# Wacht Platform Documentation

## Docs

- [Attach knowledge base to agent](https://docs.wacht.dev/api-reference/ai-control-plane/attach-knowledge-base-to-agent.md)
- [Attach sub-agent](https://docs.wacht.dev/api-reference/ai-control-plane/attach-sub-agent.md)
- [Attach tool to agent](https://docs.wacht.dev/api-reference/ai-control-plane/attach-tool-to-agent.md)
- [Create AI agent](https://docs.wacht.dev/api-reference/ai-control-plane/create-ai-agent.md)
- [Create AI tool](https://docs.wacht.dev/api-reference/ai-control-plane/create-ai-tool.md)
- [Create knowledge base](https://docs.wacht.dev/api-reference/ai-control-plane/create-knowledge-base.md)
- [Create MCP server](https://docs.wacht.dev/api-reference/ai-control-plane/create-mcp-server.md)
- [Delete agent skill path](https://docs.wacht.dev/api-reference/ai-control-plane/delete-agent-skill-path.md)
- [Delete AI agent](https://docs.wacht.dev/api-reference/ai-control-plane/delete-ai-agent.md)
- [Delete AI tool](https://docs.wacht.dev/api-reference/ai-control-plane/delete-ai-tool.md)
- [Delete knowledge base](https://docs.wacht.dev/api-reference/ai-control-plane/delete-knowledge-base.md)
- [Delete knowledge-base document](https://docs.wacht.dev/api-reference/ai-control-plane/delete-knowledge-base-document.md)
- [Delete MCP server](https://docs.wacht.dev/api-reference/ai-control-plane/delete-mcp-server.md)
- [Detach knowledge base from agent](https://docs.wacht.dev/api-reference/ai-control-plane/detach-knowledge-base-from-agent.md)
- [Detach sub-agent](https://docs.wacht.dev/api-reference/ai-control-plane/detach-sub-agent.md)
- [Detach tool from agent](https://docs.wacht.dev/api-reference/ai-control-plane/detach-tool-from-agent.md)
- [Discover MCP server auth](https://docs.wacht.dev/api-reference/ai-control-plane/discover-mcp-server-auth.md)
- [Get AI agent](https://docs.wacht.dev/api-reference/ai-control-plane/get-ai-agent.md)
- [Get AI agent details](https://docs.wacht.dev/api-reference/ai-control-plane/get-ai-agent-details.md)
- [Get AI settings](https://docs.wacht.dev/api-reference/ai-control-plane/get-ai-settings.md)
- [Get AI tool](https://docs.wacht.dev/api-reference/ai-control-plane/get-ai-tool.md)
- [Get knowledge base](https://docs.wacht.dev/api-reference/ai-control-plane/get-knowledge-base.md)
- [Get MCP server](https://docs.wacht.dev/api-reference/ai-control-plane/get-mcp-server.md)
- [Import agent skill bundle](https://docs.wacht.dev/api-reference/ai-control-plane/import-agent-skill-bundle.md)
- [List agent knowledge bases](https://docs.wacht.dev/api-reference/ai-control-plane/list-agent-knowledge-bases.md)
- [List agent skill tree](https://docs.wacht.dev/api-reference/ai-control-plane/list-agent-skill-tree.md)
- [List agent sub-agents](https://docs.wacht.dev/api-reference/ai-control-plane/list-agent-sub-agents.md)
- [List agent tools](https://docs.wacht.dev/api-reference/ai-control-plane/list-agent-tools.md)
- [List AI agents](https://docs.wacht.dev/api-reference/ai-control-plane/list-ai-agents.md)
- [List AI tools](https://docs.wacht.dev/api-reference/ai-control-plane/list-ai-tools.md)
- [List knowledge-base documents](https://docs.wacht.dev/api-reference/ai-control-plane/list-knowledge-base-documents.md)
- [List knowledge bases](https://docs.wacht.dev/api-reference/ai-control-plane/list-knowledge-bases.md)
- [List MCP servers](https://docs.wacht.dev/api-reference/ai-control-plane/list-mcp-servers.md)
- [Read agent skill file](https://docs.wacht.dev/api-reference/ai-control-plane/read-agent-skill-file.md)
- [Update AI agent](https://docs.wacht.dev/api-reference/ai-control-plane/update-ai-agent.md)
- [Update AI settings](https://docs.wacht.dev/api-reference/ai-control-plane/update-ai-settings.md)
- [Update AI tool](https://docs.wacht.dev/api-reference/ai-control-plane/update-ai-tool.md)
- [Update knowledge base](https://docs.wacht.dev/api-reference/ai-control-plane/update-knowledge-base.md)
- [Update MCP server](https://docs.wacht.dev/api-reference/ai-control-plane/update-mcp-server.md)
- [Upload knowledge-base document](https://docs.wacht.dev/api-reference/ai-control-plane/upload-knowledge-base-document.md)
- [Append board item journal entry](https://docs.wacht.dev/api-reference/ai-runtime-admin/append-board-item-journal-entry.md)
- [Archive actor project](https://docs.wacht.dev/api-reference/ai-runtime-admin/archive-actor-project.md)
- [Archive board item](https://docs.wacht.dev/api-reference/ai-runtime-admin/archive-board-item.md)
- [Archive project thread](https://docs.wacht.dev/api-reference/ai-runtime-admin/archive-project-thread.md)
- [Create actor project](https://docs.wacht.dev/api-reference/ai-runtime-admin/create-actor-project.md)
- [Create project board item](https://docs.wacht.dev/api-reference/ai-runtime-admin/create-project-board-item.md)
- [Create project thread](https://docs.wacht.dev/api-reference/ai-runtime-admin/create-project-thread.md)
- [Disconnect actor MCP server](https://docs.wacht.dev/api-reference/ai-runtime-admin/disconnect-actor-mcp-server.md)
- [Download thread filesystem file](https://docs.wacht.dev/api-reference/ai-runtime-admin/download-thread-filesystem-file.md)
- [Get actor project](https://docs.wacht.dev/api-reference/ai-runtime-admin/get-actor-project.md)
- [Get actor project board](https://docs.wacht.dev/api-reference/ai-runtime-admin/get-actor-project-board.md)
- [Get latest thread task graph](https://docs.wacht.dev/api-reference/ai-runtime-admin/get-latest-thread-task-graph.md)
- [Get project board item](https://docs.wacht.dev/api-reference/ai-runtime-admin/get-project-board-item.md)
- [Get project thread](https://docs.wacht.dev/api-reference/ai-runtime-admin/get-project-thread.md)
- [List actor MCP servers](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-actor-mcp-servers.md)
- [List actor projects](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-actor-projects.md)
- [List board item assignments](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-board-item-assignments.md)
- [List board item events](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-board-item-events.md)
- [List board item filesystem](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-board-item-filesystem.md)
- [List project board items](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-project-board-items.md)
- [List project threads](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-project-threads.md)
- [List thread assignments](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-thread-assignments.md)
- [List thread events](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-thread-events.md)
- [List thread filesystem](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-thread-filesystem.md)
- [List thread messages](https://docs.wacht.dev/api-reference/ai-runtime-admin/list-thread-messages.md)
- [Read board item filesystem file](https://docs.wacht.dev/api-reference/ai-runtime-admin/read-board-item-filesystem-file.md)
- [Run thread](https://docs.wacht.dev/api-reference/ai-runtime-admin/run-thread.md)
- [Search actor project threads](https://docs.wacht.dev/api-reference/ai-runtime-admin/search-actor-project-threads.md)
- [Search actor projects](https://docs.wacht.dev/api-reference/ai-runtime-admin/search-actor-projects.md)
- [Start actor MCP connect flow](https://docs.wacht.dev/api-reference/ai-runtime-admin/start-actor-mcp-connect-flow.md)
- [Unarchive actor project](https://docs.wacht.dev/api-reference/ai-runtime-admin/unarchive-actor-project.md)
- [Unarchive board item](https://docs.wacht.dev/api-reference/ai-runtime-admin/unarchive-board-item.md)
- [Unarchive project thread](https://docs.wacht.dev/api-reference/ai-runtime-admin/unarchive-project-thread.md)
- [Update actor project](https://docs.wacht.dev/api-reference/ai-runtime-admin/update-actor-project.md)
- [Update board item](https://docs.wacht.dev/api-reference/ai-runtime-admin/update-board-item.md)
- [Update project thread](https://docs.wacht.dev/api-reference/ai-runtime-admin/update-project-thread.md)
- [Append board item journal entry](https://docs.wacht.dev/api-reference/ai-runtime/append-board-item-journal-entry.md)
- [Archive actor project](https://docs.wacht.dev/api-reference/ai-runtime/archive-actor-project.md)
- [Archive board item](https://docs.wacht.dev/api-reference/ai-runtime/archive-board-item.md)
- [Archive thread](https://docs.wacht.dev/api-reference/ai-runtime/archive-thread.md)
- [Create actor project](https://docs.wacht.dev/api-reference/ai-runtime/create-actor-project.md)
- [Create actor thread in most recent matching project](https://docs.wacht.dev/api-reference/ai-runtime/create-actor-thread-in-most-recent-matching-project.md)
- [Create project board item](https://docs.wacht.dev/api-reference/ai-runtime/create-project-board-item.md)
- [Create project thread](https://docs.wacht.dev/api-reference/ai-runtime/create-project-thread.md)
- [Disconnect actor MCP server](https://docs.wacht.dev/api-reference/ai-runtime/disconnect-actor-mcp-server.md)
- [Get actor project](https://docs.wacht.dev/api-reference/ai-runtime/get-actor-project.md)
- [Get AI session](https://docs.wacht.dev/api-reference/ai-runtime/get-ai-session.md)
- [Get project board](https://docs.wacht.dev/api-reference/ai-runtime/get-project-board.md)
- [Get project board item](https://docs.wacht.dev/api-reference/ai-runtime/get-project-board-item.md)
- [Get thread](https://docs.wacht.dev/api-reference/ai-runtime/get-thread.md)
- [List actor MCP servers](https://docs.wacht.dev/api-reference/ai-runtime/list-actor-mcp-servers.md)
- [List actor projects](https://docs.wacht.dev/api-reference/ai-runtime/list-actor-projects.md)
- [List board item assignments](https://docs.wacht.dev/api-reference/ai-runtime/list-board-item-assignments.md)
- [List board item events](https://docs.wacht.dev/api-reference/ai-runtime/list-board-item-events.md)
- [List board item filesystem](https://docs.wacht.dev/api-reference/ai-runtime/list-board-item-filesystem.md)
- [List project board items](https://docs.wacht.dev/api-reference/ai-runtime/list-project-board-items.md)
- [List project threads](https://docs.wacht.dev/api-reference/ai-runtime/list-project-threads.md)
- [List thread assignments](https://docs.wacht.dev/api-reference/ai-runtime/list-thread-assignments.md)
- [List thread events](https://docs.wacht.dev/api-reference/ai-runtime/list-thread-events.md)
- [List thread filesystem](https://docs.wacht.dev/api-reference/ai-runtime/list-thread-filesystem.md)
- [List thread messages](https://docs.wacht.dev/api-reference/ai-runtime/list-thread-messages.md)
- [List thread task graphs](https://docs.wacht.dev/api-reference/ai-runtime/list-thread-task-graphs.md)
- [Read board item filesystem file](https://docs.wacht.dev/api-reference/ai-runtime/read-board-item-filesystem-file.md)
- [Read thread filesystem file](https://docs.wacht.dev/api-reference/ai-runtime/read-thread-filesystem-file.md)
- [Run thread](https://docs.wacht.dev/api-reference/ai-runtime/run-thread.md): Exactly one execution action must be provided in the multipart form.
