Guides

The Manager API is an authenticated, external administrative API that allows third-party systems, automation platforms, and AI agents (such as Claude) to securely interact with Openstage on behalf of an artist.

Unlike the Fanbase API, which is fan-facing, the Manager API operates in an administrative context, requiring API Key authentication.

Base URLs

• Live: https://api.openstage.live/manager2
• Stage: https://api-stage.openstage.live/manager2
  Stage data is only updated every 24 hours. This is a good place to test your integrations

Authentication via API Keys

All requests to the Manager API must be authenticated using an API Key sent in the HTTP Authorization header as a Bearer token:

Authorization: Bearer YOUR_API_KEY

Important Scoping Rule: Every API Key is strictly restricted to one artist. The system derives an artistId directly from the verified key. Because of this, you do not need to provide an artistId in request payloads. The API will ignore any client-provided artistId to ensure tenant isolation and security.

Managing API Keys

You can provision and revoke API keys via the Openstage Manager Platform under Artist Settings > API Keys & Webhooks

• Keys are hashed before storing. You must copy and save your API Key immediately upon creation, as it cannot be retrieved later.
• If a key is compromised, revoke it immediately via the platform to block access.

The Model Context Protocol (MCP) is an open standard that enables AI models (like Claude) to safely and securely interact with external APIs via standard tools.

Openstage provides a dedicated, pre-built MCP server implementation. Using an authenticated connection, LLM agents can query and modify artist data.

Available MCP Tools

All Manager API endpoints are available as MCP tools.

Configuring the MCP Link

To link your Openstage account to an AI Agent or MCP client, visit the MCP Authorization page to authorize and configure your connection.

Syncing Fan Data (Create & Update)

A primary integration path is to sync fan records from external CRMs or databases into Openstage using the POST /manager2/fan endpoint.

This endpoint behaves as an upsert (update-or-insert) based on the unique email address provided in the payload:

1. If the email does not exist in your audience, a new fan profile is created under your artist account.
2. If the email already exists, the record is updated with any new properties provided in the body. Existing data is NOT overwritten.

JSON Schema & Standards

• CamelCase Consistency: Ensure all properties inside request and response JSON payloads are strictly formatted in camelCase.
• Date Formats: All dates in request and response payloads must adhere to standard ISO-8601 string format (e.g., 2026-06-10T14:52:21Z).

How do I access the Manager API?

The Manager API is available to all artists. You can generate API keys directly within the Openstage Platform under Artist Settings > API Keys & Webhooks.

What is the difference between Fanbase and Manager APIs?

The Fanbase API is a fan-facing, client-side API used for building custom user experiences, mobile apps, or web storefronts for fans (authenticated via fan logins/tokens). The Manager API is an administrative, server-to-server API used for backend integrations, CRM data syncing, and powering AI agents (authenticated via artist-scoped API keys).

Can a single API key manage multiple artists?

No. To enforce security, tenant separation, and prevent cross-artist data leaks, every API key is hard-linked to exactly one artist. The API derives the artist scope directly from the Bearer token credentials.

Can I share my API key with other people?

No. API Keys should be treated as extremely sensitive credentials. They should be stored in a secrets manager or other secure location and should never be shared or committed to source control. Doing so risks compromising your entire fan dataset and all associated data.

Does Openstage have access to my API key?

No. Openstage encrypts API keys and stores the encrypted value in a secure database. We never have access to your API key, in the same way we do not have access to your passwords.

Is there a rate limit for webhooks or API requests?

The Manager API enforces a rate limit of 250 requests per 5-minute window per API Key. If you receive a 429 Too Many Requests error, you must pause operations and wait for the limit to reset. If you are automating or batch editing, please spread requests out over time to avoid hitting the limit.