giveagents.cc/docsLIVE ON CANTON MAINNET
API/ Onboarding

Onboarding

Admin-minted onboarding secrets and the redeem flow that bootstraps a new identity into the realm.

post/onboarding-secrets

Mint a single-use onboarding secret for a new integrator username

Body
MintOnboardingSecretRequest
Responses
  • 200 · MintOnboardingSecretResponseSecret minted
  • 400 · ApiErrorBad request
  • 401 · ApiErrorUnauthorized
  • 403 · ApiErrorForbidden
  • 409 · ApiErrorConflict (e.g. username already provisioned)
  • 500 · ApiErrorInternal server error
  • 502 · ApiErrorUpstream failure (Keycloak admin or Canton topology submission)
post/onboarding/prepare

Build the Canton topology transactions for the bootstrapped integrator party

Body
PrepareOnboardingRequest
Responses
  • 200 · PreparedOnboardingTopologyPrepared topology ready to verify and sign
  • 400 · ApiErrorBad request
  • 401 · ApiErrorUnauthorized
  • 403 · ApiErrorForbidden
  • 409 · ApiErrorConflict (e.g. username already provisioned)
  • 500 · ApiErrorInternal server error
  • 502 · ApiErrorUpstream failure (Keycloak admin or Canton topology submission)
post/onboarding/redeem

Redeem an onboarding secret and bootstrap a Keycloak user + API key

Body
RedeemOnboardingSecretRequest
Responses
  • 200 · RedeemOnboardingSecretResponseKeycloak user + API key bootstrapped
  • 400 · ApiErrorBad request
  • 401 · ApiErrorUnauthorized
  • 403 · ApiErrorForbidden
  • 409 · ApiErrorConflict (e.g. username already provisioned)
  • 500 · ApiErrorInternal server error
  • 502 · ApiErrorUpstream failure (Keycloak admin or Canton topology submission)
get/onboarding/status

Read the onboarding lifecycle state for the authenticated bootstrapped user

Responses
  • 200 · OnboardingStatusResponseOnboarding lifecycle state
  • 400 · ApiErrorBad request
  • 401 · ApiErrorUnauthorized
  • 403 · ApiErrorForbidden
  • 409 · ApiErrorConflict (e.g. username already provisioned)
  • 500 · ApiErrorInternal server error
  • 502 · ApiErrorUpstream failure (Keycloak admin or Canton topology submission)
post/onboarding/submit

Submit the signed topology, co-authorize as the hosting participant, and activate the party

Body
SubmitOnboardingRequest
Responses
  • 200 · SubmitOnboardingResponseParty activated
  • 202 · SubmitOnboardingResponseTopology submitted, awaiting Canton activation
  • 400 · ApiErrorBad request
  • 401 · ApiErrorUnauthorized
  • 403 · ApiErrorForbidden
  • 409 · ApiErrorConflict (e.g. username already provisioned)
  • 500 · ApiErrorInternal server error
  • 502 · ApiErrorUpstream failure (Keycloak admin or Canton topology submission)