- [Search actor projects](https://docs.wacht.dev/api-reference/ai-runtime/search-actor-projects.md)
- [Search actor threads](https://docs.wacht.dev/api-reference/ai-runtime/search-actor-threads.md)
- [Start actor MCP connection](https://docs.wacht.dev/api-reference/ai-runtime/start-actor-mcp-connection.md)
- [Stream thread events](https://docs.wacht.dev/api-reference/ai-runtime/stream-thread-events.md)
- [Unarchive actor project](https://docs.wacht.dev/api-reference/ai-runtime/unarchive-actor-project.md)
- [Unarchive board item](https://docs.wacht.dev/api-reference/ai-runtime/unarchive-board-item.md)
- [Unarchive thread](https://docs.wacht.dev/api-reference/ai-runtime/unarchive-thread.md)
- [Update actor project](https://docs.wacht.dev/api-reference/ai-runtime/update-actor-project.md)
- [Update board item](https://docs.wacht.dev/api-reference/ai-runtime/update-board-item.md)
- [Update thread](https://docs.wacht.dev/api-reference/ai-runtime/update-thread.md)
- [Get analytics stats](https://docs.wacht.dev/api-reference/analytics/get-analytics-stats.md): Retrieve deployment analytics statistics with optional date range
- [Get API audit analytics](https://docs.wacht.dev/api-reference/api-audit/get-api-audit-analytics.md): Retrieve aggregated analytics for API usage
- [Get API audit logs](https://docs.wacht.dev/api-reference/api-audit/get-api-audit-logs.md): Retrieve audit logs for API usage with cursor-based pagination
- [Create API auth app](https://docs.wacht.dev/api-reference/api-keys/create-api-auth-app.md): Create a new API authentication app
- [Create API key](https://docs.wacht.dev/api-reference/api-keys/create-api-key.md): Generate a new API key for an app
- [Delete API auth app](https://docs.wacht.dev/api-reference/api-keys/delete-api-auth-app.md): Delete an API authentication app
- [Get API audit timeseries](https://docs.wacht.dev/api-reference/api-keys/get-api-audit-timeseries.md): Retrieve time-series data for API usage analytics
- [Get API auth app](https://docs.wacht.dev/api-reference/api-keys/get-api-auth-app.md): Retrieve a specific API auth app
- [List API auth apps](https://docs.wacht.dev/api-reference/api-keys/list-api-auth-apps.md): Get all API authentication apps
- [List API keys](https://docs.wacht.dev/api-reference/api-keys/list-api-keys.md): Get all API keys for an app
- [Revoke API key for app](https://docs.wacht.dev/api-reference/api-keys/revoke-api-key-for-app.md): Revoke an API key by ID within a specific app
- [Rotate API key for app](https://docs.wacht.dev/api-reference/api-keys/rotate-api-key-for-app.md): Rotate an API key and generate a new secret within a specific app
- [Update API auth app](https://docs.wacht.dev/api-reference/api-keys/update-api-auth-app.md): Update an API authentication app
- [Delete authenticator](https://docs.wacht.dev/api-reference/authentication-methods/delete-authenticator.md)
- [Generate backup codes](https://docs.wacht.dev/api-reference/authentication-methods/generate-backup-codes.md): Generate new backup codes for account recovery
- [Generate TOTP authenticator](https://docs.wacht.dev/api-reference/authentication-methods/generate-totp-authenticator.md): Generate a new TOTP authenticator (Google Authenticator, etc.)
- [Regenerate backup codes](https://docs.wacht.dev/api-reference/authentication-methods/regenerate-backup-codes.md): Regenerate all backup codes (invalidates old ones)
- [Verify TOTP authenticator](https://docs.wacht.dev/api-reference/authentication-methods/verify-totp-authenticator.md): Verify and activate a TOTP authenticator
- [Begin passkey login](https://docs.wacht.dev/api-reference/authentication/begin-passkey-login.md): Initialize WebAuthn/passkey authentication flow
- [Check identifier availability](https://docs.wacht.dev/api-reference/authentication/check-identifier-availability.md): Check if username or email is available
- [Complete user profile](https://docs.wacht.dev/api-reference/authentication/complete-user-profile.md): Complete user profile during signup flow
- [Finish passkey login](https://docs.wacht.dev/api-reference/authentication/finish-passkey-login.md): Complete WebAuthn/passkey authentication
- [Get SSO metadata](https://docs.wacht.dev/api-reference/authentication/get-sso-metadata.md): Get SAML/SP metadata for SSO configuration
- [Identify user](https://docs.wacht.dev/api-reference/authentication/identify-user.md): Identify user by email or username for passwordless auth
- [Initialize OAuth2 flow](https://docs.wacht.dev/api-reference/authentication/initialize-oauth2-flow.md): Initialize OAuth2/OIDC authentication with external provider
- [Initiate password reset](https://docs.wacht.dev/api-reference/authentication/initiate-password-reset.md): Send a password reset email to the user
- [Initiate SSO login](https://docs.wacht.dev/api-reference/authentication/initiate-sso-login.md): Initiate SAML SSO login flow
- [OAuth2 callback](https://docs.wacht.dev/api-reference/authentication/oauth2-callback.md): Handle OAuth2/OIDC callback from external provider
- [OIDC callback](https://docs.wacht.dev/api-reference/authentication/oidc-callback.md): Handle OIDC/OAuth2 SSO callback from enterprise IdP
- [Prepare verification code](https://docs.wacht.dev/api-reference/authentication/prepare-verification-code.md): Send a verification code to the user's email
- [Reset password with token](https://docs.wacht.dev/api-reference/authentication/reset-password-with-token.md): Reset user's password using the token from the reset email
- [Sign in a user](https://docs.wacht.dev/api-reference/authentication/sign-in-a-user.md): Authenticate a user using various strategies (email OTP, phone OTP, magic link, username/password, email/password)
- [Sign up a new user](https://docs.wacht.dev/api-reference/authentication/sign-up-a-new-user.md): Create a new user account
- [SSO callback](https://docs.wacht.dev/api-reference/authentication/sso-callback.md): Handle SAML SSO response callback
- [Verify code](https://docs.wacht.dev/api-reference/authentication/verify-code.md): Verify the code sent to the user
- [Verify magic link](https://docs.wacht.dev/api-reference/authentication/verify-magic-link.md): Verify and consume a magic link authentication token
- [Get deployment configuration](https://docs.wacht.dev/api-reference/deployment/get-deployment-configuration.md): Retrieve the current deployment's configuration and settings
- [Validate invitation](https://docs.wacht.dev/api-reference/deployment/validate-invitation.md): Validate an organization or workspace invitation token
- [Add email address](https://docs.wacht.dev/api-reference/email-addresses/add-email-address.md): Add a new email address to the user account
- [Delete email address](https://docs.wacht.dev/api-reference/email-addresses/delete-email-address.md)
- [Get email address details](https://docs.wacht.dev/api-reference/email-addresses/get-email-address-details.md)
- [Get user email addresses](https://docs.wacht.dev/api-reference/email-addresses/get-user-email-addresses.md): Retrieve all email addresses associated with the user
- [Make email primary](https://docs.wacht.dev/api-reference/email-addresses/make-email-primary.md)
- [Send email verification code](https://docs.wacht.dev/api-reference/email-addresses/send-email-verification-code.md)
- [Verify email address](https://docs.wacht.dev/api-reference/email-addresses/verify-email-address.md)
- [Create enterprise connection](https://docs.wacht.dev/api-reference/enterprise-connections/create-enterprise-connection.md): Create a new SSO or SCIM enterprise connection
- [Delete enterprise connection](https://docs.wacht.dev/api-reference/enterprise-connections/delete-enterprise-connection.md): Delete an enterprise connection
- [Generate SCIM token](https://docs.wacht.dev/api-reference/enterprise-connections/generate-scim-token.md): Generate a new SCIM token (shown once)
- [Get enterprise connections](https://docs.wacht.dev/api-reference/enterprise-connections/get-enterprise-connections.md): Retrieve all SSO/SCIM enterprise connections for an organization
- [Get SCIM token](https://docs.wacht.dev/api-reference/enterprise-connections/get-scim-token.md): Retrieve SCIM token details (does not show full token)
- [Revoke SCIM token](https://docs.wacht.dev/api-reference/enterprise-connections/revoke-scim-token.md): Revoke the current SCIM token
- [Test enterprise connection config](https://docs.wacht.dev/api-reference/enterprise-connections/test-enterprise-connection-config.md): Validate enterprise connection configuration before saving
- [Test existing enterprise connection](https://docs.wacht.dev/api-reference/enterprise-connections/test-existing-enterprise-connection.md): Test a saved enterprise connection
- [Update enterprise connection](https://docs.wacht.dev/api-reference/enterprise-connections/update-enterprise-connection.md): Update an existing enterprise connection
- [Append events to catalog](https://docs.wacht.dev/api-reference/event-catalogs/append-events-to-catalog.md): Add new events to an existing catalog
- [Archive event in catalog](https://docs.wacht.dev/api-reference/event-catalogs/archive-event-in-catalog.md): Archive or unarchive an event in a catalog
- [Create event catalog](https://docs.wacht.dev/api-reference/event-catalogs/create-event-catalog.md): Create a new event catalog
- [Get event catalog](https://docs.wacht.dev/api-reference/event-catalogs/get-event-catalog.md): Get a specific event catalog
- [List event catalogs](https://docs.wacht.dev/api-reference/event-catalogs/list-event-catalogs.md): Get all event catalogs for the deployment
- [Update event catalog](https://docs.wacht.dev/api-reference/event-catalogs/update-event-catalog.md): Update an event catalog
- [Health check](https://docs.wacht.dev/api-reference/health/health-check.md): Check if the API is running (no authentication required)
- [Delete invitation](https://docs.wacht.dev/api-reference/invitations/delete-invitation.md): Delete a pending invitation.
- [Invite user](https://docs.wacht.dev/api-reference/invitations/invite-user.md): Send an invitation to a new user.
- [List invitations](https://docs.wacht.dev/api-reference/invitations/list-invitations.md): Get a paginated list of pending user invitations.
- [Archive all read](https://docs.wacht.dev/api-reference/notifications/archive-all-read.md): Archive all read notifications
- [Archive notification](https://docs.wacht.dev/api-reference/notifications/archive-notification.md): Archive a notification
- [Create notification](https://docs.wacht.dev/api-reference/notifications/create-notification.md): Send a notification to a user
- [Get unread count by scope](https://docs.wacht.dev/api-reference/notifications/get-unread-count-by-scope.md): Get unread notification counts grouped by scope
- [List notifications](https://docs.wacht.dev/api-reference/notifications/list-notifications.md): Retrieve notifications for the current user with cursor-based pagination.
