REST APIs, TypeScript SDKs, CLI, self-hosting Helm charts, and an OpenAPI reference for every 47Network product.
Install the 47Network CLI, authenticate with your 47ID account, and start building in under 2 minutes.
Node.js 18+ or Bun 1.0+. A 47Network account — sign up free at account.the47network.com.
# Install the 47Network CLI npm install -g @47network/cli # or: bun add -g @47network/cli # Authenticate with 47ID (opens browser) 47n auth login # Verify and list products you have access to 47n products list # Output: # ✓ Authenticated as alex@yourorg.com # ┌──────────────┬────────┬───────────────────────────────┐ # │ Product │ Status │ Domain │ # ├──────────────┼────────┼───────────────────────────────┤ # │ Sven Agent │ Beta │ sven.the47network.com │ # │ 47mail │ Beta │ mail.the47network.com │ # │ PassVault │ Beta │ vault.the47network.com │ # └──────────────┴────────┴───────────────────────────────┘
import { Network47Client } from '@47network/sdk'; const client = new Network47Client({ apiKey: process.env.NETWORK47_API_KEY, version: '2026-01', }); // Fetch authenticated user const me = await client.auth.me(); console.log(me.email); // alex@yourorg.com // List Sven missions const missions = await client.sven.missions.list({ status: 'active' }); console.log(missions.data.length); // 3
curl https://api.the47network.com/v1/me \ -H "Authorization: Bearer $NETWORK47_API_KEY" \ -H "X-47N-Version: 2026-01" # Response: # { # "id": "usr_abc123", # "email": "alex@yourorg.com", # "plan": "pro", # "products": ["sven","47mail","passvault"] # }
import os from network47 import Network47Client client = Network47Client( api_key=os.environ["NETWORK47_API_KEY"], version="2026-01" ) me = client.auth.me() print(me.email) # alex@yourorg.com missions = client.sven.missions.list(status="active") print(len(missions.data)) # 3
47Network supports two auth methods: API Keys for server-to-server requests, and OAuth 2.0 / OIDC via 47ID for user-delegated access. All tokens are scoped to specific products and permissions.
// All requests require both headers: "Authorization: Bearer sk_live_..." "X-47N-Version: 2026-01" // API keys are prefixed by environment: // sk_live_ → Production // sk_test_ → Sandbox (no real data) // sk_dev_ → Development / self-hosted
Use 47ID for user-facing applications. Standard OIDC — compatible with any OIDC library.
# 47ID OIDC configuration OIDC_ISSUER=https://id.the47network.com/realms/47net OIDC_CLIENT_ID=your-app-client-id OIDC_CLIENT_SECRET=your-client-secret OIDC_REDIRECT_URI=https://yourapp.com/auth/callback # Available scopes: # openid profile email → Standard OIDC # 47n:products → Product access # 47n:sven:missions:write → Submit missions # 47n:vault:entries:read → Read vault entries # 47n:mail:send → Send email
Never expose API keys in client-side code or public repositories. Rotate keys immediately if compromised via 47n keys rotate.
Every 47Network product ships with a self-hosting path. Helm charts, Argo CD app definitions, and deployment guides available. Your data never leaves your environment.
Production-ready Helm charts for all products. Single values.yaml per product.
registry.the47network.com/chartsGitOps-ready App-of-Apps definitions. Drop into your existing Argo CD bootstrap.
github.com/47network/gitopsSingle-host compose files for local dev and small production deployments.
docker.io/47network/*# Add the 47Network Helm registry helm registry login registry.the47network.com # Install Sven Agent helm install sven oci://registry.the47network.com/charts/sven-agent \ --namespace sven \ --create-namespace \ --set auth.oidcIssuer="https://id.the47network.com/realms/47net" \ --set auth.clientId="sven-self-hosted" \ --set storage.s3.bucket="sven-evidence" \ --set ingress.host="sven.yourorg.com" # Verify deployment kubectl get pods -n sven # NAME READY STATUS RESTARTS AGE # sven-7d9f8b6c4-xk2jp 1/1 Running 0 42s
Self-hosted products are designed to run behind Pomerium. The Studio team deploys a full zero-trust stack as a managed service — ask us.
The 47n CLI wraps the REST API, handles auth, and provides commands for all products, self-hosted deployments, and key management.
# Authentication 47n auth login # OAuth device flow 47n auth logout 47n keys create --name my-key --scopes sven:missions:write 47n keys list 47n keys rotate <key-id> # Sven Agent 47n sven missions list 47n sven missions create --goal "Summarise today's emails" 47n sven skills list 47n sven skills deploy ./my-skill.ts # Self-hosting 47n deploy sven --namespace sven --cluster mycluster 47n deploy 47mail --namespace mail # Diagnostics 47n status 47n logs --product sven --tail 100
Register custom skills, submit missions, receive approval callbacks, and stream agent telemetry. OpenClaw-compatible.
