No Authentication Required
Glushea exposes public metadata so AI agents and search engines can understand the site without scraping JavaScript-rendered pages. The current endpoints are /api/profile.json, /api/offerings.json, and /api/resources.json. They require no API key, bearer token, OAuth flow, session cookie, or user account.
curl https://glushea.com/api/profile.jsonWhat Not To Send
Do not send private credentials, personal secrets, payment data, or confidential business data to the public metadata endpoints. They do not need it and will not use it. Agents should avoid inventing an authentication scheme and should not ask users for credentials to access these files.
Future Auth Changes
If Glushea later publishes authenticated APIs, this guide and /openapi.json will be updated with the required security scheme, token flow, scopes, and example requests. Until then, the correct integration behavior is to call the documented read-only endpoints without auth and route custom professional requests to /contact.