- [Mark all as read](https://docs.wacht.dev/api-reference/notifications/mark-all-as-read.md): Mark all notifications as read, optionally filtered by scope
- [Mark as read](https://docs.wacht.dev/api-reference/notifications/mark-as-read.md): Mark a notification as read
- [Mark as unread](https://docs.wacht.dev/api-reference/notifications/mark-as-unread.md): Mark a notification as unread
- [Star notification](https://docs.wacht.dev/api-reference/notifications/star-notification.md): Star or unstar a notification
- [Archive OAuth scope](https://docs.wacht.dev/api-reference/oauth-apps/archive-oauth-scope.md): Archive a scope on an OAuth app
- [Create OAuth app](https://docs.wacht.dev/api-reference/oauth-apps/create-oauth-app.md): Create a new OAuth app for a deployment
- [Create OAuth client](https://docs.wacht.dev/api-reference/oauth-apps/create-oauth-client.md): Create a client under an OAuth app
- [Deactivate OAuth client](https://docs.wacht.dev/api-reference/oauth-apps/deactivate-oauth-client.md): Deactivate (or delete) an OAuth client
- [List OAuth apps](https://docs.wacht.dev/api-reference/oauth-apps/list-oauth-apps.md): List OAuth apps for a deployment
- [List OAuth clients](https://docs.wacht.dev/api-reference/oauth-apps/list-oauth-clients.md): List OAuth clients under an OAuth app
- [List OAuth grants](https://docs.wacht.dev/api-reference/oauth-apps/list-oauth-grants.md): List active and historical grants for an OAuth client
- [Revoke OAuth grant](https://docs.wacht.dev/api-reference/oauth-apps/revoke-oauth-grant.md): Revoke a grant by grant ID
- [Rotate OAuth client secret](https://docs.wacht.dev/api-reference/oauth-apps/rotate-oauth-client-secret.md): Rotate secret for an OAuth client
- [Set OAuth scope mapping](https://docs.wacht.dev/api-reference/oauth-apps/set-oauth-scope-mapping.md): Map an OAuth scope to a resource category and permission
- [Unarchive OAuth scope](https://docs.wacht.dev/api-reference/oauth-apps/unarchive-oauth-scope.md): Unarchive a scope on an OAuth app
- [Update OAuth app](https://docs.wacht.dev/api-reference/oauth-apps/update-oauth-app.md): Update OAuth app settings
- [Update OAuth client](https://docs.wacht.dev/api-reference/oauth-apps/update-oauth-client.md): Update OAuth client configuration
- [Update OAuth scope](https://docs.wacht.dev/api-reference/oauth-apps/update-oauth-scope.md): Update display metadata for a specific OAuth scope
- [Verify OAuth app domain](https://docs.wacht.dev/api-reference/oauth-apps/verify-oauth-app-domain.md): Trigger OAuth app domain verification
- [Add organization domain](https://docs.wacht.dev/api-reference/organization-domains/add-organization-domain.md): Add a domain for verification to the organization
- [Delete organization domain](https://docs.wacht.dev/api-reference/organization-domains/delete-organization-domain.md): Remove a domain from the organization
- [Get organization domains](https://docs.wacht.dev/api-reference/organization-domains/get-organization-domains.md): Retrieve all verified domains for an organization
- [Verify organization domain](https://docs.wacht.dev/api-reference/organization-domains/verify-organization-domain.md): Verify domain ownership via DNS TXT record
- [Accept organization invitation](https://docs.wacht.dev/api-reference/organization-invitations/accept-organization-invitation.md): Accept an invitation to join an organization
- [Discard invitation](https://docs.wacht.dev/api-reference/organization-invitations/discard-invitation.md): Cancel/delete a pending invitation
- [Get organization invitations](https://docs.wacht.dev/api-reference/organization-invitations/get-organization-invitations.md): Retrieve all pending invitations for an organization
- [Invite member](https://docs.wacht.dev/api-reference/organization-invitations/invite-member.md): Send an invitation to join the organization
- [Resend invitation](https://docs.wacht.dev/api-reference/organization-invitations/resend-invitation.md): Resend a pending invitation email
- [Add organization member](https://docs.wacht.dev/api-reference/organization-members/add-organization-member.md): Add a user to an organization with specific roles.
- [Add role to member](https://docs.wacht.dev/api-reference/organization-members/add-role-to-member.md): Add a role to an organization member
- [Get organization members](https://docs.wacht.dev/api-reference/organization-members/get-organization-members.md): Retrieve all members of an organization
- [List organization members](https://docs.wacht.dev/api-reference/organization-members/list-organization-members.md): Get all members of an organization with pagination.
- [Remove organization member](https://docs.wacht.dev/api-reference/organization-members/remove-organization-member.md): Remove a member from the organization
- [Remove role from member](https://docs.wacht.dev/api-reference/organization-members/remove-role-from-member.md): Remove a role from an organization member
- [Update organization member](https://docs.wacht.dev/api-reference/organization-members/update-organization-member.md): Update organization member roles or metadata.
- [Create organization role](https://docs.wacht.dev/api-reference/organization-roles/create-organization-role.md): Create a new custom role for the organization
- [Delete organization role](https://docs.wacht.dev/api-reference/organization-roles/delete-organization-role.md): Delete a custom role from the organization
- [Get deployment organization roles](https://docs.wacht.dev/api-reference/organization-roles/get-deployment-organization-roles.md): Get all organization roles in the deployment.
- [Get organization roles](https://docs.wacht.dev/api-reference/organization-roles/get-organization-roles.md): Retrieve all roles for an organization
- [Update organization role](https://docs.wacht.dev/api-reference/organization-roles/update-organization-role.md): Update an organization role name or permissions.
- [Create organization](https://docs.wacht.dev/api-reference/organizations/create-organization.md): Create a new organization
- [Create workspace for organization](https://docs.wacht.dev/api-reference/organizations/create-workspace-for-organization.md): Create a new workspace within an organization.
- [Delete organization](https://docs.wacht.dev/api-reference/organizations/delete-organization.md): Delete an organization
- [Get organization details](https://docs.wacht.dev/api-reference/organizations/get-organization-details.md): Get complete organization information.
- [Leave organization](https://docs.wacht.dev/api-reference/organizations/leave-organization.md): Leave an organization
- [List organizations](https://docs.wacht.dev/api-reference/organizations/list-organizations.md): Get a paginated list of organizations in your deployment.
- [Update organization](https://docs.wacht.dev/api-reference/organizations/update-organization.md): Update organization details
- [Begin passkey registration](https://docs.wacht.dev/api-reference/passkeys/begin-passkey-registration.md): Initialize WebAuthn registration
- [Delete passkey](https://docs.wacht.dev/api-reference/passkeys/delete-passkey.md): Remove a registered passkey
- [Finish passkey registration](https://docs.wacht.dev/api-reference/passkeys/finish-passkey-registration.md): Complete WebAuthn registration
- [Get user passkeys](https://docs.wacht.dev/api-reference/passkeys/get-user-passkeys.md): Retrieve all passkeys for the current user
- [Rename passkey](https://docs.wacht.dev/api-reference/passkeys/rename-passkey.md): Update the name of a registered passkey
- [Add phone number](https://docs.wacht.dev/api-reference/phone-numbers/add-phone-number.md)
- [Delete phone number](https://docs.wacht.dev/api-reference/phone-numbers/delete-phone-number.md)
- [Get phone number details](https://docs.wacht.dev/api-reference/phone-numbers/get-phone-number-details.md)
- [Get phone numbers](https://docs.wacht.dev/api-reference/phone-numbers/get-phone-numbers.md)
- [Make phone primary](https://docs.wacht.dev/api-reference/phone-numbers/make-phone-primary.md)
- [Send SMS verification code](https://docs.wacht.dev/api-reference/phone-numbers/send-sms-verification-code.md)
- [Verify phone number](https://docs.wacht.dev/api-reference/phone-numbers/verify-phone-number.md)
- [Get deployment metadata](https://docs.wacht.dev/api-reference/public-metadata/get-deployment-metadata.md): Retrieve public deployment metadata (no authentication required)
- [Get JWT public keys](https://docs.wacht.dev/api-reference/public-metadata/get-jwt-public-keys.md): Retrieve the deployment's public JWT keys for token verification
- [Create rate limit scheme](https://docs.wacht.dev/api-reference/rate-limit-schemes/create-rate-limit-scheme.md): Create a new reusable rate limit scheme
- [Delete rate limit scheme](https://docs.wacht.dev/api-reference/rate-limit-schemes/delete-rate-limit-scheme.md): Delete a rate limit scheme
- [Get rate limit scheme](https://docs.wacht.dev/api-reference/rate-limit-schemes/get-rate-limit-scheme.md): Get a specific rate limit scheme
- [List rate limit schemes](https://docs.wacht.dev/api-reference/rate-limit-schemes/list-rate-limit-schemes.md): Get all rate limit schemes for the deployment
- [Update rate limit scheme](https://docs.wacht.dev/api-reference/rate-limit-schemes/update-rate-limit-scheme.md): Update a rate limit scheme
- [Assign entity to segment](https://docs.wacht.dev/api-reference/segments/assign-entity-to-segment.md): Assign an entity (user, organization, or workspace) to a segment
- [Create segment](https://docs.wacht.dev/api-reference/segments/create-segment.md): Create a new segment
- [Delete segment](https://docs.wacht.dev/api-reference/segments/delete-segment.md): Delete a segment
- [Get segment data](https://docs.wacht.dev/api-reference/segments/get-segment-data.md): Get entities matching segment criteria
- [List segments](https://docs.wacht.dev/api-reference/segments/list-segments.md): Get all segments for a deployment
- [Remove entity from segment](https://docs.wacht.dev/api-reference/segments/remove-entity-from-segment.md): Remove an entity from a segment
- [Update segment](https://docs.wacht.dev/api-reference/segments/update-segment.md): Update a segment
- [Generate session ticket](https://docs.wacht.dev/api-reference/session-tickets/generate-session-ticket.md): Generate a session ticket for backend-to-frontend authentication.
- [Exchange session ticket](https://docs.wacht.dev/api-reference/sessions/exchange-session-ticket.md): Exchange a session ticket for impersonation or agent access
- [Get current session](https://docs.wacht.dev/api-reference/sessions/get-current-session.md): Retrieve the currently authenticated session details
- [Get JWT token](https://docs.wacht.dev/api-reference/sessions/get-jwt-token.md): Generate a JWT token for the current session with optional custom template
- [Get user sign-ins](https://docs.wacht.dev/api-reference/sessions/get-user-sign-ins.md): Retrieve all active sign-ins/sessions for the user
- [Sign out](https://docs.wacht.dev/api-reference/sessions/sign-out.md): Sign out from current session or a specific sign-in
- [Sign out from session](https://docs.wacht.dev/api-reference/sessions/sign-out-from-session.md): Sign out from a specific session/device
- [Switch active organization](https://docs.wacht.dev/api-reference/sessions/switch-active-organization.md): Switch the active organization context for the current session. Empty organization_id clears the selection.
