Go-Orca Developer & Agent Resources

API Reference

• OpenAPI 3.1 Specificationapplication/vnd.oai.openapi+json

  Full machine-readable API spec. Covers agent auth registration, leads API (GET/PATCH), and quote submission (POST). Includes request/response schemas, error model, rate-limit headers, and Bearer auth.

  /openapi.json

• API Catalogapplication/linkset+json

  RFC 9727-compliant catalog linking all service descriptions, including the OpenAPI spec. Suitable for automated API discovery tooling.

  /.well-known/api-catalog

Agent Auth

• Auth Guide (auth.md)text/markdown

  Human- and agent-readable registration guide. Covers the full flow: discover → register → claim → use → revoke. Supports anonymous, id-jag, and email identity_assertion flows. Rate limits, error codes, and revocation events documented.

  /auth.md

• OAuth Authorization Server Metadataapplication/json

  RFC 8414 metadata document with agent_auth extension block. Declares register_uri, claim_uri, revocation_uri, identity_types_supported, and events_supported.

  /.well-known/oauth-authorization-server

• OAuth Protected Resource Metadataapplication/json

  RFC 9728 metadata for the protected resource server. Returned via WWW-Authenticate on 401 responses from all secured API routes.

  /.well-known/oauth-protected-resource

Agent Discovery

• llms.txttext/plain

  Standard llms.txt file listing services, free tools, documentation links, and legal pages. Optimized for LLM context injection.

  /llms.txt

• llms-full.txttext/plain

  Full content dump including homepage prose, about page, contact, auth overview, tool descriptions, and API quick reference. For agents that want complete site context in one file.

  /llms-full.txt

• Agent Skills Indexapplication/json

  agentskills.io discovery index (schema v0.2.0). Lists available agent skills: CRM ROI Calculator, Leads API, and Quote Request.

  /.well-known/agent-skills/index.json

• A2A Agent Cardapplication/json

  Agent-to-Agent protocol card declaring the platform's capabilities, skills, and endpoint metadata for A2A-compatible orchestration.

  /.well-known/agent-card.json

• MCP Server Cardapplication/json

  Model Context Protocol server card. Describes the MCP endpoint name, version, and capabilities for MCP-compatible AI clients.

  /.well-known/mcp/server-card.json

• Smithery Registry ListingMCP registry

  Official Go-Orca MCP server listing on Smithery. Direct endpoint: https://go-orca.tech/api/mcp — Smithery-proxied endpoint: https://mcp.smithery.run/go-orca

  https://smithery.ai/server/@go-orca/api-mcp

• GitHub Repositorypublic repo

  Source code for go-orca.tech. Contains agent configs (.claude/CLAUDE.md), SKILL.md, and all agent discovery files. AI coding agents (Claude, Cursor, Windsurf) use the .claude/ directory for repo-specific instructions.

  https://github.com/deboasse/go-orca-website

• Schema Mapapplication/xml

  NLWeb schema type map (schemamap.xml). Linked from robots.txt via the Schemamap: directive for schema-aware crawlers.

  /schemamap.xml

Quick Start

• Get a Quote (no auth required)POST · application/json

  Submit a project inquiry. Body: { name, email, company?, message }. Returns 201 with a lead ID. No API key needed.

  /api/quote

• Register an Agent CredentialPOST · application/json

  Obtain a Bearer token. Anonymous: { identity_type: 'anonymous' }. Returns { credential, type: 'api_key', expires_in }. Then use Authorization: Bearer <credential> on protected routes.

  /api/agent/auth

• List Leads (requires Bearer token)GET · Bearer

  Returns paginated leads from the CRM. Query params: status (new|contacted|qualified|converted|closed), limit (max 200). 401 includes WWW-Authenticate: Bearer resource_metadata=... for auto-discovery.

  /api/leads

Rate Limits

All rate-limited responses return HTTP 429 with a Retry-After header. Credential-based limits are tracked server-side and reset on a rolling 60-second window.

Support

Questions about the API, auth flows, or agent integration? hello@go-orca.tech or open the contact form.