request_id

Details rendered by the OAuth consent page.

Access-Control-Allow-Headers header. This is a comma-separated list of headers.

The Content-Location header for responses that are not the final destination. This is used to indicate where the resource can be found, when it is finished.

The location header for redirects and letting users know if there is a websocket they can listen to for status updates on their operation.

ID for this request. We return it so that users can report this to us and help us debug their problems.

Get a pending OAuth 2.0 authorization request for the consent page.

Result of approving or denying an OAuth authorization request.

Approve a pending OAuth 2.0 authorization request.

Deny a pending OAuth 2.0 authorization request.

response_type

The OAuth 2.0 authorization response type.

client_id

redirect_uri

Opaque client state to round-trip back to the client.

state

scope

OAuth 2.0 scopes encoded as a space-delimited string.

code_challenge

code_challenge_method

Start an OAuth 2.0 authorization code flow with PKCE.

This endpoint is designed to be accessed from an *unauthenticated* API client. It generates and records a `device_code` and `user_code` which must be verified and confirmed prior to a token being granted.

The request parameters for the OAuth 2.0 Device Authorization Grant flow.

Start an OAuth 2.0 Device Authorization Grant.

This endpoint is designed to be accessed by the user agent (browser), not the client requesting the token. So we do not actually return the token here; it will be returned in response to the poll on `/oauth2/device/token`.

The request parameters to confirm the `user_code` for the OAuth 2.0 Device Authorization Grant.

Confirm an OAuth 2.0 Device Authorization Grant.

This endpoint should be polled by the client until the user code is verified and the grant is confirmed.

The form for a device access token request.

Request a device access token.

This endpoint should be accessed in a full user agent (e.g., a browser). If the user is not logged in, we redirect them to the login page and use the `callback_url` parameter to get them to the UI verification form upon logging in. If they are logged in, we redirect them to the UI verification form on the website.

user_code

app_name

Verify an OAuth 2.0 Device Authorization Grant.

provider

The ZooCorp account provider (aka https://auth.corp.zoo.dev).

Test provider for integration tests (only available during testing).

code

The state that we had passed in through the user consent URL.

For Apple only, a JSON web token containing the user’s identity information.

id_token

For Apple only, a JSON string containing the data requested in the scope property. The returned data is in the following format: `{ "name": { "firstName": string, "lastName": string }, "email": string }`

user

Listen for callbacks for the OAuth 2.0 provider.

This specific endpoint listens for posts of form data.

The authentication callback from the OAuth 2.0 client. This is typically posted to the redirect URL as query params after authenticating.

The URL to redirect back to after we have authenticated.

callback_url

Get the consent URL and other information for the OAuth 2.0 provider.

Exchange an authorization code or refresh token for an OAuth 2.0 access token.

This endpoint is designed to be accessed from an *unauthenticated* API client.

The request parameters for the OAuth 2.0 token revocation flow.

Revoke an OAuth2 token.

This endpoint is called when a user clicks the verification link sent to their email after attempting to log in with OAuth when an existing account with the same email was found. This endpoint validates the token, links the OAuth account to the user, and creates a session.

token

Optional callback URL to redirect to after verification

Verify OAuth account linking and complete the authentication.

This endpoint requires authentication by an org member. It lists the organization's active public OAuth apps.

Maximum number of items returned by a single call

limit

Token returned by previous call to retrieve the subsequent page

page_token

sort_by

Supported set of sort modes for scanning by created_at only.

Currently, we only support scanning in ascending order.

Sort in increasing order of "created_at".

Sort in decreasing order of "created_at".

List org OAuth apps.

This endpoint requires authentication by an org admin. It creates an active public OAuth app owned by the authenticated organization.

Request body for creating a public OAuth app.

Create an org OAuth app.

This endpoint requires authentication by an org member. It returns the organization's active public OAuth app by client ID.

Get an org OAuth app.

This endpoint requires authentication by an org admin. It updates the configuration of the organization's active public OAuth app.

Request body for updating a public OAuth app.

Update an org OAuth app.

This endpoint requires authentication by an org admin. It deactivates the organization's active public OAuth app.

Delete an org OAuth app.

This endpoint requires Zoo admin authentication. It returns the target organization's active OAuth apps for admin dashboard inspection.

List OAuth 2.0 apps owned by an organization.

This endpoint requires authentication by any Zoo user. It lists the authenticated user's active public OAuth apps.

List personal OAuth apps.

This endpoint requires authentication by any Zoo user. It creates an active public OAuth app owned by the authenticated user.

Create a personal OAuth app.

This endpoint requires authentication by any Zoo user. It returns the authenticated user's active public OAuth app by client ID.

Get a personal OAuth app.

This endpoint requires authentication by any Zoo user. It updates the configuration of the authenticated user's active public OAuth app.

Update a personal OAuth app.

This endpoint requires authentication by any Zoo user. It deactivates the authenticated user's active public OAuth app.

Delete a personal OAuth app.

This endpoint requires Zoo admin authentication. It returns the target user's active OAuth apps so the admin dashboard can inspect them without impersonating the user.

List OAuth 2.0 apps owned by a user.

Endpoints that implement OAuth 2.0 grant flows.

oauth2

Oauth2

Zookeeper

Zookeeper: The Conversational CAD Agent For Parametric Modeling

Automation

Automating Your Workflow

File Formats

A Practical Overview of CAD File Formats

KCL: A Programming Language for Parametric CAD