- [Switch active sign-in](https://docs.wacht.dev/api-reference/sessions/switch-active-sign-in.md): Switch the active sign-in within the current session
- [Switch active workspace](https://docs.wacht.dev/api-reference/sessions/switch-active-workspace.md): Switch the active workspace context for the current session. Empty workspace_id clears the selection.
- [Create JWT template](https://docs.wacht.dev/api-reference/settings/create-jwt-template.md): Create a new JWT template
- [Delete JWT template](https://docs.wacht.dev/api-reference/settings/delete-jwt-template.md): Delete a JWT template
- [Get deployment with settings](https://docs.wacht.dev/api-reference/settings/get-deployment-with-settings.md): Retrieve deployment information with all settings
- [Get email template](https://docs.wacht.dev/api-reference/settings/get-email-template.md): Retrieve email template by name
- [Get JWT templates](https://docs.wacht.dev/api-reference/settings/get-jwt-templates.md): List all JWT templates
- [Get social connections](https://docs.wacht.dev/api-reference/settings/get-social-connections.md): List all social connection configurations
- [Remove SMTP config](https://docs.wacht.dev/api-reference/settings/remove-smtp-config.md): Remove SMTP configuration
- [Update auth settings](https://docs.wacht.dev/api-reference/settings/update-auth-settings.md): Update deployment authentication settings
- [Update B2B settings](https://docs.wacht.dev/api-reference/settings/update-b2b-settings.md): Update deployment B2B/SaaS settings
- [Update deployment restrictions](https://docs.wacht.dev/api-reference/settings/update-deployment-restrictions.md): Update deployment restriction settings
- [Update display settings](https://docs.wacht.dev/api-reference/settings/update-display-settings.md): Update deployment display and branding settings
- [Update email template](https://docs.wacht.dev/api-reference/settings/update-email-template.md): Update email template content
- [Update JWT template](https://docs.wacht.dev/api-reference/settings/update-jwt-template.md): Update a JWT template
- [Update SMTP config](https://docs.wacht.dev/api-reference/settings/update-smtp-config.md): Configure SMTP settings for sending emails
- [Upload image](https://docs.wacht.dev/api-reference/settings/upload-image.md): Upload an image file to CDN (supports JPEG, PNG, GIF, WEBP, ICO formats)
- [Upsert social connection](https://docs.wacht.dev/api-reference/settings/upsert-social-connection.md): Create or update a social connection configuration
- [Verify SMTP connection](https://docs.wacht.dev/api-reference/settings/verify-smtp-connection.md): Test SMTP connection with current configuration
- [Disconnect social connection](https://docs.wacht.dev/api-reference/social-connections/disconnect-social-connection.md): Disconnect OAuth social provider
- [Initiate SSO connection](https://docs.wacht.dev/api-reference/social-connections/initiate-sso-connection.md): Start OAuth flow for connecting social account
- [SSO connection callback](https://docs.wacht.dev/api-reference/social-connections/sso-connection-callback.md): Handle OAuth callback for social connection
- [Add user email](https://docs.wacht.dev/api-reference/user-emails/add-user-email.md): Add a new email address to a user's profile
- [Delete user email](https://docs.wacht.dev/api-reference/user-emails/delete-user-email.md): Remove an email address from a user's profile
- [Update user email](https://docs.wacht.dev/api-reference/user-emails/update-user-email.md): Update email primary status or verification
- [Add user phone](https://docs.wacht.dev/api-reference/user-phones/add-user-phone.md): Add a new phone number to a user's profile
- [Delete user phone](https://docs.wacht.dev/api-reference/user-phones/delete-user-phone.md): Remove a phone number from a user's profile
- [Update user phone](https://docs.wacht.dev/api-reference/user-phones/update-user-phone.md): Update phone primary status
- [Delete account](https://docs.wacht.dev/api-reference/user-profile/delete-account.md): Permanently delete user account
- [Get current user](https://docs.wacht.dev/api-reference/user-profile/get-current-user.md): Retrieve the currently authenticated user's profile
- [Get user organization memberships](https://docs.wacht.dev/api-reference/user-profile/get-user-organization-memberships.md): Retrieve all organization memberships for the current user
- [Get user workspace memberships](https://docs.wacht.dev/api-reference/user-profile/get-user-workspace-memberships.md): Retrieve all workspace memberships for the current user
- [Remove password](https://docs.wacht.dev/api-reference/user-profile/remove-password.md): Remove password from account (passwordless only)
- [Update password](https://docs.wacht.dev/api-reference/user-profile/update-password.md)
- [Update user profile](https://docs.wacht.dev/api-reference/user-profile/update-user-profile.md): Update the current user's profile information
- [Upload profile picture](https://docs.wacht.dev/api-reference/user-profile/upload-profile-picture.md): Upload a profile picture for the user
- [Delete user social connection](https://docs.wacht.dev/api-reference/user-social-connections/delete-user-social-connection.md): Remove a social account connection from a user
- [Create user](https://docs.wacht.dev/api-reference/users/create-user.md): Create a new user in the deployment
- [Delete user](https://docs.wacht.dev/api-reference/users/delete-user.md): Permanently delete a user
- [Get user details](https://docs.wacht.dev/api-reference/users/get-user-details.md): Get detailed information about a user including emails, phones, and social connections
- [List users](https://docs.wacht.dev/api-reference/users/list-users.md): Get a paginated list of all active users in the deployment
- [Update user](https://docs.wacht.dev/api-reference/users/update-user.md): Update user profile information
- [Update user password](https://docs.wacht.dev/api-reference/users/update-user-password.md): Update a user's password
- [Approve waitlist user](https://docs.wacht.dev/api-reference/waitlist/approve-waitlist-user.md): Approve a waitlist user and send them an invitation.
- [Join waitlist](https://docs.wacht.dev/api-reference/waitlist/join-waitlist.md): Add an email to the deployment waitlist
- [List waitlist users](https://docs.wacht.dev/api-reference/waitlist/list-waitlist-users.md): Get a paginated list of users on the waitlist.
- [Get webhook analytics](https://docs.wacht.dev/api-reference/webhook-analytics/get-webhook-analytics.md): Get analytics data for a webhook app
- [Get webhook stats](https://docs.wacht.dev/api-reference/webhook-analytics/get-webhook-stats.md): Get overall statistics for a webhook app
- [Get webhook timeseries data](https://docs.wacht.dev/api-reference/webhook-analytics/get-webhook-timeseries-data.md): Get time-series data for webhook analytics
- [Create webhook app](https://docs.wacht.dev/api-reference/webhook-apps/create-webhook-app.md): Create a new webhook app
- [Delete webhook app](https://docs.wacht.dev/api-reference/webhook-apps/delete-webhook-app.md): Delete a webhook app
- [Get available webhook events](https://docs.wacht.dev/api-reference/webhook-apps/get-available-webhook-events.md): Get all available webhook events for an app
- [Get webhook app](https://docs.wacht.dev/api-reference/webhook-apps/get-webhook-app.md): Retrieve a specific webhook app
- [Get webhook app event catalog](https://docs.wacht.dev/api-reference/webhook-apps/get-webhook-app-event-catalog.md): Get the event catalog assigned to a webhook app
- [List webhook apps](https://docs.wacht.dev/api-reference/webhook-apps/list-webhook-apps.md): Get all webhook apps for the deployment
- [Rotate webhook secret](https://docs.wacht.dev/api-reference/webhook-apps/rotate-webhook-secret.md): Rotate the webhook signing secret for an app
- [Update webhook app](https://docs.wacht.dev/api-reference/webhook-apps/update-webhook-app.md): Update a webhook app
- [Cancel replay task](https://docs.wacht.dev/api-reference/webhook-deliveries/cancel-replay-task.md): Cancel an ongoing replay task
- [Get replay task status](https://docs.wacht.dev/api-reference/webhook-deliveries/get-replay-task-status.md): Get status of a specific replay task
- [Get webhook deliveries for app](https://docs.wacht.dev/api-reference/webhook-deliveries/get-webhook-deliveries-for-app.md): Get webhook delivery history for an app
- [Get webhook delivery details](https://docs.wacht.dev/api-reference/webhook-deliveries/get-webhook-delivery-details.md): Get detailed information about a webhook delivery for a specific app
- [List replay tasks](https://docs.wacht.dev/api-reference/webhook-deliveries/list-replay-tasks.md): Get list of webhook replay tasks for an app
- [Replay webhook deliveries](https://docs.wacht.dev/api-reference/webhook-deliveries/replay-webhook-deliveries.md): Replay failed or successful webhook deliveries
- [Create webhook endpoint](https://docs.wacht.dev/api-reference/webhook-endpoints/create-webhook-endpoint.md): Create a new webhook endpoint for a specific app
- [Delete webhook endpoint](https://docs.wacht.dev/api-reference/webhook-endpoints/delete-webhook-endpoint.md): Delete a webhook endpoint
- [List webhook endpoints](https://docs.wacht.dev/api-reference/webhook-endpoints/list-webhook-endpoints.md): Get all webhook endpoints for an app
- [Reactivate webhook endpoint](https://docs.wacht.dev/api-reference/webhook-endpoints/reactivate-webhook-endpoint.md): Reactivate a disabled webhook endpoint and clear failure counter
- [Test webhook endpoint](https://docs.wacht.dev/api-reference/webhook-endpoints/test-webhook-endpoint.md): Send a test event to a webhook endpoint
- [Update webhook endpoint](https://docs.wacht.dev/api-reference/webhook-endpoints/update-webhook-endpoint.md): Update a webhook endpoint
- [Trigger webhook event](https://docs.wacht.dev/api-reference/webhook-triggers/trigger-webhook-event.md): Manually trigger a webhook event
- [Add role to workspace member](https://docs.wacht.dev/api-reference/workspace-members/add-role-to-workspace-member.md): Add a role to a workspace member
- [Add workspace member](https://docs.wacht.dev/api-reference/workspace-members/add-workspace-member.md): Add a user to a workspace with specific roles.
- [Get workspace members](https://docs.wacht.dev/api-reference/workspace-members/get-workspace-members.md): Retrieve all members of a workspace
- [List workspace members](https://docs.wacht.dev/api-reference/workspace-members/list-workspace-members.md): Get all members of a workspace with pagination.
- [Remove role from workspace member](https://docs.wacht.dev/api-reference/workspace-members/remove-role-from-workspace-member.md): Remove a role from a workspace member
- [Remove workspace member](https://docs.wacht.dev/api-reference/workspace-members/remove-workspace-member.md): Remove a member from the workspace
- [Update workspace member](https://docs.wacht.dev/api-reference/workspace-members/update-workspace-member.md): Update workspace member roles or metadata.
- [Create workspace role](https://docs.wacht.dev/api-reference/workspace-roles/create-workspace-role.md): Create a new custom role for the workspace
- [Delete workspace role](https://docs.wacht.dev/api-reference/workspace-roles/delete-workspace-role.md): Delete a custom role from the workspace
- [Get deployment workspace roles](https://docs.wacht.dev/api-reference/workspace-roles/get-deployment-workspace-roles.md): Get all workspace roles in the deployment.
