Resources/The Agent API Atlas/AI/Anthropic

Everything an AI agent can do with the Anthropic API.

A reference guide for building AI agents: every method, how to authenticate, and the permissions each one needs.

Endpoints24

API version2023-06-01

Last updated23 June 2026

Orientation

How the Anthropic API works.

The Anthropic API is how an app or AI agent works with Claude: sending a conversation and getting the next message back, running large jobs as asynchronous batches, listing models, counting tokens, and uploading files to reuse across calls. Access is granted through an API key, where a workspace key reaches the model and file methods and a separate Admin key manages people, workspaces, and keys, with the workspace as the boundary. The API does not push events to a webhook, so an integration polls a batch for its status or streams a message as it is generated.

24Endpoints

7Capability groups

13Read

11Write

2Permissions

Authentication

The Anthropic API authenticates with an API key sent in the x-api-key header, not OAuth, alongside an anthropic-version header on every request. A workspace API key (sk-ant-api...) calls the model and file methods, while a separate Admin key (sk-ant-admin...) is required for the organization-management methods, and the two are not interchangeable. An app can also send a short-lived bearer token through Workload Identity Federation instead of a key.

Permissions

An API key carries no per-method scopes. The workspace a key belongs to is the boundary: a key reaches the model, batches, and files for its workspace and nothing in another. The split between a workspace key and an Admin key is the real permission line, since only an Admin key, or an org:admin OAuth token, can manage members, workspaces, and keys, and the Admin API is unavailable for individual accounts.

Versioning

The API is versioned by date through the anthropic-version header, which every request must send, such as anthropic-version: 2023-06-01. A new dated version is minted only when behavior changes in a way an integration would notice; within a version, Anthropic may add optional inputs and new output values without breaking existing usage. Beta features are opted into separately through the anthropic-beta header, for example files-api-2025-04-14 for the Files API.

Data model

The API is resource-oriented JSON over HTTPS at https://api.anthropic.com. Core model work runs under /v1/messages, with batches at /v1/messages/batches, models at /v1/models, and files at /v1/files; organization administration lives under /v1/organizations. The API does not push events to a webhook: an integration polls a batch for its status, or streams a message as it is generated. Lists are cursor-paginated, and a batch can take up to 24 hours to complete.

Connect & authenticate

Connection & authentication methods.

How an app or AI agent connects to the Anthropic API determines what it can reach. The model and file methods use a workspace API key, while the methods that manage an organization use a separate Admin key, and each is governed by the key behind it.

Ways to connect

REST API

The REST API answers at https://api.anthropic.com. A call sends a JSON body and authenticates with a workspace API key in the x-api-key header, plus the anthropic-version header on every request. The Messages method can stream its reply as server-sent events when stream is set to true.

Best forConnecting an app or AI agent to Claude.

Governed byThe API key and the workspace it belongs to.

Docs ↗

Admin API

The Admin API manages an organization's people, workspaces, and keys under https://api.anthropic.com/v1/organizations. It accepts an Admin key (sk-ant-admin...) in the x-api-key header or an org:admin OAuth token, never a workspace API key, and is unavailable for individual accounts.

Best forProgrammatically managing an organization.

Governed byThe Admin key or an org:admin OAuth token.

Docs ↗

MCP connector

Anthropic defines the Model Context Protocol (MCP), the open standard for connecting models to tools, and Claude acts as an MCP client. The Messages method can connect to a remote MCP server an integration names, so Claude calls that server's tools during a response. There is no first-party MCP server that fronts the Anthropic API itself.

Best forLetting Claude call external tools through MCP during a response.

Governed byThe API key, plus whatever the named MCP server requires.

Docs ↗

Authentication

Workspace API key

A workspace API key authenticates the model and file methods, sent in the x-api-key header. It carries no per-method scopes; the workspace it belongs to is the boundary, and workspaces segment keys and control spend by use case. A live key is revealed only once, when it is created.

TokenAPI key (sk-ant-api...)

Best forCalling Claude and managing files.

Docs ↗

Admin API key

An Admin key authenticates the organization-management methods, sent in the x-api-key header. It cannot call the model, and a workspace API key cannot call the Admin API. Only members with the admin role can create one, and the Admin API is unavailable for individual accounts.

