TownSpot API and Agent Discovery

TownSpot publishes machine-readable discovery documents for public read APIs, protected admin authentication, and read-only MCP access.

Discovery documents

These well-known URLs help agents and integration clients discover TownSpot services without hardcoded assumptions.

/.well-known/api-catalog - https://www.townspot.co/.well-known/api-catalog
/.well-known/openid-configuration - https://www.townspot.co/.well-known/openid-configuration
/.well-known/oauth-protected-resource - https://www.townspot.co/.well-known/oauth-protected-resource
/.well-known/mcp/server-card.json - https://www.townspot.co/.well-known/mcp/server-card.json

Public endpoints

These endpoints expose the main public discovery surface for towns, events, venues, and the read-only MCP transport.

https://api.townspot.co/api/locations/list
https://api.townspot.co/api/locations/get-by-slug
https://api.townspot.co/api/events/list
https://api.townspot.co/api/p/venues/{slug}
https://api.townspot.co/api/openapi.json
https://api.townspot.co/api/healthz
https://api.townspot.co/api/mcp

Authentication

Protected TownSpot admin APIs use bearer tokens issued by Supabase Auth.

Use the OpenID Connect and OAuth metadata documents to discover the authorization, token, JWKS, and protected-resource details programmatically.

Canonical URL patterns

https://www.townspot.co/{countryCode}/{townSlug}
https://www.townspot.co/event/{eventSlug}-{eventUuid}
https://www.townspot.co/venue/{venueSlug}