- [Get workspace roles](https://docs.wacht.dev/api-reference/workspace-roles/get-workspace-roles.md): Retrieve all roles for a workspace
- [Update workspace role](https://docs.wacht.dev/api-reference/workspace-roles/update-workspace-role.md): Update a workspace role name or permissions.
- [Create workspace](https://docs.wacht.dev/api-reference/workspaces/create-workspace.md): Create a new workspace within an organization
- [Delete workspace](https://docs.wacht.dev/api-reference/workspaces/delete-workspace.md): Delete a workspace
- [Get workspace details](https://docs.wacht.dev/api-reference/workspaces/get-workspace-details.md): Get complete workspace information.
- [List workspaces](https://docs.wacht.dev/api-reference/workspaces/list-workspaces.md): Get a paginated list of workspaces in your deployment.
- [Update workspace](https://docs.wacht.dev/api-reference/workspaces/update-workspace.md): Update workspace details
- [Backend API Admin Routes](https://docs.wacht.dev/guides/ai-agents/backend-api-admin-routes.md): Deployment-admin AI routes exposed from the backend API.
- [Connect MCP Servers](https://docs.wacht.dev/guides/ai-agents/connect-mcp-servers.md): Set up MCP servers, choose the right auth mode, and handle runtime connection behavior in your app.
- [Create and Run Agents](https://docs.wacht.dev/guides/ai-agents/create-agents-console-and-backend-api.md): Set up AI agents from Console or Backend API, then execute them with context-aware messages.
- [Frontend API Runtime Routes](https://docs.wacht.dev/guides/ai-agents/frontend-api-runtime-routes.md): Session-scoped AI runtime routes exposed from the frontend API.
- [Build AI Agents in Your SaaS](https://docs.wacht.dev/guides/ai-agents/overview-console-api-mcp.md): Choose the right implementation path for AI agents with Console, Backend API, MCP, and OAuth-protected servers.
- [Protect MCP Servers with OAuth Apps](https://docs.wacht.dev/guides/ai-agents/protect-mcp-servers-with-oauth-apps.md): Secure MCP endpoints using OAuth token verification with Wacht Gateway checks.
- [Run Agents Inside Your App](https://docs.wacht.dev/guides/ai-agents/run-agents-in-your-app.md): Use agent session tickets, vanity agent UI, or custom frontend hooks to run agents in your own product.
- [Building API Auth Observability Screens](https://docs.wacht.dev/guides/api-auth/audit-observability-screens.md): Implement logs, analytics, and timeseries views for API Auth using React SDK hooks.
- [Custom Hook Flow Implementation](https://docs.wacht.dev/guides/api-auth/custom-hook-flow-implementation.md): Build a custom API key management experience using Wacht hooks and backend policy checks.
- [API Auth Integration Models](https://docs.wacht.dev/guides/api-auth/overview.md): Choose the right API Auth implementation model and rollout path for your SaaS.
- [Vanity Pages Implementation](https://docs.wacht.dev/guides/api-auth/vanity-pages-implementation.md): Complete API Auth iframe integration with full backend + frontend example code.
- [Frontend Session And Auth Routes](https://docs.wacht.dev/guides/authentication/frontend-session-auth-routes.md): Source-driven reference for frontend-api session, token, sign-out, tenancy switching, and session ticket exchange routes.
- [Keep your backend in sync](https://docs.wacht.dev/guides/deployment-events/use-webhooks-to-keep-backend-in-sync.md): Complete payload reference for all deployment webhook events.
- [Designing Actionable Notification UX](https://docs.wacht.dev/guides/notifications/actionable-notification-ux.md): Build inbox UX that users can actually act on, with realtime updates and strong filtering semantics.
- [Backend Sending Patterns](https://docs.wacht.dev/guides/notifications/backend-sending-patterns.md): Implement robust backend notification publishing with practical domain patterns.
- [Frontend Inbox with Hooks](https://docs.wacht.dev/guides/notifications/frontend-inbox-with-hooks.md): Build inbox UX with pagination, state transitions, and action controls using existing hooks.
- [Notification System Architecture](https://docs.wacht.dev/guides/notifications/overview-scope-design.md): Design a high-signal in-app notification system with scope, severity, and lifecycle discipline.
- [Realtime Stream Handling](https://docs.wacht.dev/guides/notifications/realtime-stream-handling.md): Use websocket notification streaming with reconnect safety and state reconciliation.
- [Create OAuth Apps and Clients](https://docs.wacht.dev/guides/oauth-apps/create-oauth-app-and-clients.md): Set up OAuth apps, scopes, and clients in a way that is safe for production SaaS deployments.
- [Implement OAuth Consent Flow](https://docs.wacht.dev/guides/oauth-apps/implement-consent-flow.md): Build the consent UI and approval flow using Wacht OAuth consent endpoints.
- [OAuth Apps for SaaS](https://docs.wacht.dev/guides/oauth-apps/overview.md): End-to-end guide for creating OAuth apps, managing clients, handling consent, and validating tokens with Wacht.
- [Verify Tokens and Operate OAuth Clients](https://docs.wacht.dev/guides/oauth-apps/verify-access-tokens-and-operate-clients.md): Verify OAuth access tokens in your resource server, rotate client secrets, and revoke grants safely.
- [Event Envelope and Payload Contracts](https://docs.wacht.dev/guides/receiving-wacht-events/event-envelope-payload-contracts.md): Consume Wacht events safely with version-aware contract handling.
- [Idempotency and Retry-safe Processing](https://docs.wacht.dev/guides/receiving-wacht-events/idempotency-retry-safe-processing.md): Prevent duplicate side effects under retries and replay operations.
- [Webhook Receiver Security Model](https://docs.wacht.dev/guides/receiving-wacht-events/overview-security-model.md): Establish secure, durable webhook receiver architecture for Wacht platform events.
- [Handling Receiver Failures and Recovery](https://docs.wacht.dev/guides/receiving-wacht-events/receiver-failures-recovery.md): Implement concrete debugging and recovery paths for signature issues, duplicates, and delayed processing.
- [Signature Verification with Raw Body](https://docs.wacht.dev/guides/receiving-wacht-events/signature-verification-with-raw-body.md): Verify Wacht webhook deliveries using Standard Webhooks libraries.
- [Custom Hook Flow Implementation](https://docs.wacht.dev/guides/webhooks/custom-hook-flow-implementation.md): Build custom webhook settings UX with concrete hooks from your React SDK.
- [Implementing Deliveries and Replay UI](https://docs.wacht.dev/guides/webhooks/deliveries-replay-ui.md): Build webhook delivery diagnostics and replay flows using React SDK hooks.
- [Event Catalog and Triggering Strategy](https://docs.wacht.dev/guides/webhooks/event-catalog-triggering-strategy.md): Design durable event contracts and safe trigger workflows for your SaaS webhooks.
- [Webhook Architecture Model](https://docs.wacht.dev/guides/webhooks/overview-control-plane-vs-data-plane.md): Understand control plane and data plane responsibilities in Wacht webhook integrations.
- [Vanity Pages Implementation](https://docs.wacht.dev/guides/webhooks/vanity-pages-implementation.md): Complete webhook iframe integration with full backend + frontend example code.
- [<CreateOrganizationForm />](https://docs.wacht.dev/nextjs-sdk/components/create-organization-form.md): A dedicated UI for provisioning new organizational tenants within your deployment.
- [<CreateWorkspaceForm />](https://docs.wacht.dev/nextjs-sdk/components/create-workspace-form.md): A clean UI interface for creating Workspaces—isolated sub-environments nested within an Organization.
- [<DeploymentInitialized />](https://docs.wacht.dev/nextjs-sdk/components/deployment-initialized.md): A boundary component that delays rendering until the core SDK completes its initial boot sequence.
- [<DeploymentInitializing />](https://docs.wacht.dev/nextjs-sdk/components/deployment-initializing.md): A render boundary specifically designed to display elegant loading states while the SDK resolves identity.
- [<NavigateToSignIn />](https://docs.wacht.dev/nextjs-sdk/components/navigate-to-sign-in.md): A utility component that triggers an immediate client-side redirect to your designated Sign In route.
- [<NavigateToSignUp />](https://docs.wacht.dev/nextjs-sdk/components/navigate-to-sign-up.md): A utility component that triggers an immediate client-side redirect to your designated Sign Up route.
- [<OrganizationSwitcher />](https://docs.wacht.dev/nextjs-sdk/components/organization-switcher.md): An interactive dropdown enabling users to seamlessly switch between their active organizations.
- [<RequireActiveTenancy />](https://docs.wacht.dev/nextjs-sdk/components/require-active-tenancy.md): A structural guardrail component that prevents rendering unless a valid B2B tenancy is active.
- [<SignInForm />](https://docs.wacht.dev/nextjs-sdk/components/sign-in-form.md): A complete, drop-in authentication interface supporting passwords, passkeys, and social providers.
- [<SignUpForm />](https://docs.wacht.dev/nextjs-sdk/components/sign-up-form.md): A complete registration interface with built-in email and phone verification flows.
- [<SignedIn />](https://docs.wacht.dev/nextjs-sdk/components/signed-in.md): A declarative render boundary that exclusively mounts its children for authenticated users.
- [<SignedOut />](https://docs.wacht.dev/nextjs-sdk/components/signed-out.md): A declarative boundary that mounts its children only for anonymous, unauthenticated visitors.
- [<SSOCallback />](https://docs.wacht.dev/nextjs-sdk/components/sso-callback.md): A required utility component that securely processes OAuth and SAML redirects.
- [<UserButton />](https://docs.wacht.dev/nextjs-sdk/components/user-button.md): A beautiful avatar component for managing active sessions and user profiles.
- [<WaitlistForm />](https://docs.wacht.dev/nextjs-sdk/components/waitlist-form.md): A seamless email capture interface for Deployments operating in restricted Waitlist Mode.
- [useActiveOrganization()](https://docs.wacht.dev/nextjs-sdk/hooks/use-active-organization.md): A React hook that exposes the metadata and Role-Based Access Control (RBAC) permissions for the currently selected tenant.
- [useActiveTenancy()](https://docs.wacht.dev/nextjs-sdk/hooks/use-active-tenancy.md): Reference for resolving the active organization and workspace memberships for the current session.
- [useActiveWorkspace](https://docs.wacht.dev/nextjs-sdk/hooks/use-active-workspace.md): Access and manage the currently active workspace.
- [useActorMcpServers](https://docs.wacht.dev/nextjs-sdk/hooks/use-actor-mcp-servers.md): Manage actor-scoped MCP connections in the frontend AI runtime.
- [useActorProjects](https://docs.wacht.dev/nextjs-sdk/hooks/use-actor-projects.md): List and mutate actor-scoped projects from the frontend AI runtime.
- [useAgentSession](https://docs.wacht.dev/nextjs-sdk/hooks/use-agent-session.md): Resolve the current frontend AI session, actor, and available agents.
- [useAgentThreadConversation](https://docs.wacht.dev/nextjs-sdk/hooks/use-agent-thread-conversation.md): Read thread messages, stream execution state, and send new messages.
- [useApiAuthAppSession](https://docs.wacht.dev/nextjs-sdk/hooks/use-api-auth-app-session.md): Resolve API auth app portal session state and exchange optional session tickets.
