API & integrations

PartnerOS is API-first, and the API documents itself. Every endpoint is generated from its runtime schema, so the OpenAPI spec never drifts. Mint scoped machine keys, push events over the ingest rail, and receive HMAC-signed webhooks — everything an external system or an AI agent needs to integrate.

api.partneros.com/docs
Integrations /API reference
N
ReferenceWebhooksKeys
POST/api/auth/login
jwt
POST/api/apikeys
jwt
POST/api/events/ingest
key
GET/api/metrics/:id/compute
jwt
POST/api/webhooks
jwt
GET/openapi.json
public
POST/api/events/ingestmachine key
curl -X POST https://api.partneros.com/api/events/ingest \
  -H "authorization: Bearer pos_live_…" \
  -H "content-type: application/json" \
  -d '{
    "customerEmail": "buyer@acme.example",
    "type": "feature_used",
    "payload": { "feature": "export" }
  }'

# → 200  event recorded → metrics + dashboards update
The problem

Integrations rot because the docs lie

Hand-written API docs drift from the code the day after they ship. Integrators guess at auth, request shapes, and error formats — and every upgrade breaks something silently. Machine access is an afterthought.

How it works

The flow, end to end

01

Authenticate

Log in for a user JWT, or mint a scoped machine key as an operator.

02

Read the spec

Fetch /openapi.json or browse the interactive docs — every route tagged and secured.

03

Integrate

Generate a typed client, or have an agent call endpoints directly from the spec.

04

Subscribe

Register a webhook to receive signed, retried deliveries as events happen.

Capabilities

What's in the box

Generated OpenAPI

The spec is generated from the same schemas the routes validate against — it can't drift.

Interactive docs

A rendered reference and classic Swagger UI, both over the live spec, plus a raw /openapi.json.

Scoped machine keys

Mint API keys with exactly the scopes they need; the plaintext key is shown once.

Event ingest rail

Push customer events with a scoped key, resolving the customer by id or email.

Signed webhooks

Subscribe to events and receive HMAC-signed outbound deliveries with retries.

Agent-ready

Point an LLM agent at the spec and it can call any endpoint — auth scheme included per route.

Docs that can't drift

One schema validates the request and describes the endpoint

Each route binds a schema that both validates traffic and generates its slice of the OpenAPI document. A single hook tags and secures every endpoint automatically, so the published spec always matches the running server.

  • 200+ documented paths, every one tagged and secured
  • Two auth schemes: user JWT and machine key, inferred per route
  • Interactive reference + Swagger UI + machine-readable JSON
api.partneros.com/docs
Integrations /API reference
N
ReferenceWebhooksKeys
POST/api/auth/login
jwt
POST/api/apikeys
jwt
POST/api/events/ingest
key
GET/api/metrics/:id/compute
jwt
POST/api/webhooks
jwt
GET/openapi.json
public
POST/api/events/ingestmachine key
curl -X POST https://api.partneros.com/api/events/ingest \
  -H "authorization: Bearer pos_live_…" \
  -H "content-type: application/json" \
  -d '{
    "customerEmail": "buyer@acme.example",
    "type": "feature_used",
    "payload": { "feature": "export" }
  }'

# → 200  event recorded → metrics + dashboards update
Machine access, first-class

Keys, ingest, and webhooks built for systems and agents

Mint a machine key scoped to exactly what an integration needs — the plaintext is shown once and never again. Push customer events over the ingest rail, subscribe to HMAC-signed outbound webhooks with retries, or point an LLM agent straight at the spec and let it call endpoints on its own.

  • Scoped machine keys, shown in plaintext exactly once
  • Event-ingest rail plus HMAC-signed, retried webhooks
  • Agent-ready: the spec names each route's auth scheme
api.partneros.com/docs
Integrations /API reference
N
ReferenceWebhooksKeys
POST/api/auth/login
jwt
POST/api/apikeys
jwt
POST/api/events/ingest
key
GET/api/metrics/:id/compute
jwt
POST/api/webhooks
jwt
GET/openapi.json
public
POST/api/events/ingestmachine key
curl -X POST https://api.partneros.com/api/events/ingest \
  -H "authorization: Bearer pos_live_…" \
  -H "content-type: application/json" \
  -d '{
    "customerEmail": "buyer@acme.example",
    "type": "feature_used",
    "payload": { "feature": "export" }
  }'

# → 200  event recorded → metrics + dashboards update
200+
documented API paths
1
spec, generated — never hand-written
2
auth schemes: user JWT and machine key
3
ways in: reference, Swagger UI, raw JSON

Ready to run your partner program in one place?

Book a walkthrough and see recruitment, PRM, automation, payouts, CX, and dashboards working together — on one platform.