TokenAdmin API key (sk-ant-admin...)

Best forManaging members, workspaces, and keys.

Docs ↗

OAuth (Workload Identity Federation)

An app can send a short-lived bearer token in the Authorization header instead of an API key, obtained through Workload Identity Federation. An org:admin scoped token grants access to the whole organization and can call the Admin API in place of an Admin key.

TokenBearer access token

Best forKeyless server access and org-wide administration.

Docs ↗

Capability map

What an AI agent can do with the Anthropic API.

The Anthropic API is split into areas an agent can act on, like sending messages to Claude, running large jobs in batches, listing models, counting tokens, and managing files. A separate set of organization methods, reached only with an Admin key, manages people, workspaces, and keys.

Messages

2 endpoints

Send a conversation to Claude and get the next message back, in one response or streamed token by token, and count the tokens a request would use before sending it.

A call here sends data to Claude and spends from the account.

View endpoints →

Message Batches

6 endpoints

Submit many message requests as one asynchronous batch, list and retrieve batches, fetch their results, and cancel or delete a batch.

A write here queues real model work and spends from the account.

View endpoints →

Models

2 endpoints

List the models available to the account and read a single model's details and capabilities.

These are read-only and do not change account data.

View endpoints →

Files

5 endpoints

Upload a file once and reference it across calls, list files, read a file's metadata, download its content, and delete it.

A write here adds or removes a stored file on the account.

View endpoints →

Organization members (Admin)

3 endpoints

List the people in an organization, change a member's role, and remove a member. Reached only with an Admin key.

A write here changes who can access the organization.

View endpoints →

Workspaces (Admin)

3 endpoints

List and read workspaces, create a workspace, and manage the members of a workspace. Reached only with an Admin key.

A write here changes a workspace or its membership.

View endpoints →

API keys (Admin)

3 endpoints

List the organization's API keys, read a single key, and update a key's name or status. Reached only with an Admin key.

A write here can disable a key and cut off access.

View endpoints →

Endpoint reference

Every Anthropic API method.

Filter by method, access, or permission, or search any path. Select a row for version detail, rate limits, the related webhook event, and the source.

