Mint an OAuth authorization URL for git-provider connect
Apps
Mint an OAuth authorization URL for git-provider connect
Returns a per-provider OAuth authorization URL plus a signed state token. Headless flow:
- Headless agent POSTs
{ provider }. - Gateway returns
{ authorization_url, state, expires_at }. - Agent surfaces the URL to a human (Slack DM, console output, etc.).
- Human clicks; provider redirects to the dashboard OAuth callback.
- Callback validates the state token and writes the
git_connectionrow. - Agent polls
GET /v1/apps/:appId/gituntil{ connected: true }.
The state token is HMAC-signed (10-minute TTL) and binds the OAuth callback to the originating app + tenant + provider. Each call mints a fresh nonce — no replay across attempts.
Returns 503 git_connect_not_configured when provider OAuth is unusable on this environment (e.g. GITLAB_CLIENT_ID not set, or the GitHub App slug cannot be resolved from GET /app).
POST
Mint an OAuth authorization URL for git-provider connect
Authorizations
Application ID for tenant scoping
API key (sk_agentmark_*)
Path Parameters
Body
application/json
Available options:
github, gitlab Response
Authorization URL minted.