- [useApiAuthAuditAnalytics](https://docs.wacht.dev/nextjs-sdk/hooks/use-api-auth-audit-analytics.md): Fetch aggregated API auth analytics for volume, outcomes, and top entities.
- [useApiAuthAuditLogs](https://docs.wacht.dev/nextjs-sdk/hooks/use-api-auth-audit-logs.md): Query API auth audit log events with cursor-based pagination and filters.
- [useApiAuthAuditTimeseries](https://docs.wacht.dev/nextjs-sdk/hooks/use-api-auth-audit-timeseries.md): Fetch time-bucketed API auth metrics for dashboards and trend charts.
- [useApiAuthKeys](https://docs.wacht.dev/nextjs-sdk/hooks/use-api-auth-keys.md): List, create, rotate, and revoke API auth keys.
- [useClient](https://docs.wacht.dev/nextjs-sdk/hooks/use-client.md): Access the configured HTTP client for making API requests.
- [useCreateWebhookEndpoint](https://docs.wacht.dev/nextjs-sdk/hooks/use-create-webhook-endpoint.md): Create webhook endpoints with URL-encoded payloads.
- [useDeployment](https://docs.wacht.dev/nextjs-sdk/hooks/use-deployment.md): Access deployment configuration and settings.
- [useForgotPassword](https://docs.wacht.dev/nextjs-sdk/hooks/use-forgot-password.md): Handle password reset flows with OTP verification.
- [useInvitation](https://docs.wacht.dev/nextjs-sdk/hooks/use-invitation.md): Handle organization and workspace invitation acceptance.
- [useMagicLinkVerification](https://docs.wacht.dev/nextjs-sdk/hooks/use-magic-link-verification.md): Verify magic-link tokens and track verification status.
- [useNavigation()](https://docs.wacht.dev/nextjs-sdk/hooks/use-navigation.md): A universal hook to interface seamlessly with your chosen React routing engine.
- [useNotificationStream](https://docs.wacht.dev/nextjs-sdk/hooks/use-notification-stream.md): Connect to the real-time notification stream via WebSocket.
- [useNotifications](https://docs.wacht.dev/nextjs-sdk/hooks/use-notifications.md): Access and manage user notifications with support for pagination and bulk operations.
- [useOrganizationList()](https://docs.wacht.dev/nextjs-sdk/hooks/use-organization-list.md): A headless hook for retrieving and managing the array of organizations a user belongs to.
- [useOrganizationMemberships](https://docs.wacht.dev/nextjs-sdk/hooks/use-organization-memberships.md): Get a list of organization memberships for the current user.
- [useProjectTaskBoardItem](https://docs.wacht.dev/nextjs-sdk/hooks/use-project-task-board-item.md): Load one board item plus its events, assignments, and filesystem.
- [useProjectThreadFeed](https://docs.wacht.dev/nextjs-sdk/hooks/use-project-thread-feed.md): Page through project threads in the frontend AI runtime.
- [useScopeUnread](https://docs.wacht.dev/nextjs-sdk/hooks/use-scope-unread.md): Fetch unread notification counts for the selected notification scope.
- [useSession()](https://docs.wacht.dev/nextjs-sdk/hooks/use-session.md): Reference for the shared session hook exposed by the Wacht React SDK packages.
- [useSignIn()](https://docs.wacht.dev/nextjs-sdk/hooks/use-sign-in.md): Programmatic access to the authentication state machine for custom sign-in flows.
- [useSignUp()](https://docs.wacht.dev/nextjs-sdk/hooks/use-sign-up.md): Manage programmatic registration sequences and identity verification flows.
- [useSSOCallback](https://docs.wacht.dev/nextjs-sdk/hooks/use-sso-callback.md): Handle OAuth and SSO callbacks from external identity providers.
- [useUser()](https://docs.wacht.dev/nextjs-sdk/hooks/use-user.md): Access the authenticated User context, metadata, and profile modification methods.
- [useUserSignins](https://docs.wacht.dev/nextjs-sdk/hooks/use-user-signins.md): List and manage active user sign-in sessions.
- [useWaitlist](https://docs.wacht.dev/nextjs-sdk/hooks/use-waitlist.md): Handle waitlist signup flows.
- [useWebhookAnalytics](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-analytics.md): Fetch aggregated webhook analytics for date ranges and endpoints.
- [useWebhookAppSession](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-app-session.md): Resolve webhook app portal session state and perform endpoint and delivery actions.
- [useWebhookDeliveries](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-deliveries.md): Query webhook delivery logs with cursor pagination and filters.
- [useWebhookEndpoints](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-endpoints.md): List webhook endpoints configured for the current webhook app.
- [useWebhookEvents](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-events.md): List available webhook event types for subscriptions.
- [useWebhookStats](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-stats.md): Fetch webhook delivery summary statistics.
- [useWebhookTimeseries](https://docs.wacht.dev/nextjs-sdk/hooks/use-webhook-timeseries.md): Fetch interval-based webhook analytics data points.
- [useWorkspaceList](https://docs.wacht.dev/nextjs-sdk/hooks/use-workspace-list.md): Manage workspaces including creating, updating, and deleting workspaces.
- [useWorkspaceMemberships](https://docs.wacht.dev/nextjs-sdk/hooks/use-workspace-memberships.md): Get a list of workspace memberships for the current user.
- [Installation](https://docs.wacht.dev/nextjs-sdk/installation.md): Install and configure @wacht/nextjs for app router and server runtime.
- [Next.js SDK](https://docs.wacht.dev/nextjs-sdk/introduction.md): Use Wacht in Next.js for auth UI, route protection, and server-side API access.
- [Quick Start](https://docs.wacht.dev/nextjs-sdk/quickstart.md): End-to-end Next.js setup with provider, proxy, and server usage.
- [Server Auth](https://docs.wacht.dev/nextjs-sdk/server-auth.md): Reference for @wacht/nextjs/server middleware, auth helpers, JWT claims access, and the normalized auth object exposed after middleware runs.
- [AI API](https://docs.wacht.dev/node-sdk/api/ai.md): Backend AI control-plane APIs and actor-project runtime administration in @wacht/backend.
- [API Keys API](https://docs.wacht.dev/node-sdk/api/api-keys.md): Provision and manage programmatic API Keys for external developers and B2B integrations.
- [OAuth Apps API](https://docs.wacht.dev/node-sdk/api/oauth.md): Create and manage OAuth apps, clients, scopes, and grants with the Node SDK.
- [Organizations API](https://docs.wacht.dev/node-sdk/api/organizations.md): Manage multi-tenant organizations, roles, and memberships.
- [Users API](https://docs.wacht.dev/node-sdk/api/users.md): Manage user profiles, metadata, and authentication identifiers.
- [Webhooks API](https://docs.wacht.dev/node-sdk/api/webhooks.md): Configure endpoints and replay failed deliveries.
- [Workspaces API](https://docs.wacht.dev/node-sdk/api/workspaces.md): Manage deeply-nested workspaces within organizations.
- [Gateway Authz](https://docs.wacht.dev/node-sdk/auth/gateway.md): Verify API Keys and machine-to-machine OAuth tokens using the Gateway Module.
- [Server Authentication](https://docs.wacht.dev/node-sdk/auth/server-auth.md): Secure your API routes using the getAuth() and requireAuth() primitives.
- [Installation](https://docs.wacht.dev/node-sdk/installation.md): Install the Wacht Node.js SDK into your project.
- [Introduction](https://docs.wacht.dev/node-sdk/introduction.md): Welcome to the Wacht Node.js (Backend) SDK documentation.
- [Quickstart](https://docs.wacht.dev/node-sdk/quickstart.md): Initialize the Wacht client and execute your first API request.
- [<CreateOrganizationForm />](https://docs.wacht.dev/react-router-sdk/components/create-organization-form.md): A dedicated UI for provisioning new organizational tenants within your deployment.
- [<CreateWorkspaceForm />](https://docs.wacht.dev/react-router-sdk/components/create-workspace-form.md): A clean UI interface for creating Workspaces—isolated sub-environments nested within an Organization.
- [<DeploymentInitialized />](https://docs.wacht.dev/react-router-sdk/components/deployment-initialized.md): A boundary component that delays rendering until the core SDK completes its initial boot sequence.
- [<DeploymentInitializing />](https://docs.wacht.dev/react-router-sdk/components/deployment-initializing.md): A render boundary specifically designed to display elegant loading states while the SDK resolves identity.
- [<NavigateToSignIn />](https://docs.wacht.dev/react-router-sdk/components/navigate-to-sign-in.md): A utility component that triggers an immediate client-side redirect to your designated Sign In route.
- [<NavigateToSignUp />](https://docs.wacht.dev/react-router-sdk/components/navigate-to-sign-up.md): A utility component that triggers an immediate client-side redirect to your designated Sign Up route.
- [<OrganizationSwitcher />](https://docs.wacht.dev/react-router-sdk/components/organization-switcher.md): An interactive dropdown enabling users to seamlessly switch between their active organizations.
- [<RequireActiveTenancy />](https://docs.wacht.dev/react-router-sdk/components/require-active-tenancy.md): A structural guardrail component that prevents rendering unless a valid B2B tenancy is active.
- [<SignInForm />](https://docs.wacht.dev/react-router-sdk/components/sign-in-form.md): A complete, drop-in authentication interface supporting passwords, passkeys, and social providers.
- [<SignUpForm />](https://docs.wacht.dev/react-router-sdk/components/sign-up-form.md): A complete registration interface with built-in email and phone verification flows.
- [<SignedIn />](https://docs.wacht.dev/react-router-sdk/components/signed-in.md): A declarative render boundary that exclusively mounts its children for authenticated users.
- [<SignedOut />](https://docs.wacht.dev/react-router-sdk/components/signed-out.md): A declarative boundary that mounts its children only for anonymous, unauthenticated visitors.
- [<SSOCallback />](https://docs.wacht.dev/react-router-sdk/components/sso-callback.md): A required utility component that securely processes OAuth and SAML redirects.
- [<UserButton />](https://docs.wacht.dev/react-router-sdk/components/user-button.md): A beautiful avatar component for managing active sessions and user profiles.
- [<WaitlistForm />](https://docs.wacht.dev/react-router-sdk/components/waitlist-form.md): A seamless email capture interface for Deployments operating in restricted Waitlist Mode.
- [useActiveOrganization()](https://docs.wacht.dev/react-router-sdk/hooks/use-active-organization.md): A React hook that exposes the metadata and Role-Based Access Control (RBAC) permissions for the currently selected tenant.
- [useActiveTenancy()](https://docs.wacht.dev/react-router-sdk/hooks/use-active-tenancy.md): Reference for resolving the active organization and workspace memberships for the current session.
- [useActiveWorkspace](https://docs.wacht.dev/react-router-sdk/hooks/use-active-workspace.md): Access and manage the currently active workspace.
- [useActorMcpServers](https://docs.wacht.dev/react-router-sdk/hooks/use-actor-mcp-servers.md): Manage actor-scoped MCP connections in the frontend AI runtime.
- [useActorProjects](https://docs.wacht.dev/react-router-sdk/hooks/use-actor-projects.md): List and mutate actor-scoped projects from the frontend AI runtime.
