API & integrations
PartnerOS is API-first, and the API documents itself. Every endpoint is generated from its runtime schema, so the OpenAPI spec never drifts. Mint scoped machine keys, push events over the ingest rail, and receive HMAC-signed webhooks — everything an external system or an AI agent needs to integrate.
curl -X POST https://api.partneros.com/api/events/ingest \
-H "authorization: Bearer pos_live_…" \
-H "content-type: application/json" \
-d '{
"customerEmail": "buyer@acme.example",
"type": "feature_used",
"payload": { "feature": "export" }
}'
# → 200 event recorded → metrics + dashboards updateIntegrations rot because the docs lie
Hand-written API docs drift from the code the day after they ship. Integrators guess at auth, request shapes, and error formats — and every upgrade breaks something silently. Machine access is an afterthought.
The flow, end to end
Authenticate
Log in for a user JWT, or mint a scoped machine key as an operator.
Read the spec
Fetch /openapi.json or browse the interactive docs — every route tagged and secured.
Integrate
Generate a typed client, or have an agent call endpoints directly from the spec.
Subscribe
Register a webhook to receive signed, retried deliveries as events happen.
What's in the box
Generated OpenAPI
The spec is generated from the same schemas the routes validate against — it can't drift.
Interactive docs
A rendered reference and classic Swagger UI, both over the live spec, plus a raw /openapi.json.
Scoped machine keys
Mint API keys with exactly the scopes they need; the plaintext key is shown once.
Event ingest rail
Push customer events with a scoped key, resolving the customer by id or email.
Signed webhooks
Subscribe to events and receive HMAC-signed outbound deliveries with retries.
Agent-ready
Point an LLM agent at the spec and it can call any endpoint — auth scheme included per route.
One schema validates the request and describes the endpoint
Each route binds a schema that both validates traffic and generates its slice of the OpenAPI document. A single hook tags and secures every endpoint automatically, so the published spec always matches the running server.
- ✓200+ documented paths, every one tagged and secured
- ✓Two auth schemes: user JWT and machine key, inferred per route
- ✓Interactive reference + Swagger UI + machine-readable JSON
curl -X POST https://api.partneros.com/api/events/ingest \
-H "authorization: Bearer pos_live_…" \
-H "content-type: application/json" \
-d '{
"customerEmail": "buyer@acme.example",
"type": "feature_used",
"payload": { "feature": "export" }
}'
# → 200 event recorded → metrics + dashboards updateKeys, ingest, and webhooks built for systems and agents
Mint a machine key scoped to exactly what an integration needs — the plaintext is shown once and never again. Push customer events over the ingest rail, subscribe to HMAC-signed outbound webhooks with retries, or point an LLM agent straight at the spec and let it call endpoints on its own.
- ✓Scoped machine keys, shown in plaintext exactly once
- ✓Event-ingest rail plus HMAC-signed, retried webhooks
- ✓Agent-ready: the spec names each route's auth scheme
curl -X POST https://api.partneros.com/api/events/ingest \
-H "authorization: Bearer pos_live_…" \
-H "content-type: application/json" \
-d '{
"customerEmail": "buyer@acme.example",
"type": "feature_used",
"payload": { "feature": "export" }
}'
# → 200 event recorded → metrics + dashboards updatePlaybooks automation
An event-driven, node-graph engine that turns any signal into the right action, automatically.
Learn moreCustom metrics & dashboards
Ingest any event, define your own metrics, and build a dashboard for every partner level.
Learn moreSecurity & multi-tenancy
Role-based access, strict tenant isolation, and encrypted BYO credentials — by construction.
Learn moreReady to run your partner program in one place?
Book a walkthrough and see recruitment, PRM, automation, payouts, CX, and dashboards working together — on one platform.