Build on Guliel. One API, every surface.
Every action available in the Guliel dashboard is also available over a single REST API. Same routes, same authorization, same audit trail — accessible through a Bearer-authenticated key today, and through the MCP server and OAuth flows as those phases ship.
Sections
What Guliel is, how the developer surface fits together, and where to start.
160 endpoints, 14 features. Bearer-authenticated, scope-controlled.
Native MCP tools for Claude Desktop, Claude Code, Cursor, and ChatGPT. Every REST route is a tool.
Third-party integrations on behalf of users. Shipping in Phase 4.
Quick start
Four things to know before you call your first endpoint.
- Step 1
Generate an API key
Open /dashboard/developer. Pick the organizations the key can access and the features it can read or write. The cleartext secret is shown once — copy it then.
- Step 2
Authenticate with Bearer
Pass the key on every request:
Authorization: Bearer gli_live_…. Scopes are checked per route. Roles too. - Step 3
Call any route
160 endpoints across 14 features. Every route returns JSON with stable error codes. Browse the REST API reference or download the OpenAPI 3.1 spec.
- Step 4
Branch on error codes
Every error returns
{ error, code, details? }. Branch oncode— UNAUTHENTICATED, ORG_DENIED, SCOPE_DENIED, ROLE_DENIED, VALIDATION, RATE_LIMIT, NOT_FOUND, CONFLICT. Never parse error strings.
Authentication shapes
Today: API keys for scripts, CI, and back-end integrations. Phase 3: OAuth + MCP for AI agents (Claude Desktop, ChatGPT, custom agents). Phase 4: Third-party OAuth apps for builders integrating Guliel into their own products. Same routes, same scopes — different credentials.