User API
The User API allows you to programmatically access and manage user-scoped resources such as MCP servers, toolkits, commands, skills, and integration connections.
Unlike the admin Webrix API which operates at the organization level, the User API operates in the context of a specific user and returns only the resources accessible to that user.
Authentication
All User API endpoints require two headers:
1. Authorization Token
The same Bearer token used for the Webrix API. Include it in the Authorization header:
Authorization: Bearer wxt_xxxxx
2. User Email
A required x-user-email header that identifies which user's resources to access:
x-user-email: [email protected]
The user must belong to the organization associated with the API token.
Required Scopes
User API endpoints require the following permission scopes:
| Operation | Required Scope |
|---|---|
| Read (GET) | connect:read |
| Write (POST, PATCH, DELETE) | connect:write |
Tokens with the all scope have full access to all User API endpoints. The connect:write scope automatically includes connect:read.
Base URL
All User API endpoints are served from the Connect application:
https://{org}.mcp-s.com/api/
Pagination
List endpoints support cursor-based pagination with the following query parameters:
limit— Maximum number of items to return (default: 50, max: 100)cursor— Opaque cursor for the next page of results
The response includes a pagination object:
{
"data": [...],
"pagination": {
"limit": 50,
"nextCursor": "50"
}
}
When nextCursor is null, there are no more results.
Authentication
- HTTP: Bearer Auth
API token authentication. Tokens are prefixed with wxt_ and can be generated from Admin Settings.
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | bearer |
Required Headers
| Header | Description |
|---|---|
Authorization | Bearer token for authentication |
x-user-email | Email address of the user to act on behalf of |