- [useAgentSession](https://docs.wacht.dev/react-router-sdk/hooks/use-agent-session.md): Resolve the current frontend AI session, actor, and available agents.
- [useAgentThreadConversation](https://docs.wacht.dev/react-router-sdk/hooks/use-agent-thread-conversation.md): Read thread messages, stream execution state, and send new messages.
- [useApiAuthAppSession](https://docs.wacht.dev/react-router-sdk/hooks/use-api-auth-app-session.md): Resolve API auth app portal session state and exchange optional session tickets.
- [useApiAuthAuditAnalytics](https://docs.wacht.dev/react-router-sdk/hooks/use-api-auth-audit-analytics.md): Fetch aggregated API auth analytics for volume, outcomes, and top entities.
- [useApiAuthAuditLogs](https://docs.wacht.dev/react-router-sdk/hooks/use-api-auth-audit-logs.md): Query API auth audit log events with cursor-based pagination and filters.
- [useApiAuthAuditTimeseries](https://docs.wacht.dev/react-router-sdk/hooks/use-api-auth-audit-timeseries.md): Fetch time-bucketed API auth metrics for dashboards and trend charts.
- [useApiAuthKeys](https://docs.wacht.dev/react-router-sdk/hooks/use-api-auth-keys.md): List, create, rotate, and revoke API auth keys.
- [useClient](https://docs.wacht.dev/react-router-sdk/hooks/use-client.md): Access the configured HTTP client for making API requests.
- [useCreateWebhookEndpoint](https://docs.wacht.dev/react-router-sdk/hooks/use-create-webhook-endpoint.md): Create webhook endpoints with URL-encoded payloads.
- [useDeployment](https://docs.wacht.dev/react-router-sdk/hooks/use-deployment.md): Access deployment configuration and settings.
- [useForgotPassword](https://docs.wacht.dev/react-router-sdk/hooks/use-forgot-password.md): Handle password reset flows with OTP verification.
- [useInvitation](https://docs.wacht.dev/react-router-sdk/hooks/use-invitation.md): Handle organization and workspace invitation acceptance.
- [useMagicLinkVerification](https://docs.wacht.dev/react-router-sdk/hooks/use-magic-link-verification.md): Verify magic-link tokens and track verification status.
- [useNavigation()](https://docs.wacht.dev/react-router-sdk/hooks/use-navigation.md): A universal hook to interface seamlessly with your chosen React routing engine.
- [useNotificationStream](https://docs.wacht.dev/react-router-sdk/hooks/use-notification-stream.md): Connect to the real-time notification stream via WebSocket.
- [useNotifications](https://docs.wacht.dev/react-router-sdk/hooks/use-notifications.md): Access and manage user notifications with support for pagination and bulk operations.
- [useOrganizationList()](https://docs.wacht.dev/react-router-sdk/hooks/use-organization-list.md): A headless hook for retrieving and managing the array of organizations a user belongs to.
- [useOrganizationMemberships](https://docs.wacht.dev/react-router-sdk/hooks/use-organization-memberships.md): Get a list of organization memberships for the current user.
- [useProjectTaskBoardItem](https://docs.wacht.dev/react-router-sdk/hooks/use-project-task-board-item.md): Load one board item plus its events, assignments, and filesystem.
- [useProjectThreadFeed](https://docs.wacht.dev/react-router-sdk/hooks/use-project-thread-feed.md): Page through project threads in the frontend AI runtime.
- [useScopeUnread](https://docs.wacht.dev/react-router-sdk/hooks/use-scope-unread.md): Fetch unread notification counts for the selected notification scope.
- [useSession()](https://docs.wacht.dev/react-router-sdk/hooks/use-session.md): Reference for the shared session hook exposed by the Wacht React SDK packages.
- [useSignIn()](https://docs.wacht.dev/react-router-sdk/hooks/use-sign-in.md): Programmatic access to the authentication state machine for custom sign-in flows.
- [useSignUp()](https://docs.wacht.dev/react-router-sdk/hooks/use-sign-up.md): Manage programmatic registration sequences and identity verification flows.
- [useSSOCallback](https://docs.wacht.dev/react-router-sdk/hooks/use-sso-callback.md): Handle OAuth and SSO callbacks from external identity providers.
- [useUser()](https://docs.wacht.dev/react-router-sdk/hooks/use-user.md): Access the authenticated User context, metadata, and profile modification methods.
- [useUserSignins](https://docs.wacht.dev/react-router-sdk/hooks/use-user-signins.md): List and manage active user sign-in sessions.
- [useWaitlist](https://docs.wacht.dev/react-router-sdk/hooks/use-waitlist.md): Handle waitlist signup flows.
- [useWebhookAnalytics](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-analytics.md): Fetch aggregated webhook analytics for date ranges and endpoints.
- [useWebhookAppSession](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-app-session.md): Resolve webhook app portal session state and perform endpoint and delivery actions.
- [useWebhookDeliveries](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-deliveries.md): Query webhook delivery logs with cursor pagination and filters.
- [useWebhookEndpoints](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-endpoints.md): List webhook endpoints configured for the current webhook app.
- [useWebhookEvents](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-events.md): List available webhook event types for subscriptions.
- [useWebhookStats](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-stats.md): Fetch webhook delivery summary statistics.
- [useWebhookTimeseries](https://docs.wacht.dev/react-router-sdk/hooks/use-webhook-timeseries.md): Fetch interval-based webhook analytics data points.
- [useWorkspaceList](https://docs.wacht.dev/react-router-sdk/hooks/use-workspace-list.md): Manage workspaces including creating, updating, and deleting workspaces.
- [useWorkspaceMemberships](https://docs.wacht.dev/react-router-sdk/hooks/use-workspace-memberships.md): Get a list of workspace memberships for the current user.
- [Installation](https://docs.wacht.dev/react-router-sdk/installation.md): Install @wacht/react-router and configure environment.
- [React Router SDK](https://docs.wacht.dev/react-router-sdk/introduction.md): Use Wacht in React Router apps for auth UI and request-time auth checks.
- [Quick Start](https://docs.wacht.dev/react-router-sdk/quickstart.md): Minimal React Router integration with server-side auth checks.
- [Server Auth](https://docs.wacht.dev/react-router-sdk/server-auth.md): Reference for @wacht/react-router/server request authentication helpers.
- [JWT Validation](https://docs.wacht.dev/rust-sdk/auth/jwt-validation.md): Verify session tokens securely using the Wacht AuthLayer for Axum.
- [Token Claims](https://docs.wacht.dev/rust-sdk/auth/token-claims.md): Understand the structure of Wacht JWT session tokens and how to extract claims in Rust.
- [Configuration](https://docs.wacht.dev/rust-sdk/configuration.md): Set up the WachtClient using environment variables or programmatic configuration.
- [Environment Variables](https://docs.wacht.dev/rust-sdk/environment-variables.md): Reference guide for Wacht SDK environment variables.
- [Error Handling](https://docs.wacht.dev/rust-sdk/error-handling.md): Understand `wacht::Error`, classify failures, and build retry/auth-aware handling in Rust.
- [Axum Integration](https://docs.wacht.dev/rust-sdk/examples/axum-integration.md): Complete example of integrating Wacht SDK with an Axum web application
- [AI API](https://docs.wacht.dev/rust-sdk/guide/agents.md): Current backend AI control-plane and actor-project runtime administration in the Rust SDK
- [Analytics API](https://docs.wacht.dev/rust-sdk/guide/analytics.md): Working with analytics in the Rust SDK
- [API Keys](https://docs.wacht.dev/rust-sdk/guide/api-keys.md): Working with API keys and authentication in the Rust SDK
- [AI Execution Context API](https://docs.wacht.dev/rust-sdk/guide/execution-context.md): Removed API reference
- [AI Knowledge Bases API](https://docs.wacht.dev/rust-sdk/guide/knowledge-bases.md): Working with AI knowledge bases in the Rust SDK
- [Notifications API](https://docs.wacht.dev/rust-sdk/guide/notifications.md): Working with notifications in the Rust SDK
- [OAuth Apps](https://docs.wacht.dev/rust-sdk/guide/oauth-apps.md): Create and manage OAuth apps, clients, scopes, and grants in the Rust SDK
- [Organizations API](https://docs.wacht.dev/rust-sdk/guide/organizations.md): Working with organizations in the Rust SDK
- [Session Tickets](https://docs.wacht.dev/rust-sdk/guide/session-tickets.md): Create and exchange session tickets for impersonation and agent access
- [Settings API](https://docs.wacht.dev/rust-sdk/guide/settings.md): Working with deployment settings in the Rust SDK
- [AI Tools API](https://docs.wacht.dev/rust-sdk/guide/tools.md): Working with AI tools in the Rust SDK
- [Users API](https://docs.wacht.dev/rust-sdk/guide/users.md): Working with users in the Rust SDK
- [Webhooks API](https://docs.wacht.dev/rust-sdk/guide/webhooks.md): Working with webhooks in the Rust SDK
- [Workspaces API](https://docs.wacht.dev/rust-sdk/guide/workspaces.md): Working with workspaces in the Rust SDK
- [Installation](https://docs.wacht.dev/rust-sdk/installation.md): Install the Wacht Rust SDK and configure cargo features.
- [Introduction](https://docs.wacht.dev/rust-sdk/introduction.md): Build secure, scalable backend services with the Wacht Rust SDK.
- [AI Methods](https://docs.wacht.dev/rust-sdk/methods/ai.md): Method reference for client.ai() modules: agents, tools, knowledge bases, MCP servers, and actor runtime admin.
- [API Keys Methods](https://docs.wacht.dev/rust-sdk/methods/api-keys.md): Method reference for client.api_keys() apps, keys, rate-limit schemes, and audit endpoints.
- [OAuth Methods](https://docs.wacht.dev/rust-sdk/methods/oauth.md): Method reference for client.oauth() apps, scopes, clients, and grants.
- [Organizations Methods](https://docs.wacht.dev/rust-sdk/methods/organizations.md): Complete reference for client.organizations() and nested member/role APIs.
- [Method Reference](https://docs.wacht.dev/rust-sdk/methods/overview.md): Rust SDK method-by-method reference validated against wacht-rs API modules.
- [Platform Methods](https://docs.wacht.dev/rust-sdk/methods/platform.md): Method reference for health, analytics, notifications, invitations, waitlist, and segments.
- [Session Methods](https://docs.wacht.dev/rust-sdk/methods/session.md): Complete reference for client.session() ticket APIs.
- [Settings Methods](https://docs.wacht.dev/rust-sdk/methods/settings.md): Method reference for client.settings() deployment configuration and templates.
- [Users Methods](https://docs.wacht.dev/rust-sdk/methods/users.md): Complete reference for client.users() and nested identifier APIs.
- [Webhooks Methods](https://docs.wacht.dev/rust-sdk/methods/webhooks.md): Method reference for client.webhooks() apps, endpoints, deliveries, replay, and analytics.
- [Workspaces Methods](https://docs.wacht.dev/rust-sdk/methods/workspaces.md): Complete reference for client.workspaces() and nested member/role APIs.
