Developers

Account-level operations that sit alongside the per-app HTTP API: rotate OAuth client secrets without breaking running integrations, receive Stripe Connect payouts on user-billed revenue, and configure your Sign-in-with-Quota app — branding, scopes, redirect URIs, welcome credits, and the consent funnel.

Every endpoint in this section is authenticated with your developer session cookie (set by POST /auth/login), not a bearer API key. They are intended to be called from the dashboard or a one-off script you run as the account owner — not from your application’s server. Ownership is enforced server-side: developer A cannot touch developer B’s apps, secrets, or payouts.

→OAuth secret rotation

Rotate a client_secret with a 30-day grace period so deployments roll the new value through CI without breaking running integrations.

→Stripe Connect payouts

Onboard a connected account, check status, generate dashboard links, and read your earnings summary plus payout history.

→Sign in with Quota

The hosted consent + OIDC sign-in product. Register apps, configure branding, scopes, redirect URIs, and welcome credits, and read the consent funnel.