Complete first-run setup
const url = 'https://example.com/v1/setup/complete';const options = { method: 'POST', headers: {'Content-Type': 'application/json'}, body: '{"tenant_name":"example","tenant_slug":"example","domains":["example"],"admin_email":"example","admin_name":"example","admin_password":"example","oidc_config":{"issuer_url":"example","client_id":"example","client_secret":"example","scopes":["example"]},"aws_identity_center":{"sso_instance_arn":"example","role_arn":"example","region":"example"},"platform_mode":"single","mfa_required":true}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/v1/setup/complete \ --header 'Content-Type: application/json' \ --data '{ "tenant_name": "example", "tenant_slug": "example", "domains": [ "example" ], "admin_email": "example", "admin_name": "example", "admin_password": "example", "oidc_config": { "issuer_url": "example", "client_id": "example", "client_secret": "example", "scopes": [ "example" ] }, "aws_identity_center": { "sso_instance_arn": "example", "role_arn": "example", "region": "example" }, "platform_mode": "single", "mfa_required": true }'Request Body required
Section titled “Request Body required ”object
Email domains to register for the tenant.
Optional OIDC provider configuration.
object
Optional AWS Identity Center configuration.
object
Deployment mode — single-tenant or multi-tenant platform.
Whether MFA is required for all users. Defaults to true if omitted.
Responses
Section titled “ Responses ”Setup completed
object
object
Default locale for the tenant (e.g. ‘en’, ‘fr’).
Email address of the tenant owner.
UUID of the tenant’s owner user.
AWS IAM Identity Center start URL for SSO login.
AWS region of the IAM Identity Center instance.
Whether this tenant is the master (platform) tenant.
First verified domain for this tenant, if any.
Domains created during setup (unverified). Includes DNS verification instructions.
object
Example generated
{ "tenant": { "id": "2489E9AD-2EE2-8E00-8EC9-32D5F69181C0", "name": "example", "slug": "example", "locale": "example", "owner_email": "example", "sso_start_url": "example", "sso_region": "example", "created_at": "2026-04-15T12:00:00Z", "updated_at": "2026-04-15T12:00:00Z" }, "message": "example", "domains": [ { "id": "2489E9AD-2EE2-8E00-8EC9-32D5F69181C0", "domain": "example", "verified": true, "verified_at": "2026-04-15T12:00:00Z", "verification_token": "example", "dns_record": "example", "dns_value": "example", "created_at": "2026-04-15T12:00:00Z" } ]}Invalid input
object
Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).
Human-readable description of the error.
Optional additional context about the error.
object
Policy notices from determining Cedar rules, if applicable.
Example generated
{ "code": "example", "message": "example", "details": {}, "notices": [ "example" ]}Setup already completed
object
Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).
Human-readable description of the error.
Optional additional context about the error.
object
Policy notices from determining Cedar rules, if applicable.
Example generated
{ "code": "example", "message": "example", "details": {}, "notices": [ "example" ]}A submitted domain is blocked (common email provider).
object
Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).
Human-readable description of the error.
Optional additional context about the error.
object
Policy notices from determining Cedar rules, if applicable.
Example generated
{ "code": "example", "message": "example", "details": {}, "notices": [ "example" ]}