Skip to content

Endpoint reference

The integration HTTP surface exposed by the Fabric gateway. All routes run the same governed pipeline and require authentication unless noted. Base paths and host names come from your deployment’s connection info.

Surface Routes
MCP (Streamable HTTP) POST /mcp
MCP (SSE compat) GET /sse + POST /messages?session=…
Purpose Route
Authorization-server discovery GET /.well-known/oauth-authorization-server
Protected-resource metadata GET /.well-known/oauth-protected-resource
Dynamic Client Registration POST /oauth/register
Consent (org / dept / project picker) GET|POST /oauth/authorize
Token (PKCE S256, refresh rotation) POST /oauth/token
Purpose Route
Query context (read-only) POST /v1/query-context
Save context (Simple mode only) POST /v1/save-context
Define / commit ontology POST /v1/ontology
Live docs / examples / status POST /v1/docs
Purpose Route
Connection info (public, no secrets) GET /v1/connection-info
Read / set project mode (admin) GET|PUT /v1/projects/{projectId}/mode
Generate project-scoped API key (admin JWT → fab_sk_…) POST /v1/apikeys
Purpose Route
Approvals (list) GET /v1/approvals
Approve / reject POST /v1/approvals/{id}/approve|reject
Lifecycle inspection GET /v1/lifecycles/{id}
Audit log GET /v1/audit
Audit chain verification GET /v1/audit/verify
Policy decisions GET /v1/policy-decisions