- [AuthLayer Middleware](https://docs.wacht.dev/rust-sdk/middleware/auth-layer.md): Protect your Axum routes by requiring valid Wacht session tokens.
- [Request Extractors](https://docs.wacht.dev/rust-sdk/middleware/extractors.md): Access authenticated user context directly in your Axum route handlers.
- [Permission Layers](https://docs.wacht.dev/rust-sdk/middleware/permission-layer.md): Enforce fine-grained authorization policies at the router level in Axum.
- [Quick Start](https://docs.wacht.dev/rust-sdk/quickstart.md): Start protecting your backend and making API calls with Wacht.
- [API Types Reference](https://docs.wacht.dev/rust-sdk/types/overview.md): Complete reference for all types used in the Wacht Rust SDK API
- [<CreateOrganizationForm />](https://docs.wacht.dev/tanstack-router-sdk/components/create-organization-form.md): A dedicated UI for provisioning new organizational tenants within your deployment.
- [<CreateWorkspaceForm />](https://docs.wacht.dev/tanstack-router-sdk/components/create-workspace-form.md): A clean UI interface for creating Workspaces—isolated sub-environments nested within an Organization.
- [<DeploymentInitialized />](https://docs.wacht.dev/tanstack-router-sdk/components/deployment-initialized.md): A boundary component that delays rendering until the core SDK completes its initial boot sequence.
- [<DeploymentInitializing />](https://docs.wacht.dev/tanstack-router-sdk/components/deployment-initializing.md): A render boundary specifically designed to display elegant loading states while the SDK resolves identity.
- [<NavigateToSignIn />](https://docs.wacht.dev/tanstack-router-sdk/components/navigate-to-sign-in.md): A utility component that triggers an immediate client-side redirect to your designated Sign In route.
- [<NavigateToSignUp />](https://docs.wacht.dev/tanstack-router-sdk/components/navigate-to-sign-up.md): A utility component that triggers an immediate client-side redirect to your designated Sign Up route.
- [<OrganizationSwitcher />](https://docs.wacht.dev/tanstack-router-sdk/components/organization-switcher.md): An interactive dropdown enabling users to seamlessly switch between their active organizations.
- [<RequireActiveTenancy />](https://docs.wacht.dev/tanstack-router-sdk/components/require-active-tenancy.md): A structural guardrail component that prevents rendering unless a valid B2B tenancy is active.
- [<SignInForm />](https://docs.wacht.dev/tanstack-router-sdk/components/sign-in-form.md): A complete, drop-in authentication interface supporting passwords, passkeys, and social providers.
- [<SignUpForm />](https://docs.wacht.dev/tanstack-router-sdk/components/sign-up-form.md): A complete registration interface with built-in email and phone verification flows.
- [<SignedIn />](https://docs.wacht.dev/tanstack-router-sdk/components/signed-in.md): A declarative render boundary that exclusively mounts its children for authenticated users.
- [<SignedOut />](https://docs.wacht.dev/tanstack-router-sdk/components/signed-out.md): A declarative boundary that mounts its children only for anonymous, unauthenticated visitors.
- [<SSOCallback />](https://docs.wacht.dev/tanstack-router-sdk/components/sso-callback.md): A required utility component that securely processes OAuth and SAML redirects.
- [<UserButton />](https://docs.wacht.dev/tanstack-router-sdk/components/user-button.md): A beautiful avatar component for managing active sessions and user profiles.
- [<WaitlistForm />](https://docs.wacht.dev/tanstack-router-sdk/components/waitlist-form.md): A seamless email capture interface for Deployments operating in restricted Waitlist Mode.
- [useActiveOrganization()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-active-organization.md): Access the metadata and Role-Based Access Control (RBAC) permissions associated with the currently active tenant.
- [useActiveTenancy()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-active-tenancy.md): Reference for resolving the active organization and workspace memberships for the current session.
- [useActiveWorkspace()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-active-workspace.md): Access the `Workspace` construct natively exposing operational parameters explicitly tied to user state locally.
- [useActorMcpServers](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-actor-mcp-servers.md): Manage actor-scoped MCP connections in the frontend AI runtime.
- [useActorProjects](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-actor-projects.md): List and mutate actor-scoped projects from the frontend AI runtime.
- [useAgentSession](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-agent-session.md): Resolve the current frontend AI session, actor, and available agents.
- [useAgentThreadConversation](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-agent-thread-conversation.md): Read thread messages, stream execution state, and send new messages.
- [useApiAuthAppSession](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-api-auth-app-session.md): Resolve API auth app portal session state and exchange optional session tickets.
- [useApiAuthAuditAnalytics](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-api-auth-audit-analytics.md): Fetch aggregated API auth analytics for volume, outcomes, and top entities.
- [useApiAuthAuditLogs](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-api-auth-audit-logs.md): Query API auth audit log events with cursor-based pagination and filters.
- [useApiAuthAuditTimeseries](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-api-auth-audit-timeseries.md): Fetch time-bucketed API auth metrics for dashboards and trend charts.
- [useApiAuthKeys](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-api-auth-keys.md): List, create, rotate, and revoke API auth keys.
- [useClient](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-client.md): Access the configured HTTP client for making API requests.
- [useCreateWebhookEndpoint](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-create-webhook-endpoint.md): Create webhook endpoints with URL-encoded payloads.
- [useDeployment](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-deployment.md): Access deployment configuration and settings.
- [useForgotPassword](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-forgot-password.md): Handle password reset flows with OTP verification.
- [useInvitation](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-invitation.md): Handle organization and workspace invitation acceptance.
- [useMagicLinkVerification](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-magic-link-verification.md): Verify magic-link tokens and track verification status.
- [useNavigation()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-navigation.md): A universal hook to interface seamlessly with your chosen React routing engine.
- [useNotificationStream](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-notification-stream.md): Connect to the real-time notification stream via WebSocket.
- [useNotifications](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-notifications.md): Access and manage user notifications with support for pagination and bulk operations.
- [useOrganizationList()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-organization-list.md): Manage the collection of organizations bound to the authenticated user identity.
- [useOrganizationMemberships()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-organization-memberships.md): Retrieve the matrix of organization membership associations bound to the authenticated user context.
- [useProjectTaskBoardItem](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-project-task-board-item.md): Load one board item plus its events, assignments, and filesystem.
- [useProjectThreadFeed](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-project-thread-feed.md): Page through project threads in the frontend AI runtime.
- [useScopeUnread](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-scope-unread.md): Fetch unread notification counts for the selected notification scope.
- [useSession()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-session.md): Reference for the shared session hook exposed by the Wacht React SDK packages.
- [useSignIn()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-sign-in.md): Programmatic access to the authentication state machine for custom sign-in flows.
- [useSignUp()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-sign-up.md): Manage programmatic registration sequences and identity verification flows.
- [useSSOCallback](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-sso-callback.md): Handle OAuth and SSO callbacks from external identity providers.
- [useUser()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-user.md): Access the authenticated User context, metadata, and profile modification methods.
- [useUserSignins](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-user-signins.md): List and manage active user sign-in sessions.
- [useWaitlist](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-waitlist.md): Handle waitlist signup flows.
- [useWebhookAnalytics](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-analytics.md): Fetch aggregated webhook analytics for date ranges and endpoints.
- [useWebhookAppSession](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-app-session.md): Resolve webhook app portal session state and perform endpoint and delivery actions.
- [useWebhookDeliveries](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-deliveries.md): Query webhook delivery logs with cursor pagination and filters.
- [useWebhookEndpoints](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-endpoints.md): List webhook endpoints configured for the current webhook app.
- [useWebhookEvents](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-events.md): List available webhook event types for subscriptions.
- [useWebhookStats](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-stats.md): Fetch webhook delivery summary statistics.
- [useWebhookTimeseries](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-webhook-timeseries.md): Fetch interval-based webhook analytics data points.
- [useWorkspaceList()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-workspace-list.md): Manage workspace access configurations deeply accurately comprehensively globally precisely purely gracefully explicitly officially thoroughly accurately globally strictly exclusively effectively explicitly officially efficiently officially completely firmly actively formally natively strongly local…
- [useWorkspaceMemberships()](https://docs.wacht.dev/tanstack-router-sdk/hooks/use-workspace-memberships.md): Retrieve the matrix of workspace membership associations bound to the authenticated user context.
- [Installation](https://docs.wacht.dev/tanstack-router-sdk/installation.md): Install @wacht/tanstack-router and configure environment variables.
- [TanStack Router SDK](https://docs.wacht.dev/tanstack-router-sdk/introduction.md): Use Wacht in TanStack Router apps for auth UI and request auth checks.
- [Quick Start](https://docs.wacht.dev/tanstack-router-sdk/quickstart.md): Minimal TanStack Router integration with server-side auth checks.
- [Server Auth](https://docs.wacht.dev/tanstack-router-sdk/server-auth.md): Reference for @wacht/tanstack-router/server request authentication helpers.

## OpenAPI Specs

- [agents-openapi](https://docs.wacht.dev/api-specs/frontend-api/agents-openapi.yaml)
- [ai-openapi](https://docs.wacht.dev/api-specs/backend-api/ai-openapi.yaml)
- [miscellaneous-openapi](https://docs.wacht.dev/api-specs/backend-api/miscellaneous-openapi.yaml)
- [api-keys-openapi](https://docs.wacht.dev/api-specs/backend-api/api-keys-openapi.yaml)
- [users-openapi](https://docs.wacht.dev/api-specs/backend-api/users-openapi.yaml)
- [settings-openapi](https://docs.wacht.dev/api-specs/backend-api/settings-openapi.yaml)
- [workspaces-openapi](https://docs.wacht.dev/api-specs/frontend-api/workspaces-openapi.yaml)
- [webhook-openapi](https://docs.wacht.dev/api-specs/frontend-api/webhook-openapi.yaml)
- [waitlist-openapi](https://docs.wacht.dev/api-specs/frontend-api/waitlist-openapi.yaml)
- [user-openapi](https://docs.wacht.dev/api-specs/frontend-api/user-openapi.yaml)
- [sessions-openapi](https://docs.wacht.dev/api-specs/frontend-api/sessions-openapi.yaml)
- [scim-openapi](https://docs.wacht.dev/api-specs/frontend-api/scim-openapi.yaml)
- [organizations-openapi](https://docs.wacht.dev/api-specs/frontend-api/organizations-openapi.yaml)
- [oauth-consent-openapi](https://docs.wacht.dev/api-specs/frontend-api/oauth-consent-openapi.yaml)
- [notifications-openapi](https://docs.wacht.dev/api-specs/frontend-api/notifications-openapi.yaml)
- [frontend-api-openapi](https://docs.wacht.dev/api-specs/frontend-api/frontend-api-openapi.yaml)
- [deployment-openapi](https://docs.wacht.dev/api-specs/frontend-api/deployment-openapi.yaml)
- [api-auth-openapi](https://docs.wacht.dev/api-specs/frontend-api/api-auth-openapi.yaml)
- [webhooks-openapi](https://docs.wacht.dev/api-specs/backend-api/webhooks-openapi.yaml)
- [segments-openapi](https://docs.wacht.dev/api-specs/backend-api/segments-openapi.yaml)