API Overview

Nenjo exposes two programmatic interfaces:

• REST API at /api/v1/ -- a conventional JSON REST API for managing all platform resources.
• MCP endpoint at POST /mcp -- a Model Context Protocol server that exposes platform tools over JSON-RPC 2.0.

Both interfaces share the same backend and database. The REST API is primarily used by the frontend and external integrations, while the MCP endpoint is designed for AI agents and MCP-compatible clients.

Base URLs

The version endpoint is public and returns:

{
  "version": "0.1.0",
  "api": "v1"
}

Authentication

Nenjo supports two authentication methods depending on the context:

Clerk JWT (Frontend / Browser)

All REST API routes under /api/v1/ (except /auth/verify and /webhooks) require a valid Clerk session token. The token is passed in the Authorization header:

Authorization: Bearer <clerk-session-token>

The backend validates the JWT against Clerk's JWKS endpoint and extracts the user identity. This is the method used by the Nenjo frontend.

API Key (Programmatic / MCP)

The MCP endpoint and programmatic integrations authenticate via API keys. Keys can be passed in two ways:

Authorization: Bearer nen_<key>

or:

X-API-Key: nen_<key>

API keys are scoped -- they can be restricted to specific resource groups and operations. An API key with no scopes has full access. See API Keys for details on creating and managing keys, and Scopes for the complete scope reference.

Error Responses

REST API errors return standard HTTP status codes with a JSON body:

{
  "error": "Description of what went wrong"
}

MCP errors follow the JSON-RPC 2.0 error format:

{
  "jsonrpc": "2.0",
  "id": 1,
  "error": {
    "code": -32601,
    "message": "Method not found: unknown_method"
  }
}

Common JSON-RPC error codes used by the MCP server:

Next Steps

• API Keys -- Create and manage API keys
• Scopes -- Understand the scope system
• MCP Server -- Use the MCP interface
• REST Endpoints -- Complete REST API reference