API Reference
API Reference
Section titled “API Reference”Complete reference for all Scalekit API endpoints
Connections APIs
Section titled “Connections APIs”-
Retrieves a list of connections in the environment
GET/api/v1/connections
Connections -
Retrieves the complete configuration and status details for a specific connection by its ID within an organization. Returns all connection properties including provider settings, protocols, and current status.
GET/api/v1/organizations/{organization_id}/connections/{id}
Connections -
Deactivate an existing connection for the specified organization. When disabled, users cannot authenticate using this connection. This endpoint changes the connection state from enabled to disabled without modifying other configuration settings
PATCH/api/v1/organizations/{organization_id}/connections/{id}:disable
Connections -
Activate an existing connection for the specified organization. When enabled, users can authenticate using this connection. This endpoint changes the connection state from disabled to enabled without modifying other configuration settings
PATCH/api/v1/organizations/{organization_id}/connections/{id}:enable
Connections
Organizations APIs
Section titled “Organizations APIs”-
Retrieve a paginated list of organizations within your environment. The response includes a `page_token` that can be used to access subsequent pages of results.
GET/api/v1/organizations
Organizations -
Creates a new organization in your environment. Use this endpoint to add a new tenant that can be configured with various settings and metadata
POST/api/v1/organizations
Organizations -
Retrieves organization details by Scalekit ID, including name, region, metadata, and settings
GET/api/v1/organizations/{id}
Organizations -
Remove an existing organization from the environment using its unique identifier
DELETE/api/v1/organizations/{id}
Organizations -
Updates an organization's display name, external ID, or metadata. Requires a valid organization identifier. Region code cannot be modified through this endpoint.
PATCH/api/v1/organizations/{id}
Organizations -
Creates a time-limited Admin Portal URL for IT administrators to configure and manage Single Sign-On (SSO) connections within their organization. Generated links expire after 7 days (168 hours).
PUT/api/v1/organizations/{id}/portal_links
Organizations -
Updates configuration settings for an organization. Supports modifying SSO configuration, directory synchronization settings, and session parameters. Requires organization ID and the specific settings to update.
PATCH/api/v1/organizations/{id}/settings
Organizations
Directory APIs
Section titled “Directory APIs”-
List Organization Directories
GET/api/v1/organizations/{organization_id}/directories
Directory -
Retrieves all groups from a specified directory. Use this endpoint to view group structures from your connected identity provider.
GET/api/v1/organizations/{organization_id}/directories/{directory_id}/groups
Directory -
Retrieves a list of all users within a specified directory for an organization. This endpoint allows you to view user accounts associated with your connected Directory Providers.
GET/api/v1/organizations/{organization_id}/directories/{directory_id}/users
Directory -
Retrieves detailed information about a specific directory within an organization
GET/api/v1/organizations/{organization_id}/directories/{id}
Directory -
Stops synchronization of users and groups from a specified directory within an organization. This operation prevents further updates from the connected Directory provider
PATCH/api/v1/organizations/{organization_id}/directories/{id}:disable
Directory -
Activates a directory within an organization, allowing it to synchronize users and groups with the connected Directory provider
PATCH/api/v1/organizations/{organization_id}/directories/{id}:enable
Directory
M2M APIs
Section titled “M2M APIs”-
Creates a new M2M client for an organization. This endpoint registers a new client application that can securely access your API on behalf of the organization. The response includes a client ID and secret that should be used for OAuth 2.0 client credentials flow. The plain secret is only returned once during creation and must be stored securely.
POST/api/v1/organizations/{organization_id}/clients
M2M -
Retrieves the configuration details for an organization's M2M client. This endpoint returns the client's metadata, including its scopes, audience values, custom claims, and associated secrets. Use this to verify client settings or retrieve the list of active secrets.
GET/api/v1/organizations/{organization_id}/clients/{client_id}
M2M -
Permanently deletes an M2M client from an organization. This operation cannot be undone and will revoke all access for the client. All associated secrets will also be invalidated. Use this endpoint to remove unused or compromised clients.
DELETE/api/v1/organizations/{organization_id}/clients/{client_id}
M2M -
Updates the configuration settings for an organization's M2M client. This endpoint allows you to modify client properties such as scopes, audience values, and custom claims. Use this to adjust access permissions or update metadata for the client. Note that client_id and create_time are immutable and cannot be modified.
PATCH/api/v1/organizations/{organization_id}/clients/{client_id}
M2M -
Create a Secret for Organization M2M Client
Section titled “ Create a Secret for Organization M2M Client ”Generates a new client secret for an organization's M2M client. This endpoint creates a secure credential that can be used for OAuth 2.0 client credentials flow. The plain secret is only returned once during creation and should be stored securely by the client application. Use this endpoint to rotate secrets or create additional credentials for different environments.
POST/api/v1/organizations/{organization_id}/clients/{client_id}/secrets
M2M -
Delete an Organization M2M Client Secret
Section titled “ Delete an Organization M2M Client Secret ”Permanently deletes a client secret for an organization's M2M client. This operation cannot be undone. Use this endpoint to remove compromised or unused secrets. After deletion, the secret can no longer be used for authentication. Consider creating a new secret before deleting the old one to avoid service interruption.
DELETE/api/v1/organizations/{organization_id}/clients/{client_id}/secrets/{secret_id}
M2M
Passwordless Auth APIs
Section titled “Passwordless Auth APIs”-
Send a verification email containing either a verification code (OTP), magic link, or both to a user's email address
POST/api/v1/passwordless/email/send
Passwordless Auth -
Resend a verification email if the user didn't receive it or if the previous code/link has expired
POST/api/v1/passwordless/email/resend
Passwordless Auth -
Verify a user's identity using either a verification code or magic link token
POST/api/v1/passwordless/email/verify
Passwordless Auth