WebMCP API Documentation

Autheo exposes structured data endpoints for AI agents, language models, and developer tools via WebMCP, a public, unauthenticated HTTP API.

Base URL: https://www.autheo.com/api/webmcp

Schema: https://www.autheo.com/api/webmcp/schema

Rate Limit: 60 requests per minute per IP

Endpoints

GET/api/webmcp/getFAQs

Returns structured FAQ entries, optionally filtered by persona.

Parameters

personastringFilter by audience persona key: "developer", "investor" (legacy DB key for token-holder FAQs), "general", "enterprise", "node-buyer", "partner"

limitintegerMax results (1-100, default 20)

Example

curl "https://www.autheo.com/api/webmcp/getFAQs?persona=developer&limit=5"

GET/api/webmcp/getTokenomics

Returns THEO tokenomics data, optionally filtered by use case.

Parameters

useCasestring"ai-inference", "staking", "governance", "compute", "storage", "fees", "identity"

Example

curl "https://www.autheo.com/api/webmcp/getTokenomics?useCase=staking"

GET/api/webmcp/searchDocs

Searches Autheo content by keyword. Lexical (BM25-style) search v1.

Parameters

qstringrequiredSearch query

limitintegerMax results (1-10, default 5)

Example

curl "https://www.autheo.com/api/webmcp/searchDocs?q=post-quantum&limit=3"

GET/api/webmcp/getNodeSaleStatus

Returns current node sale status including tiers, emissions, and purchase links.

Example

curl "https://www.autheo.com/api/webmcp/getNodeSaleStatus"

GET/api/webmcp/node-info

Returns validator tier data (Core, Prime, Sovereign) with THEO emission schedules.

Example

curl "https://www.autheo.com/api/webmcp/node-info"

GET/api/webmcp/infrastructure-overview

Returns the full Autheo technology stack: AEE runtime, languages, consensus, partners, token utilities.

Example

curl "https://www.autheo.com/api/webmcp/infrastructure-overview"

GET/api/webmcp/case-studies

Returns use case examples by industry vertical.

Parameters

industrystring"defi", "ai-infrastructure", "gaming", "enterprise", "depin", "developer-tooling"

Example

curl "https://www.autheo.com/api/webmcp/case-studies?industry=defi"

Agentic Commerce (In Development)

Autheo is developing a neutral foundation for agentic commerce. The endpoints below expose the seven layer vocabulary, the five strategic gaps, the Know Your Agent reference framework, the Protocol Router reference architecture, the Merchant Agent Readiness Kit, and the Agent Payment Rails reference. All components are in development.

GET/api/webmcp/getAgenticCommerceStack

Returns the seven layer agentic commerce stack and the five strategic gaps with canonical URL and grant opportunities.

Example

curl "https://www.autheo.com/api/webmcp/getAgenticCommerceStack"

GET/api/webmcp/getTheoIDKYA

Returns the TheoID anchored Know Your Agent reference framework: agent, controller, merchant, and mandate credential roles.

Example

curl "https://www.autheo.com/api/webmcp/getTheoIDKYA"

GET/api/webmcp/getProtocolRouterOverview

Returns the Protocol Router reference architecture across MCP, A2A, ACP, UCP, AP2, x402, card networks, and chain settlement.

Example

curl "https://www.autheo.com/api/webmcp/getProtocolRouterOverview"

GET/api/webmcp/getMerchantReadinessKit

Returns the Merchant Agent Readiness Kit with manifest fields and a readiness checklist for becoming agent discoverable.

Example

curl "https://www.autheo.com/api/webmcp/getMerchantReadinessKit"

GET/api/webmcp/getAgentPaymentRails

Returns the Agent Payment Rails reference across stablecoin, card network, x402, and chain settlement routes with KYA mandate binding.

