Client credential
dev tenant- Client ID
onlyutils_client_8f61a2e9- Client secret
-
••••••••••••••••••••
Shown once at creation. This page can only reveal it one time, same as the real portal.
All your services. One credential.
Auth, email, and SMS today, more services later, all sitting behind a single client credential. Toggle on what you need, mint one 15-minute token, and call every enabled service directly. No per-service keys to juggle, no separate logins.
onlyutils_client_8f61a2e9••••••••••••••••••••
Shown once at creation. This page can only reveal it one time, same as the real portal.
# 1. exchange your client credential for a token
curl -s https://api.onlyutils.com/oauth/token \
-d grant_type=client_credentials \
-d client_id=$CLIENT_ID \
-d client_secret=$CLIENT_SECRET \
-d tenant_id=$TENANT_ID
→ { "access_token": "eyJhbGciOi...", "expires_in": 900,
"services": ["auth","email","sms"] }
# 2. call the service directly (it verifies the token itself)
curl -s https://email.api.onlyutils.com/v1/send \
-H "Authorization: Bearer $TOKEN" \
-d to=jordan@yourapp.com \
-d template=welcome
→ { "message_id": "msg_8f2b1c", "status": "queued" }
One account, every toggle
Every client starts with nothing enabled. Flip a service on and its calls start accepting your token immediately, at the next mint. Flip it off and that service stops trusting your token, everything else keeps working.
Sign-up, login, sessions, and permissions for your own users.
Transactional sends with templates, delivery status, and webhooks.
Transactional texts from a fixed sending number, same delivery model as email.
Manage your end-customers' plans and payments. Coming later, same credential.
How it works
Get a client_id and client_secret, shown once. Pick which services it can use.
POST /oauth/token mints a 15-minute JWT scoped to exactly the services you enabled.
Each service verifies the token itself, offline, against our public keys. No round-trip back to us.
An MCP server sitting in front of the same platform your code already calls. Point any MCP-compatible agent at onlyutils and it can create clients, send an email, fire off an SMS, or check what a token is scoped to, using your existing credential. No bespoke tool wrappers, no glue code holding it together.
{
"tool": "onlyutils.email.send",
"arguments": {
"to": "jordan@yourapp.com",
"template": "welcome"
}
}
The customer portal is being built now. Docs land alongside it.