Hide deprecated

Method	Endpoint	What it does	Access	Permission	Version
Messages Send a conversation to Claude and get the next message back, in one response or streamed token by token, and count the tokens a request would use before sending it.2
POST	`/v1/messages`	Send a conversation to Claude and receive the next message. The same method streams the reply token by token when stream is set to true.	write	`API key`	Current
Authenticated with a workspace API key in the x-api-key header. The key carries no per-method scopes; the workspace it belongs to is the boundary. Setting stream to true returns the reply as server-sent events. Acts onmessage Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitPer-model RPM, ITPM, and OTPM by tier SourceOfficial documentation ↗
POST	`/v1/messages/count_tokens`	Count the tokens a Messages request would use, before sending it, to estimate cost and stay within rate limits.	read	`API key`	Current
Authenticated with a workspace API key. Does not generate a reply or spend output tokens; it only returns the input token count. Acts ontoken count Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Message Batches Submit many message requests as one asynchronous batch, list and retrieve batches, fetch their results, and cancel or delete a batch.6
POST	`/v1/messages/batches`	Submit a batch of Messages requests to process asynchronously, at half the standard cost. A batch can take up to 24 hours to complete.	write	`API key`	Current
Authenticated with a workspace API key. Each request in the batch carries a developer-set custom_id used to match results back to requests. Acts onmessage batch Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitShared batch RPM and a cap on queued batch requests by tier SourceOfficial documentation ↗
GET	`/v1/messages/batches`	List the Message Batches in a workspace, most recently created first.	read	`API key`	Current
Authenticated with a workspace API key. Cursor-paginated through after_id and before_id. Acts onmessage batch Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/messages/batches/{message_batch_id}`	Retrieve a single Message Batch, including its processing status and a tally of how many requests succeeded, errored, expired, or were canceled.	read	`API key`	Current
Authenticated with a workspace API key. Polling this is how an integration learns a batch has ended, since the API does not push events. Acts onmessage batch Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/messages/batches/{message_batch_id}/results`	Stream the results of a completed Message Batch as a JSONL file. Results are not guaranteed to be in request order, so each is matched by its custom_id.	read	`API key`	Current
Authenticated with a workspace API key. Available only once the batch has ended, at the results_url returned on the batch. Acts onmessage batch Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/v1/messages/batches/{message_batch_id}/cancel`	Begin canceling a Message Batch that is still processing. Requests already in progress may still complete.	write	`API key`	Current
Authenticated with a workspace API key. The batch moves to a canceling status before it ends. Acts onmessage batch Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/v1/messages/batches/{message_batch_id}`	Delete a Message Batch. A batch can be deleted only once its processing has ended.	write	`API key`	Current
Authenticated with a workspace API key. A batch still in progress must be canceled before it can be deleted. Acts onmessage batch Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Models List the models available to the account and read a single model's details and capabilities.2
GET	`/v1/models`	List the models available to the account, most recently released first, with each model's display name and capabilities.	read	`API key`	Current
Authenticated with a workspace API key. Read-only; cursor-paginated. Acts onmodel Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/models/{model_id}`	Read a single model's details, including its display name, release date, context window, and capabilities.	read	`API key`	Current
Authenticated with a workspace API key. Read-only. Acts onmodel Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Files Upload a file once and reference it across calls, list files, read a file's metadata, download its content, and delete it.5
POST	`/v1/files`	Upload a file once so it can be referenced across multiple calls without resending it.	write	`API key`	Current
Authenticated with a workspace API key. The Files API is in beta and requires the anthropic-beta: files-api-2025-04-14 header. Acts onfile Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/files`	List the files stored on the account.	read	`API key`	Current
Authenticated with a workspace API key. Requires the anthropic-beta: files-api-2025-04-14 header. Acts onfile Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/files/{file_id}`	Read a file's metadata, such as its filename, MIME type, and size.	read	`API key`	Current
Authenticated with a workspace API key. Returns metadata only, not the file's bytes. Requires the anthropic-beta: files-api-2025-04-14 header. Acts onfile Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/files/{file_id}/content`	Download a file's content. Only files the API created, such as code execution output, are downloadable.	read	`API key`	Current
Authenticated with a workspace API key. A file is downloadable only when its downloadable flag is true. Requires the anthropic-beta: files-api-2025-04-14 header. Acts onfile Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/v1/files/{file_id}`	Delete a stored file.	write	`API key`	Current
Authenticated with a workspace API key. Requires the anthropic-beta: files-api-2025-04-14 header. Acts onfile Permission (capability)`API key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Organization members (Admin) List the people in an organization, change a member's role, and remove a member. Reached only with an Admin key.3
GET	`/v1/organizations/users`	List the people in an organization, with each member's email, name, and role.	read	`Admin key`	Current
Reached only with an Admin key (sk-ant-admin...) or an org:admin OAuth token, not a workspace API key. The Admin API is unavailable for individual accounts. Acts onorganization member Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/v1/organizations/users/{user_id}`	Update an organization member's role.	write	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. Members with the admin role cannot be changed or removed through the API. Acts onorganization member Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/v1/organizations/users/{user_id}`	Remove a member from an organization.	write	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. The admin role cannot be removed through the API. Acts onorganization member Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Workspaces (Admin) List and read workspaces, create a workspace, and manage the members of a workspace. Reached only with an Admin key.3
GET	`/v1/organizations/workspaces`	List the workspaces in an organization.	read	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. Acts onworkspace Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/v1/organizations/workspaces`	Create a workspace, a way to segment API keys and control spend by use case.	write	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. Acts onworkspace Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/v1/organizations/workspaces/{workspace_id}/members`	Add a member to a workspace with a chosen workspace role.	write	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. Acts onworkspace member Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
API keys (Admin) List the organization's API keys, read a single key, and update a key's name or status. Reached only with an Admin key.3
GET	`/v1/organizations/api_keys`	List the organization's API keys, filterable by status and workspace.	read	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. New keys cannot be created through the API, only managed. Acts onapi key Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/v1/organizations/api_keys/{api_key_id}`	Read a single API key's details.	read	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. Does not reveal the secret value of the key. Acts onapi key Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/v1/organizations/api_keys/{api_key_id}`	Update an API key's name or status, for example setting it inactive to disable it.	write	`Admin key`	Current
Reached only with an Admin key or an org:admin OAuth token. Setting a key inactive cuts off every call made with it. Acts onapi key Permission (capability)`Admin key` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗

No endpoints match those filters.

