REST
The primary surface. Synchronous JSON over HTTPS for resolve, screen, validate,
and watch management.
MCP
A Model Context Protocol server so an AI agent can call AUO as a set of tools,
behind the same bearer token.
Webhooks
Outbound, signed notifications when a watched entity changes. The one surface
that is inbound to you.
REST
Every endpoint lives underhttps://api.auo.com.au/v1 and requires
Authorization: Bearer auo_sk_{test|live}_.... Requests and responses are JSON.
This is where you resolve, screen, validate, and manage watch subscriptions. Start
with the API reference.
MCP
The MCP server athttps://api.auo.com.au/mcp lets an AI agent call
AUO as tools. It is stateless, read-only by design, and uses the same bearer token as
REST. Because each MCP tool calls the exact same core function as its REST counterpart,
the two surfaces cannot drift.
Webhooks
Webhooks are the exception to bearer auth: they are inbound to your server, so they are signed with HMAC-SHA256 rather than carrying your token. You subscribe to an entity with the watch endpoints, and AUO POSTs a signed event to your URL when something changes. See Watch and webhooks for signature verification and the event taxonomy.One token, one source of truth
The same resolve logic backs the REST endpoint, the MCPresolve_entity tool, and the
change detection that fires webhooks. Add a red-flag source to one and it appears in
all three. You never have to reconcile three different views of an entity.
Next
Watch and webhooks
Subscribe to an entity and verify signed events.
MCP
Connect an AI agent to AUO.