import { SvenClient } from '@47network/sven-sdk'; const sven = new SvenClient({ apiKey: process.env.SVEN_API_KEY, endpoint: 'https://sven.the47network.com', // or self-hosted URL }); // Register a custom skill with schema validation await sven.skills.register({ name: 'send-email', version: '1.0.0', description: 'Send an email via 47mail', inputSchema: { type: 'object', properties: { to: { type: 'string', format: 'email' }, subject: { type: 'string' }, body: { type: 'string' }, }, required: ['to', 'subject', 'body'], }, requireApproval: true, // human-in-the-loop for email sends handler: async ({ to, subject, body }) => { return await mailClient.send({ to, subject, body }); }, }); console.log('✓ Skill registered');
// Submit a mission to Sven const mission = await sven.missions.create({ goal: 'Summarise all unread emails from today and reply to urgent ones', skills: ['47mail-fetch', 'summarise-email', 'send-email'], context: { mailbox: 'alex@ourorg.com', urgencyKeywords: ['urgent', 'ASAP', 'blocking'], }, maxDurationMs: 300_000, // 5 minute timeout requireApproval: true, // pause before sending any reply }); console.log(mission.id); // msn_a1b2c3 // Stream live telemetry for await (const event of sven.missions.stream(mission.id)) { console.log(event.type, event.data); // skill:start, skill:complete, approval:requested, mission:complete… }
// Query the tamper-proof audit trail const trail = await sven.audit.query({ missionId: 'msn_a1b2c3', includeEvidence: true, }); for (const entry of trail.entries) { console.log({ ts: entry.timestamp, action: entry.action, // skill:invoked, output:generated… signature: entry.signature, // ed25519 — verifiable offline evidence: entry.evidence, // full input/output snapshot }); }
47ID is the Keycloak-based identity provider across all products. SSO, MFA/passkeys, group RBAC, and device management. Standard OIDC — integrate in minutes.
// app/api/auth/[...nextauth]/route.ts import NextAuth from 'next-auth'; import KeycloakProvider from 'next-auth/providers/keycloak'; export const { handlers, signIn, signOut, auth } = NextAuth({ providers: [ KeycloakProvider({ clientId: process.env.OIDC_CLIENT_ID!, clientSecret: process.env.OIDC_CLIENT_SECRET!, issuer: 'https://id.the47network.com/realms/47net', }), ], });
// Discovery document: // GET https://id.the47network.com/realms/47net/.well-known/openid-configuration // Token endpoint: // POST https://id.the47network.com/realms/47net/protocol/openid-connect/token // Keycloak realm: 47net // Supported grant types: // authorization_code → Web applications // device_code → CLI / headless // client_credentials → Server-to-server
Base URL: https://api.the47network.com/v1 ·
Version header required: X-47N-Version: 2026-01
| Method | Endpoint | Description |
|---|---|---|
| GET | /me | Authenticated user profile |
| GET | /me/products | Products accessible to this key |
| GET | /keys | List API keys |
| POST | /keys | Create API key |
| DEL | /keys/:id | Revoke API key |
| Method | Endpoint | Description |
|---|---|---|
| GET | /sven/missions | List missions (filterable) |
| POST | /sven/missions | Submit a new mission |
| GET | /sven/missions/:id | Mission status + evidence |
| DEL | /sven/missions/:id | Cancel a pending mission |
| GET | /sven/skills | List registered skills |
| POST | /sven/skills | Register a skill |
| GET | /sven/audit | Query audit trail |
| Method | Endpoint | Description |
|---|---|---|
| POST | /mail/send | Send an email (E2EE optional) |
| GET | /mail/inbox | Fetch inbox (paginated) |
| POST | /mail/aliases | Create hide-my-email alias |
| Method | Endpoint | Description |
|---|---|---|
| GET | /vault/entries | List encrypted entries (ciphertext only) |
| POST | /vault/entries | Store encrypted entry |
| PUT | /vault/entries/:id | Update encrypted entry |
| DEL | /vault/entries/:id | Delete vault entry |
47Network fires webhooks for key product events. Payloads are signed with HMAC-SHA256 — always verify before processing.
import { createHmac } from 'node:crypto'; function verifyWebhook(payload: Buffer, signature: string, secret: string) { const expected = createHmac('sha256', secret) .update(payload) .digest('hex'); return timingSafeEqual( Buffer.from(signature), Buffer.from(`sha256=${expected}`) ); } // Events fired by product: // sven:mission:completed sven:mission:failed sven:approval:requested // mail:message:received mail:bounce:detected // vault:entry:created vault:sync:completed // comms:sms:received comms:optout:received
All errors return a standard JSON body. HTTP status codes follow RFC 9110. Rate limits per API key.
{
"error": {
"code": "MISSION_NOT_FOUND",
"message": "Mission msn_xyz not found or not accessible.",
"status": 404,
"request": "req_abc123" // include in support reports
}
}
| Status | Meaning |
|---|---|
200 | OK — request succeeded |
400 | Bad Request — invalid params or payload |
401 | Unauthorized — missing or invalid API key |
403 | Forbidden — key lacks required scope |
429 | Rate limited — Retry-After header set |
500 | Server error — report with request ID |
1,000 req/min on most endpoints. Sven mission creation: 100/min. Email send: 500/min. Higher limits on Pro and Team plans.
Technical guides on the infrastructure and tools behind building on 47Network.
Dynamic credentials, AppRole auth, the Kubernetes Agent Injector — replacing .env files with a proper secrets backend that works across every language and runtime.
PgBouncer connection pooling, partial indexes, EXPLAIN ANALYZE, VACUUM tuning, and the postgresql.conf settings that actually matter in production.
A decision framework for the 95% of teams for whom K8s is overkill. When Compose is the right answer and what the migration path looks like when it stops being right.
Phony targets, automatic variables, pattern rules, and a self-documenting help target. The Make conventions every developer should know.
Connection pooling, cache invalidation strategies, BullMQ job queues, pub/sub for real-time events, sorted-set rate limiters, and AOF persistence configuration.
Page Object Model, auth fixtures with storageState, network interception, parallel CI sharding — the Playwright setup used across 47Network Studio QA engagements.
Page Object Model, auth fixtures with storageState, network interception, parallel sharding — the Playwright setup used across 47Network Studio QA engagements.
Self-hosted runners, Vault secrets injection instead of GitHub secrets, environment protection gates, reusable workflows, and artifact-based rollback.