Endpoints
| Endpoint | Protocol | Description |
|---|---|---|
https://mcp.undisk.app/v1/mcp | Streamable HTTP | Primary MCP endpoint |
https://mcp.undisk.app/mcp | Streamable HTTP | Alias |
wss://mcp.undisk.app/ws | WebSocket | Fastest (4ms reads) |
wss://mcp.undisk.app/v1/ws | WebSocket | Alias |
GET https://mcp.undisk.app/health | HTTP | Health check |
OAuth Scopes
OAuth 2.1 scopes restrict what each access token can do. Request specific scopes when issuing tokens viaPOST /api/oauth/token. Legacy API keys (sk_live_*) bypass scope enforcement and have full access.
| Scope | Grants Access To |
|---|---|
files:read | read_file, list_files, search_files |
files:write | write_file, create_file, append_log, delete_file, move_file, upload_session |
versions:read | list_versions, get_diff |
versions:write | restore_version |
policy:read | policy (action: read) |
policy:write | policy (action: validate, write) |
secrets:read | vault_secret (get, list) |
secrets:write | vault_secret (put, rotate, delete) |
shares:write | share_with_public (create, revoke, list) |
audit:read | audit_trail (list, export, verify) |