Admin API

The Admin API provides REST endpoints for managing RouterMCP resources.

Projects

GET /api/projects

List all projects for the authenticated user.

Response:

{
  "projects": [
    {
      "id": "uuid",
      "name": "My Project",
      "slug": "my-project",
      "authMode": "api_key",
      "createdAt": "2024-01-01T00:00:00Z",
      "serverCount": 3,
      "toolCount": 15
    }
  ]
}

POST /api/projects

Create a new project.

Request:

{
  "name": "My Project",
  "slug": "my-project",
  "authMode": "api_key"
}

Validation:

name: 1-100 characters
slug: 1-50 characters, lowercase, alphanumeric + hyphens, must be unique
authMode: "none" or "api_key"

GET /api/projects/:id

Get project details.

PATCH /api/projects/:id

Update project details.

Request:

{
  "name": "Updated Name",
  "authMode": "none"
}

DELETE /api/projects/:id

Delete a project (cascade deletes servers, tools, keys, audit events).

Servers

GET /api/projects/:projectId/servers

List all MCP servers for a project.

Response:

{
  "servers": [
    {
      "id": "uuid",
      "projectId": "uuid",
      "alias": "github",
      "baseUrl": "https://mcp.github.com",
      "transport": "http",
      "authType": "bearer",
      "createdAt": "2024-01-01T00:00:00Z",
      "toolCount": 10
    }
  ]
}

POST /api/projects/:projectId/servers

Add a new MCP server.

Request:

{
  "alias": "github",
  "baseUrl": "https://mcp.github.com",
  "transport": "http",
  "authType": "bearer",
  "authBearer": "secret-token-123"
}

Validation:

alias: 1-50 characters, alphanumeric + hyphens, unique within project
baseUrl: Valid HTTPS URL
transport: "http" or "sse"
authType: "none", "bearer", or "oauth"

Side Effects:

Health check performed on server
Tools discovered via tools/list call
All discovered tools enabled by default

POST /api/servers/:id/sync

Manually sync tools from the upstream server.

Tools

GET /api/servers/:serverId/tools

List all tools for a server.

Query Parameters:

enabled (boolean, optional): Filter by enabled status

Response:

{
  "tools": [
    {
      "id": "uuid",
      "serverId": "uuid",
      "name": "create_issue",
      "description": "Create a new issue",
      "inputSchema": { "type": "object" },
      "enabled": true,
      "createdAt": "2024-01-01T00:00:00Z"
    }
  ]
}

PATCH /api/tools/:id

Update tool configuration (enable/disable).

Request:

{
  "enabled": false
}

API Keys

GET /api/projects/:projectId/keys

List all API keys for a project.

Response:

{
  "keys": [
    {
      "id": "uuid",
      "projectId": "uuid",
      "name": "Production Key",
      "keyPrefix": "rmc_1234",
      "createdAt": "2024-01-01T00:00:00Z",
      "lastUsedAt": "2024-01-02T10:30:00Z"
    }
  ]
}

POST /api/projects/:projectId/keys

Create a new API key.

Request:

{
  "name": "Production Key"
}

Response:

{
  "key": {
    "id": "uuid",
    "name": "Production Key",
    "keyPrefix": "rmc_1234",
    "keyValue": "rmc_1234567890abcdef1234567890abcdef",
    "createdAt": "2024-01-01T00:00:00Z"
  }
}

Important: The keyValue is only returned once. Store it securely.

DELETE /api/projects/:projectId/keys/:id

Delete an API key.

Activity (Audit Logs)

GET /api/projects/:projectId/activity

List audit events for a project.

Query Parameters:

limit (number, default: 50, max: 100)
offset (number, default: 0)
action (string, optional): Filter by action type

Event Actions:

tool.call - Tool execution
server.create / server.update / server.delete - Server changes
server.sync - Tools synced
key.create / key.delete - API key changes
project.update - Project updated

OAuth

POST /api/servers/:serverId/oauth/discover

Discover OAuth configuration for an upstream server.

POST /api/servers/:serverId/oauth/authorize/start

Start OAuth authorization flow.

Request:

{
  "redirectUri": "https://dashboard.example.com/oauth/callback"
}

Response:

{
  "authorizeUrl": "https://auth.example.com/authorize?...",
  "state": "uuid"
}

Health Check

GET /health

{
  "ok": true
}

Rate Limiting

Rate limiting is enforced per-project.

Response Headers:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1609459200

Pagination

List endpoints support pagination:

limit (number): Items per page
offset (number): Items to skip

Response:

{
  "items": [...],
  "total": 1234,
  "limit": 50,
  "offset": 0
}

Admin API Reference - Projects, Servers & Keys

Admin API

Projects

GET /api/projects

POST /api/projects

GET /api/projects/:id

PATCH /api/projects/:id

DELETE /api/projects/:id

Servers

GET /api/projects/:projectId/servers

POST /api/projects/:projectId/servers

POST /api/servers/:id/sync

Tools

GET /api/servers/:serverId/tools

PATCH /api/tools/:id

API Keys

GET /api/projects/:projectId/keys

POST /api/projects/:projectId/keys

DELETE /api/projects/:projectId/keys/:id

Activity (Audit Logs)

GET /api/projects/:projectId/activity

OAuth

POST /api/servers/:serverId/oauth/discover

POST /api/servers/:serverId/oauth/authorize/start

Health Check

GET /health

Rate Limiting

On this page