Skip to main content

Butterfly Security

OpenAPI 3.1 Specification

Machine-readable contract for every public endpoint on butterflysecurity.org/api/*.

Download spec (JSON)Prose referenceOAuth metadata

Auth: OAuth 2.0 with PKCE. Discovery at /.well-known/oauth-authorization-server. Tokens must carry audience https://butterflysecurity.org/api/ (RFC 8707). Errors return { error, error_description? } per RFC 6749 §5.2.