Skip to main content
Kontext is the identity control plane for AI agents. The Management API gives you programmatic control over applications, integrations, policies, service accounts, sessions, and traces, so control-plane configuration can be automated in code. Everything you can do in the dashboard is available through the API.

Base URL

https://api.kontext.dev/api/v1
All paths in this reference are relative to this base.

Authentication

Every request requires a Bearer token in the Authorization header. You can use either:
  • A service account token obtained via client credentials grant
  • A user token obtained via the Authorization Code + PKCE flow
curl https://api.kontext.dev/api/v1/applications \
  -H "Authorization: Bearer ory_at_..."
To get a service account token, see Service Accounts. For user tokens, see Authentication.

Response format

Successful responses return JSON.
  • Single-resource endpoints usually return a named wrapper (for example { "application": { ... } } or { "integration": { ... } }).
  • List endpoints return { "items": [...] }.
  • Cursor-paginated list endpoints also include nextCursor.
Example paginated list response: 
{
  "items": [...],
  "nextCursor": "eyJpZCI6Ijk..."
}

Pagination

Cursor-paginated list endpoints use two query parameters:
ParameterTypeDefaultDescription
limitinteger50Items per page (1—200)
cursorstringCursor from a previous response’s nextCursor (when supported)
Some list endpoints are not cursor-paginated and ignore cursor.

Error format

Errors return a JSON object with a message field and an appropriate HTTP status code: 
{
  "message": "Application not found",
  "statusCode": 404
}
Common status codes:
CodeMeaning
400Invalid request body or parameters
401Missing or invalid token
403Insufficient permissions
404Resource not found
409Conflict (duplicate name, etc.)
429Rate limit exceeded

Management SDK

If you prefer a typed client over raw HTTP, the Management SDK wraps every endpoint in this reference: 
import { KontextManagementClient } from "@kontext-dev/js-sdk/management";

const client = new KontextManagementClient({
  baseUrl: "https://api.kontext.dev",
  credentials: { clientId: "sa_xxx", clientSecret: "secret" },
});

const { items } = await client.applications.list();
Role and scope requirements vary by endpoint and token type. See each resource page for exact requirements.