Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.nico-jobagent.com/llms.txt

Use this file to discover all available pages before exploring further.

OAuth 2.1

Nico implements an OAuth 2.1 authorization server for third-party applications and MCP server connections.

Overview

OAuth 2.1 allows external applications to access your Nico account with your permission, without sharing your password. This is how AI assistants connect to the MCP server.

Discovery

Nico publishes an OAuth metadata document following RFC 8414: 
GET /.well-known/oauth-authorization-server
This returns all endpoints, supported grant types, and available scopes.

Authorization flow

Nico uses the authorization code grant type:

Endpoints

EndpointMethodDescription
/oauth/authorizePOSTAuthorization endpoint — redirect users here
/oauth/tokenPOSTToken endpoint — exchange code for access token
/.well-known/oauth-authorization-serverGETOAuth metadata discovery

Scopes

ScopeDescription
mcpAccess the MCP server tools
The MCP server requires the mcp scope. Without it, MCP tool calls will be rejected.

Managing grants

You can view and revoke OAuth grants in your account:
  • View active grants: See which applications have access to your account
  • Revoke a grant: Remove an application’s access immediately

API endpoints for grant management

EndpointMethodDescription
/api/oauth_grantsGETList your active OAuth grants
/api/oauth_grants/:idDELETERevoke a specific grant

For MCP connections

If you’re connecting an AI assistant via MCP, the assistant handles the OAuth flow for you. You’ll see a consent screen asking you to approve access — click Authorize to connect. The resulting token is stored by the MCP client (e.g., Claude Desktop) and used automatically for future requests.