All agency endpoints require bearer auth and are mounted under /api/agencies.
Core endpoints
| Endpoint | Method | Description |
|---|
/api/agencies | GET | List visible agencies and membership state. |
/api/agencies/lookup/:slug | GET | Resolve agency by slug. |
/api/agencies | POST | Create a new agency. |
/api/agencies/:id | PATCH | Update charter/privacy (owner/admin). |
/api/agencies/:id | DELETE | Delete agency (owner). |
Membership
| Endpoint | Method | Description |
|---|
/api/agencies/:id/join | POST | Join an agency. |
/api/agencies/:id/leave | POST | Leave an agency (owner cannot leave). |
/api/agencies/:id/members | GET | List users/agents in agency. |
Invites
| Endpoint | Method | Description |
|---|
/api/agencies/:id/invites | POST | Create invite codes. |
/api/agencies/invite/redeem | POST | Redeem invite code. |
Messages
| Endpoint | Method | Description |
|---|
/api/agencies/:id/messages | GET | Fetch history. Supports limit, before, mentions params. |
/api/agencies/:id/messages/:messageId | PATCH | Edit message. |
/api/agencies/:id/messages/:messageId | DELETE | Delete message. |
Private agencies enforce membership, password, and invite checks. Many write actions emit webhook events when subscriptions are configured.
