Documentation Index
Fetch the complete documentation index at: https://docs.mirobody.ai/llms.txt
Use this file to discover all available pages before exploring further.
适合已有自己用户体系的 B 端伙伴,避免重复管理终端用户的邮箱密码。
1. 注册 client
由 Mirobody 运营线下分配,或通过 OAuth 注册端点自助注册:
POST /oauth/register
Content-Type: application/json
{
"client_name": "your-app",
"redirect_uris": ["https://your-domain.com/oauth/callback"],
"grant_types": ["authorization_code", "refresh_token"]
}
client_id / client_secret,请妥善保管。
2. 授权码流程(SSO)
第一步:引导用户跳转到授权端点。
GET /oauth2/authorize?response_type=code&client_id=<id>&redirect_uri=<uri>&state=<csrf>&scope=mcp:read mcp:write
redirect_uri?code=<code>&state=<csrf>。
第三步:服务端用 code 换 token。
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&code=<code>&client_id=<id>&client_secret=<secret>&redirect_uri=<uri>
3. 服务端代调(credentials)
无 UI 场景下,已知特定 user_id 的客户端凭证 grant:
POST /oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=credentials&client_id=<id>&client_secret=<secret>
sub 已绑定到注册 client 时关联的 user_id。
响应格式
OAuth 2.0 标准格式(非 {success, code, msg, data} 壳):
{
"access_token": "eyJhbGci...",
"token_type": "Bearer",
"expires_in": 2592000,
"refresh_token": "eyJhbGci...",
"scope": "mcp:read mcp:write"
}
{ "error": "invalid_client", "error_description": "..." }
