API Reference
ARCP exposes three groups of endpoints: Registry (discovery + publisher metadata), Router (query routing + receipts), and Publisher (content delivery).
Authentication
Authenticated endpoints require a Bearer API key:
Authorization: Bearer arcp_your_key_here
Content-Type: application/json
User-Agent: your-app/1.0Registry Endpoints
Base URL: https://registry.arcp-protocol.com
/.well-known/arcp-rootNo authRoot discovery metadata for the ARCP protocol.
/v1/publishersNo authList all active publishers. Returns publisher ID, display name, query URL, and verification status.
/v1/publishers/:publisherIdNo authGet metadata for a single publisher.
/v1/revocationsNo authList revoked publisher keys and suspended publishers.
/v1/jwksNo authRegistry public keys in JWKS format.
Router Endpoints
Base URL: https://router.arcp-protocol.com
/v1/router/queryBearer API keyQuery across selected publishers in parallel. Returns structured content envelopes, claims, render tokens, and receipts.
| Field | Type | Required | Description |
|---|---|---|---|
query | string | Yes | The search query (max 1000 chars) |
publishers | string[] | Yes | Publisher IDs to query (max 10) |
client_id | string | Yes | Your client ID |
user_id | string | No | End-user identifier for receipts |
profile | string | No | Content profile (default: "MVP") |
/v1/router/render/openedBearer API keyTrack a render link open. Issues a signed render-open receipt for the publisher.
| Field | Type | Required | Description |
|---|---|---|---|
publisher_id | string | Yes | Publisher whose content was opened |
content_id | string | Yes | The content item that was viewed |
render_url | string | No | The render URL that was clicked |
user_id | string | No | End-user identifier |
/v1/router/receipts/exportBearer API keyExport receipts for a publisher and day.
Query params: publisher_id (required), date (YYYY-MM-DD, optional — defaults to today)
/v1/router/metricsAdmin keyUsage metrics for the router (events, receipts, active clients). Query param: days (default: 7).
/.well-known/arcp-routerNo authRouter discovery metadata including supported protocol versions and endpoint URLs.
/v1/jwksNo authRouter public keys for receipt and render token verification.
MCP Endpoint
/mcpNo authMCP server metadata and available tools list.
/mcpBearer API keyJSON-RPC 2.0 endpoint for MCP clients. Supports: initialize, tools/list, tools/call.
Available MCP tools: arcp_discover, arcp_query, arcp_render_opened, arcp_receipts_export
Managed Auth Endpoints
These endpoints require an admin API key (scoped to managed:read or managed:write).
/v1/router/managed/users/linkmanaged:writeLink a user identity for managed subscription tracking.
/v1/router/managed/subscriptions/upsertmanaged:writeCreate or update a managed subscription.
/v1/router/managed/subscriptions/cancelmanaged:writeCancel a managed subscription.
/v1/router/managed/entitlementsmanaged:readQuery entitlements for a user and publisher.
Rate Limits
| Endpoint | Default limit |
|---|---|
/v1/router/query | 60 req/min, 5000 req/day |
/v1/router/render/opened | 120 req/min |
/v1/router/receipts/export | 30 req/min |
Rate limit headers: X-RateLimit-Limit-Minute, X-RateLimit-Usage-Minute, X-RateLimit-Limit-Daily, X-RateLimit-Usage-Daily
Error Responses
| Status | Error code | Description |
|---|---|---|
| 400 | INVALID_INPUT | Missing or invalid request field |
| 401 | UNAUTHORIZED_CLIENT | Missing or invalid API key |
| 401 | INVALID_API_KEY | API key not found |
| 401 | API_KEY_REVOKED | API key has been revoked |
| 401 | API_KEY_EXPIRED | API key has expired |
| 403 | CLIENT_SUSPENDED | Client account suspended |
| 413 | PAYLOAD_TOO_LARGE | Request body exceeds 32KB |
| 429 | RATE_LIMIT_EXCEEDED | Minute rate limit hit |
| 429 | DAILY_QUOTA_EXCEEDED | Daily quota exhausted |
| 503 | CLIENT_AUTH_SCHEMA_NOT_READY | Migration not applied |