Webhooks

Webhook events.

The Anthropic API does not push events to a webhook. An app or AI agent learns the outcome of a long-running batch job by polling its status, or receives a streamed message as it is generated.

Event	What it signals	Triggered by

No events match that search.

Rate limits & pagination

Rate limits, pagination & request size.

Anthropic limits how fast and how much an app or AI agent can call, through per-model ceilings on requests per minute and on input and output tokens per minute, set by the organization's usage tier.

Request rate

Anthropic sets rate limits per model, by the organization's usage tier, on three measures: requests per minute, input tokens per minute, and output tokens per minute. The tiers run from Tier 1, where Claude Opus models share 50 requests per minute and 500,000 input tokens per minute, up to Tier 4, where the same models reach 4,000 requests per minute and 10,000,000 input tokens per minute, and an organization advances tiers automatically as its cumulative spend grows. On most models only uncached input tokens count toward the input limit, so prompt caching raises effective throughput, and the max_tokens value does not count toward the output limit. The Message Batches API has its own shared request limit and a cap on how many batch requests can be queued at once. Each response carries anthropic-ratelimit headers reporting the limit, the amount remaining, and when it resets, and going over returns a 429 with a retry-after header.

Pagination

List methods are cursor-based through after_id and before_id, with a limit parameter that defaults to 20 and ranges from 1 to 1,000. The response carries first_id and last_id to use as cursors and a has_more flag that signals whether more pages remain. Batch results come back as a JSONL file rather than a paginated list, matched to requests by custom_id.

Request size

The maximum request size is 32 MB for Messages and Token Counting, 256 MB for the Batches API, and 500 MB for the Files API, and going over returns a 413 request_too_large error. A Message Batch holds up to 100,000 requests and is retained for 24 hours before it expires. The context window an individual request can use is set per model and reported on the Models method.

Errors

Status codes & error handling.

The status codes an agent should handle, and what to do about each.

Status	Code	Meaning	What to do
400	`invalid_request_error`	The format or content of the request was wrong, for example a missing parameter or an unsupported option like prefilling an assistant message on a model that does not allow it.	Read the message in the error object, fix the request, and resend. It is not retryable as-is.
401	`authentication_error`	There is a problem with the API key, such as a missing, invalid, or revoked key.	Confirm a valid key is sent in the x-api-key header, and rotate the key if it is compromised.
403	`permission_error`	The key does not have permission to use the requested resource, for example calling an Admin method with a workspace key.	Use the right kind of key, an Admin key for organization methods or a workspace key for model and file methods.
404	`not_found_error`	The requested resource was not found.	Confirm the path and the object id, and that the key's workspace can see the resource.
413	`request_too_large`	The request exceeded the maximum allowed size: 32 MB for Messages and Token Counting, 256 MB for Batches, and 500 MB for Files.	Reduce the request below the per-endpoint limit, for example by uploading large content through the Files API.
429	`rate_limit_error`	A per-minute request or token limit was hit, or an acceleration limit triggered by a sharp increase in usage.	Wait the number of seconds in the retry-after header, then retry, and ramp traffic up gradually.
500	`api_error`	An unexpected error inside Anthropic's systems.	Retry with backoff, and contact support with the request_id if it persists.
529	`overloaded_error`	The API is temporarily overloaded, which can happen during high traffic across all users.	Back off and retry later with exponential backoff.

Versioning & freshness

Version history.

Anthropic versions its API by date through the anthropic-version header, which every request must send. The current documented version is 2023-06-01, and a new dated version is minted only when behavior changes in a way an integration would notice.

Version history

What changed, and when

Latest version2023-06-01

2023-06-01Current version

Current version (named streaming events)

The current dated API version, sent in the anthropic-version header. It introduced the current format for streaming server-sent events, where completions are incremental and each event is a named event, and removed the legacy data: [DONE] event along with the legacy exception and truncated response values. Within a version Anthropic adds optional inputs and new output values without breaking existing usage.

