Authentication

Universal API authentication has two layers: your MindCloud API Key and the app connection you choose for the action.

The MindCloud API Key authenticates your code to MindCloud. The connectionId tells MindCloud which connected app account to use. MindCloud then handles the provider credentials behind that connection, including token refresh when the app supports it.

Piece	What it does
MindCloud API Key	Authenticates the request to MindCloud and scopes it to your account or organization.
`connectionId`	Selects the connected external app account that should run the action.
Provider credentials	Stored and managed by MindCloud. You do not send provider access tokens with Universal API requests.

Every action call needs a connectionId. The connection must belong to the account authenticated by your MindCloud API Key, and it must be configured for the app you are calling.

You can find the connection ID in MindCloud. You can also sign in from these docs, choose a connection in the action panel, and copy the generated cURL with that connectionId already filled in.

Read Connections for how connections are created, managed, and used across MindCloud and Cirra.

Authorization header

Send your MindCloud API Key as a Bearer token:

curl --request GET \
  --url "https://embedded.mindcloud.co/v1/universal/slack/latest/actions/list-users" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --get \
  --data-urlencode "connectionId=$CONNECTION_ID"

Keep your MindCloud API Key on your server. Do not put it in browser code, mobile apps, public repositories, or logs.

Connection placement

For GET and DELETE actions, pass connectionId in the query string.

curl --request GET \
  --url "https://embedded.mindcloud.co/v1/universal/slack/latest/actions/list-users" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --get \
  --data-urlencode "connectionId=$CONNECTION_ID"

For POST, PUT, and PATCH actions, pass connectionId in the JSON body.

curl --request POST \
  --url "https://embedded.mindcloud.co/v1/universal/slack/latest/actions/send-message" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --header "Content-Type: application/json" \
  --data '{
    "connectionId": "$CONNECTION_ID",
    "channel": "C123456",
    "text": "Hello from MindCloud"
  }'

The same body shape also works for update actions:

{
  "connectionId": "$CONNECTION_ID",
  "email": "[email protected]",
  "firstName": "Ava"
}

HTTP methods

Use the HTTP method that matches the action you are running.

Operation	HTTP method
Read data	`GET`
Create something	`POST`
Update something	`PUT` or `PATCH`
Delete something	`DELETE`

If the method does not match the action's operation, the request fails instead of guessing. You can find the proper HTTP method in the documentation for that action.

Piece

What it does

MindCloud API Key

Authenticates the request to MindCloud and scopes it to your account or organization.

connectionId

Selects the connected external app account that should run the action.

Provider credentials

Stored and managed by MindCloud. You do not send provider access tokens with Universal API requests.

Authorization header

Send your MindCloud API Key as a Bearer token:

curl --request GET \
  --url "https://embedded.mindcloud.co/v1/universal/slack/latest/actions/list-users" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --get \
  --data-urlencode "connectionId=$CONNECTION_ID"

Keep your MindCloud API Key on your server. Do not put it in browser code, mobile apps, public repositories, or logs.

Connection placement

For GET and DELETE actions, pass connectionId in the query string.

curl --request GET \
  --url "https://embedded.mindcloud.co/v1/universal/slack/latest/actions/list-users" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --get \
  --data-urlencode "connectionId=$CONNECTION_ID"

For POST, PUT, and PATCH actions, pass connectionId in the JSON body.

curl --request POST \
  --url "https://embedded.mindcloud.co/v1/universal/slack/latest/actions/send-message" \
  --header "Authorization: Bearer $MINDCLOUD_API_KEY" \
  --header "Content-Type: application/json" \
  --data '{
    "connectionId": "$CONNECTION_ID",
    "channel": "C123456",
    "text": "Hello from MindCloud"
  }'

The same body shape also works for update actions:

{
  "connectionId": "$CONNECTION_ID",
  "email": "[email protected]",
  "firstName": "Ava"
}

HTTP methods

Use the HTTP method that matches the action you are running.

Operation

HTTP method

Read data

GET

Create something

POST

Update something

PUT or PATCH

Delete something

DELETE

If the method does not match the action's operation, the request fails instead of guessing. You can find the proper HTTP method in the documentation for that action.