The OrgX REST API is in Public Preview. Endpoints, authentication,
errors, pagination, idempotency, and webhook conventions are documented
publicly so integrations can be built and reviewed before General
Availability.
API Surfaces
| Surface | Endpoint | Best for | Status |
|---|---|---|---|
| MCP API | https://mcp.useorgx.com/mcp | AI clients, agent tools, widgets, approval flows | Public Preview |
| REST API | https://useorgx.com/api/client | System integrations, local clients, dashboards, runtime bridges | Public Preview |
| Webhooks | Customer-provided HTTPS endpoint | Event delivery to external systems | Public Preview |
At a Glance
| Topic | Contract |
|---|---|
| Authentication | REST uses user-scoped API keys in Authorization: Bearer oxk_.... MCP uses OAuth 2.1 with PKCE. |
| Data scope | Every request is scoped to the authenticated user and workspace. |
| Request format | JSON request bodies with Content-Type: application/json. |
| Response format | JSON. Most preview REST endpoints return either { "ok": true, "data": ... } or a resource-specific JSON object. |
| Versioning | Public Preview uses the current stable preview contract. OrgX-Version is reserved for integrations that pin a contract date as versioned compatibility hardens. |
| Idempotency | Use client-generated idempotency keys where an endpoint documents support. Cross-endpoint retry semantics are being standardized during Public Preview. |
| Pagination | List endpoints use limit, offset, total, and pagination.has_more where available. |
| Rate limits | Preview limits are conservative: reads are higher than writes, and agent dispatch has tighter limits. |
| Sandbox | Use a sandbox workspace and test API key for reviewer, CI, and demo integrations. |
First REST Call
Use the bootstrap endpoint to prove authentication, workspace resolution, and integration readiness:First MCP Calls
For AI clients, start with MCP. These calls orient the model before it reads or writes work:workspace action=getconfirms the active workspace and auth context.orgx_recommendreturns initiatives, agents, and recent activity.orgx_searchwithtype=decision,status=pendingshows work awaiting review.
Public Preview Resource Map
| Resource | REST | MCP | Notes |
|---|---|---|---|
| Workspaces | /api/client/bootstrap | workspace | Resolve current workspace and client setup state. |
| Initiatives | /api/client/live/initiatives | orgx_search, orgx_recommend | Read portfolio state and progress. |
| Decisions | MCP-first | orgx_decide, orgx_decide, orgx_decide | REST decision resources are graduating during Public Preview. |
| Agents | /api/client/live/agents, /api/client/spawn | orgx_spawn, orgx_spawn | Read status and preflight agent dispatch. |
| Artifacts | /api/client/artifacts | artifact resources and approval tools | Register artifacts and fetch entity-linked outputs. |
| Memory | /api/client/tools/execute | orgx_search, orgx_search | Search org context through governed tools. |
| Webhooks | Webhooks | N/A | Event delivery for external systems. |
Authentication Choices
REST API keys
Generate a user-scoped
oxk_... API key in OrgX settings and send it as a
bearer token to /api/client/*.MCP OAuth
Connect ChatGPT, Claude, Cursor, VS Code, or another MCP client through
OAuth 2.1 with PKCE.
Status and Compatibility
Public Preview means:- The docs are public and reviewable.
- Preview endpoints are intended for real integrations.
- Breaking changes are still possible before GA, but they will be documented.
- Production workspace data always requires authentication.
- Customer data is never available through anonymous API calls.