ApiServer oauth
Handle server OAuth callback
Process the OAuth provider redirect after user authorization. Exchanges the code for tokens, encrypts them, and stores a user connection.
Path Parameters
oauth_app_alias*string
Query Parameters
code?|
Authorization code
state?|
CSRF state token
error?|
OAuth error
error_description?|
OAuth error description
Response Body
application/json
application/json
curl -X GET "https://loading/api/v1/oauth/callback/string"null{
"detail": [
{
"loc": [
"string"
],
"msg": "string",
"type": "string"
}
]
}Initiate server OAuth flow
Start the OAuth authorization flow to connect the current user's external account to an MCP server. Uses PKCE and database-stored state for security.
Clean up expired sessions
Soft delete all expired sessions. Requires admin role. This is an API-only endpoint for programmatic access — no frontend UI currently consumes it.