What changed

New streaming format: completions are incremental rather than cumulative
All streaming events are named events rather than data-only events
Removed the unnecessary data: [DONE] streaming event
Removed the legacy exception and truncated values from responses

2023-01-01Feature update

Initial release

The first dated API version, sent in the anthropic-version header. Anthropic recommends using the latest version, and earlier versions are considered deprecated and may be unavailable to new users.

What changed

Initial release of the dated anthropic-version header

An integration pins a version in the anthropic-version header and moves up when it chooses to.

Anthropic API versions ↗

Questions

Anthropic API, answered.

How does authentication work, and what's the difference between a workspace key and an Admin key?+

Every request sends an API key in the x-api-key header plus an anthropic-version header. A workspace API key (sk-ant-api...) calls the model, batch, and file methods and is scoped to its workspace. An Admin key (sk-ant-admin...) is a different credential, required to manage members, workspaces, and keys, and a workspace key cannot call the Admin API. The Admin API is unavailable for individual accounts.

Does the Anthropic API have webhooks?+

No. The API does not push events to a webhook URL. To learn the outcome of a long-running batch, an integration polls the batch with a GET request until its status is ended, then fetches its results. For a single message, setting stream to true returns the reply as server-sent events as it is generated, which is the closest thing to a push.

How do rate limits work?+

Limits are set per model by the organization's usage tier, across three measures: requests per minute, input tokens per minute, and output tokens per minute. On most models only uncached input tokens count toward the input limit, so prompt caching increases effective throughput, and max_tokens does not count toward the output limit. Going over returns a 429 with a retry-after header, and anthropic-ratelimit headers on every response report how much headroom remains.

What does the Message Batches API do, and how do I get results?+

It processes many Messages requests asynchronously at half the standard cost. A batch can take up to 24 hours, so an integration polls the batch with a GET request until its processing_status is ended, then fetches a JSONL results file. Results are not guaranteed to be in request order, so each request carries a developer-set custom_id used to match its result back.

How does the API handle versions?+

The API is versioned by date through the anthropic-version header, which every request must send, such as 2023-06-01. Anthropic preserves existing inputs and outputs within a version and may add optional inputs and new output values without breaking usage; behavior that would break an integration ships only under a new dated version. Beta features are opted into separately through the anthropic-beta header.

Is there an official Anthropic MCP server for the API?+

No. Anthropic defines the Model Context Protocol (MCP), the open standard for connecting models to tools, and Claude acts as an MCP client. The Messages method can connect to a remote MCP server an integration names, so Claude calls that server's tools during a response, but there is no first-party MCP server that fronts the Anthropic API itself.

Can I create new API keys through the Admin API?+

No. For security, new API keys are created only in the Claude Console. The Admin API can list keys, read a single key, and update a key's name or status, for example setting it inactive to disable it, but it cannot mint a new key. Members with the admin role also cannot be removed through the API.

What is Bollard AI?

Control what every AI agent can do with the Anthropic API.

Bollard AI sits between a team's AI agents and the Anthropic API. Grant each agent exactly the access it needs, read or write, method by method, and every call is checked and logged.

Set read, write, or full access per agent, never a shared Anthropic key.
Denied by default, so an agent reaches only what has been explicitly allowed.
Every call recorded in plain English: who, what, where, and the decision.

Control Anthropic access in Bollard Browse all APIs →

Anthropic

Drafting Agent

Send messages to Claude ActionOffReadFull use

Read uploaded files ResourceOffReadFull use

Manage organization members ActionOffReadFull use

Per-agent access, set in Bollard AI, not in Anthropic

How the Anthropic API works.

Connection & authentication methods.

REST API

Admin API

MCP connector

Workspace API key

Admin API key

OAuth (Workload Identity Federation)

What an AI agent can do with the Anthropic API.

Messages

Message Batches

Models

Files

Organization members (Admin)

Workspaces (Admin)

API keys (Admin)

Every Anthropic API method.

Messages

Message Batches

Models

Files

Organization members (Admin)

Workspaces (Admin)

API keys (Admin)

Webhook events.

Rate limits, pagination & request size.

Request rate

Pagination

Request size

Status codes & error handling.

Version history.

What changed, and when

Anthropic API, answered.

More ai API guides for agents

Hugging Face

ElevenLabs

Replicate

Google Gemini

OpenAI

Cohere

Control what every AI agent can do with the Anthropic API.