Example

curl "https://www.autheo.com/api/webmcp/getAgentPaymentRails"

GET/api/webmcp/getAgentReputationManagement

Returns the Agent Reputation Management reference subsystem: reputation and risk scoring for agents, merchants, controllers, and missions with potential inputs, potential outputs, supported gaps, layer mapping, and guardrails.

Example

curl "https://www.autheo.com/api/webmcp/getAgentReputationManagement"

GET/api/webmcp/getAgentMissionComplianceReporting

Returns the Agent Mission Compliance Reporting reference subsystem: one click report reconstructing an autonomous agent mission across identity, authorization, mandate, route, merchant, policy, settlement, timestamps, signatures, and proof artifacts.

Example

curl "https://www.autheo.com/api/webmcp/getAgentMissionComplianceReporting"

Response Shape

All successful responses follow a standard contract:

{
  "data": { ... },
  "meta": {
    "lastUpdated": "2026-04-13T00:00:00Z",
    "source": "Autheo CMS",
    "citationUrl": "https://www.autheo.com/relevant-page",
    "schemaVersion": "1.0"
  }
}

Error Codes

Status	Error Code	Description
400	invalid_parameter / missing_parameter	Missing or invalid query parameter
404	not_found	Resource or endpoint not found
429	rate_limited	Rate limit exceeded (60 req/min/IP)
500	internal_error	Server error. Try again later.

Error response shape:

{
  "error": "error_code",
  "message": "Human-readable description",
  "docs": "https://www.autheo.com/docs/webmcp#errors"
}

Error Responses

All WebMCP endpoints return standard error shapes:

400 Bad Request

{
  "error": "Invalid query parameter",
  "message": "The 'industry' parameter must be one of: defi, ai-infrastructure, gaming, enterprise, depin, developer-tooling"
}

429 Too Many Requests

{
  "error": "Rate limit exceeded",
  "message": "Maximum 60 requests per minute. Retry after the period indicated in the Retry-After header."
}

Headers: Retry-After: 60, X-RateLimit-Limit: 60, X-RateLimit-Remaining: 0

500 Internal Server Error

{
  "error": "Internal server error",
  "message": "An unexpected error occurred. If this persists, contact support."
}

Rate Limits

All WebMCP endpoints enforce a default rate limit of 60 requests per minute per IP. Rate limit headers are included on every response:

Header	Description
X-RateLimit-Limit	Maximum requests per window (60)
X-RateLimit-Remaining	Requests remaining in current window
X-RateLimit-Reset	Unix timestamp when the window resets
Retry-After	Seconds to wait (only on 429 responses)

MCP (Model Context Protocol)

Autheo also exposes the same capabilities via a hosted MCP server using the official TypeScript MCP SDK. MCP clients (like Claude Desktop, Cursor, VS Code) can connect directly.

Endpoint: https://www.autheo.com/mcp

Add this to your MCP client configuration:

{
  "mcpServers": {
    "autheo": {
      "url": "https://www.autheo.com/mcp"
    }
  }
}

Available tools: getFAQs, getTokenomics, searchDocs, getNodeSaleStatus, getAgenticCommerceStack, getTheoIDKYA, getProtocolRouterOverview, getMerchantReadinessKit, getAgentPaymentRails, getAgentReputationManagement, getAgentMissionComplianceReporting

Available resources: llms.txt, llms-full.txt

MCP Headers

After initialization, include the MCP-Protocol-Version header on all requests. Accepted versions: 2025-11-25, 2025-03-26, 2024-11-05. Invalid versions receive a 400 Bad Request.

Origin validation: The MCP endpoint validates the Origin header to prevent DNS rebinding attacks. If present and not from an allowed domain, the server returns 403 Forbidden. Server-to-server clients (no Origin) are allowed.

Feeds

Autheo publishes blog content via machine-readable feeds:

JSON Feed 1.1: https://www.autheo.com/feed.json

Atom 1.0: https://www.autheo.com/feed.atom

RSS 2.0: https://www.autheo.com/blog/rss.xml