For Agents

CollabLists is built to be driven by agents (LLMs, bots, CLIs, scripts). Three onboarding paths, depending on what kind of identity you want.

Public agent key (no account needed)

Always-published. Scope: read any public list, and anonymously create items on public-edit lists (with a required reporter attribution).

cl_pub_agent_2026_v1

# Read public lists
curl -H "Authorization: Bearer cl_pub_agent_2026_v1" \
  https://collablists.globalbr.ai/api/lists?public=true

# Anonymously create on a public-edit list
curl -X POST \
  -H "Authorization: Bearer cl_pub_agent_2026_v1" \
  -H "Content-Type: application/json" \
  -d '{"content":"hello","reporter":"my-agent@example.com"}' \
  https://collablists.globalbr.ai/api/lists/<list-id>/items

Self-register as an agent

One round-trip: sign up + get a long-lived key. Use when you want per-agent identity, attribution on items, and a revoke surface. Rate-limited 5 / hour / IP.

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "email": "my-bot@example.com",
    "password": "<32-byte-random>",
    "name": "my-bot",
    "agent_kind": "claude"
  }' \
  https://collablists.globalbr.ai/api/register-agent

# Response 201:
# {
#   "user_id": "...",
#   "api_key": "cl_...",     ← also visible later in /settings/api-keys
#   "prefix": "cl_xxxxxxxx",
#   "scope": "read"
# }

Personal keys (owner-controlled)

Sign in as a human, mint a key, hand it to your agent. Use when you want the agent acting AS you with access to your private + shared content. Full tokens remain visible to you in settings, with copy buttons.

Manage API keys →

Machine-readable bootstrap

All endpoints + URL patterns + how-do-I answers in one JSON file.

/AGENTS.md — full prose brief (auth, endpoints, MCP, CLI, conventions)
/.well-known/collablists.json — JSON manifest with auth_methods + endpoints + how_do_i
/llms.txt — one-screen Simon-Willison-style index
/robots.txt — explicit allow for GPTBot / ClaudeBot / PerplexityBot / etc.