connectivity
POST/v1/admin/mcps/:id/publishPublish MCP to marketplace
POST/v1/admin/mcps/:id/archiveArchive MCP
PUT/v1/admin/mcps/:id/tools/:tool/killKill switch a specific tool
PUT/v1/admin/mcps/:id/killKill switch entire MCP

Audit Logs

MethodPathDescription
GET/v1/admin/auditQuery audit log (paginated)
GET/v1/admin/audit?type=tool_invocationFilter by event type
GET/v1/admin/audit?user=aliceFilter by user

User API — Key Endpoints

Clients

MethodPathDescription
POST/v1/clients/registerRegister a new client
GET/v1/clientsList user's clients
DELETE/v1/clients/:idDeactivate a client
POST/v1/session/heartbeatKeep session alive

Tools

MethodPathDescription
GET/v1/toolsGet personalized tool catalog
POST/v1/tools/callInvoke a tool

Subscriptions

MethodPathDescription
GET/v1/marketplaceBrowse available MCPs
POST/v1/subscriptionsSubscribe to an MCP
GET/v1/subscriptionsList active subscriptions
PUT/v1/subscriptions/:idUpdate tools/credentials
DELETE/v1/subscriptions/:idUnsubscribe

Health check

curl -k https://localhost:8443/health
# → {"status":"ok","version":"0.8.0-beta.1"}

curl -k https://localhost:9443/health
# → {"status":"ok","version":"0.8.0-beta.1","admin":true}

Full API reference

For complete request/response schemas and error codes, see the Admin API Reference and User API Reference.

Previous
Configuration