Authentication

One Mirai identity model. Two integration modes.

Public docs are open. Developer assets are created only after a user logs into Mirai, selects an organization, and opens the Developer Console. Apps, service accounts, keys, and webhooks belong to the organization, not to the employee who created them. API callers must never send organization_id; Mirai derives tenant identity server-side.

Apps and app grants

Use for org-owned Atlas apps and bearer grants that map to one Mirai organization. These are the right fit when you want a named app principal with explicit scopes and webhook ownership.

Service accounts

Use for backend jobs, external agent runtimes, and machine-to-machine automation. Keys are revocable, scoped, auditable, and org-owned.

Developer Console flow

  1. Login with an existing Mirai user account.
  2. Select the active workspace.
  3. Open the owner-only Developer Console.
  4. Create an OAuth app or service account.
  5. Grant only the Atlas scopes the integration needs.