Version: 1.0.0
Webrix API
The Webrix API allows you to programmatically manage MCP servers and other resources in your organization.
Authentication
All API endpoints require authentication using a Bearer token. You can generate API tokens from the Admin Settings in your Webrix dashboard.
Include your token in the Authorization header:
Authorization: Bearer wxt_xxxxx
See API Tokens for more details on generating and managing tokens.
Permission Scopes
API tokens can be created with specific permission scopes to limit their access. When generating a token, select one or more scopes:
| Scope | Description |
|---|---|
all | Full access to all API operations |
admin:read | Read-only access to admin resources (MCP Servers, Toolkits, Skills, Users, Groups, Policies, Commands) |
admin:write | Read & write access to admin resources (includes admin:read and admin:scim) |
admin:scim | SCIM provisioning access only (Users and Groups via SCIM) |
connect:read | Read-only access to user-scoped resources via the User API |
connect:write | Read & write access to user-scoped resources (includes connect:read) |
Scope Hierarchy
allgrants every scope.admin:writeautomatically includesadmin:readandadmin:scim.connect:writeautomatically includesconnect:read.
Required Scopes by Endpoint
| Endpoints | Read (GET) | Write (POST/PATCH/DELETE) |
|---|---|---|
| MCP Servers, Toolkits, Skills, Users, Groups, Policies, Commands | admin:read | admin:write |
SCIM (/scim/v2/*) | admin:scim | admin:scim |
| User API (User MCP Servers, Toolkits, Skills, Commands, etc.) | connect:read | connect:write |
Authentication
- HTTP: Bearer Auth
API token authentication. Tokens are prefixed with wxt_ and can be generated from Admin Settings.
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | bearer |