A valid request URL is required to generate request examples{
"id": "<string>",
"expires_at": "2023-11-07T05:31:56Z",
"created_at": "2023-11-07T05:31:56Z",
"required_header_keys": [
"<string>"
],
"has_active_credential": true,
"mcp_client": {
"client_id": "<string>",
"name": "<string>"
},
"user_id": "<string>",
"user": {
"id": "<string>",
"name": "<string>"
},
"virtual_key": {
"id": "<string>",
"name": "<string>"
},
"session_id": "<string>",
"admin_header_keys": [
"<string>"
],
"submitted_keys": [
"<string>"
]
}Get per-user-headers submission flow
Returns the pending submission flow row plus the live MCP client’s schema
(required header names + optional admin header names). Used by the
/workspace/mcp-sessions/auth?flow=<id>&kind=headers landing page to
render the values form.
Requires management API authentication via Authorization: Bearer <API key>.
A valid request URL is required to generate request examples{
"id": "<string>",
"expires_at": "2023-11-07T05:31:56Z",
"created_at": "2023-11-07T05:31:56Z",
"required_header_keys": [
"<string>"
],
"has_active_credential": true,
"mcp_client": {
"client_id": "<string>",
"name": "<string>"
},
"user_id": "<string>",
"user": {
"id": "<string>",
"name": "<string>"
},
"virtual_key": {
"id": "<string>",
"name": "<string>"
},
"session_id": "<string>",
"admin_header_keys": [
"<string>"
],
"submitted_keys": [
"<string>"
]
}Authorizations
Management API authentication for /api/* endpoints. Use the Authorization header with Bearer <API key>.
Virtual keys, dashboard/user/session tokens, and x-api-key headers are not supported on management APIs.
Path Parameters
Flow row ID
Response
Flow detail
Response for GET /api/mcp/per-user-headers/flows/{id}. Carries the schema the end-user needs to fill in plus identity binding info for display.
user, vk, session pending, completed, expired Header names the end-user must supply on this submission
True when a credential already exists for the flow's (mode, identity, mcp_client) triple. The submission UI uses this to render an "edit" affordance instead of a fresh form.
Minimal MCP client view embedded in session rows.
Show child attributes
Show child attributes
Minimal user view embedded on user-keyed session rows.
Show child attributes
Show child attributes
Minimal virtual-key view embedded in session rows.
Show child attributes
Show child attributes
Names (not values) of static admin headers attached to every per-user request. Surfaced so the user understands what context will accompany their values.
Names of header keys already on the caller's existing credential.
Populated whenever a credential exists for the binding (both active
and needs_update states — orphaned credentials are filtered
server-side). Values are never returned. has_active_credential only
flips to true when the credential is in active state.
Was this page helpful?