torqee Developers

OAuth 2.1

Use authorization code with PKCE and Connect protected resource discovery.

OAuth clients use authorization code with PKCE. The authorization server is https://auth.torqee.app, and its OAuth endpoints include the BetterAuth base path:

EndpointURL
Authorizationhttps://auth.torqee.app/api/auth/oauth2/authorize
Tokenhttps://auth.torqee.app/api/auth/oauth2/token

Resource indicator

When requesting authorization, include the RFC 8707 resource parameter:

resource=https://connect.torqee.app

Connect validates the access token audience against that resource. Tokens issued for another audience are rejected.

Protected resource discovery

When a request has no valid Bearer credential, Connect returns a 401 response with a WWW-Authenticate header pointing at protected resource metadata:

WWW-Authenticate: Bearer resource_metadata="https://connect.torqee.app/.well-known/oauth-protected-resource"

Fetch the metadata endpoint to discover the resource, authorization server, and supported scopes:

{
  "resource": "https://connect.torqee.app",
  "authorization_servers": ["https://auth.torqee.app/api/auth"],
  "scopes_supported": [
    "torqee:sessions:read",
    "torqee:transcripts:read",
    "torqee:boards:read"
  ]
}

Scopes

Request only the scopes your integration needs:

ScopeAllows
torqee:sessions:readList sessions and read session metadata.
torqee:transcripts:readSearch transcripts and read transcript segments.
torqee:boards:readList and read AI board contents.

If a token is valid but does not include the required scope, Connect returns 403 { "error": "insufficient_scope" }.

On this page