Skip to main content
POST
cURL

Authorizations

Authorization
string
header
required

JWT Bearer token obtained from authentication. Pass as: Authorization: Bearer

Body

application/json

Input for minting a headless extension connection.

agentId

Agent identifier. Optional when using an agent API key (resolved automatically); required when using a master key.

Pattern: ^[0-9a-z]+$
ttl
enum<string>

Override the org tokenTtl for this connection. Shorten-only: a value longer than the org setting (15m < 1h < session) is rejected.

Available options:
15m,
1h,
session

Response

200 - application/json

OK

Headless extension connection details.

agentId
string
required

Agent the connection is bound to.

connectUrl
string<uri>
required

Open in a Puppeteer-driven browser to connect the extension.

expiresAt
string<date-time> | null
required

Token expiry (null for session).

exchangeExpiresAt
string<date-time>
required

Single-use code expiry (~60s).

policy
enum<string>
required

Effective org auth policy. Never prompt_owner — headless connect refuses that policy.

Available options:
session,
pre_approved