API
Workflow execution
- Read slices with
GET /api/nina/v1/slices. - Run slices through
POST /api/nina/v1/slices/:slice/run. - Every Nina API call requires the signed-in Google session cookie.
Private developer surface
API, MCP, and SDK access for Nina commerce workflows.
Nina exposes a small authenticated surface for slice discovery, workflow execution, social connections, and future MCP tooling. Public credentials are never issued from the browser.
MCP
Private transport
- Nina MCP tools are not enabled as an anonymous public transport.
- Operator-approved MCP access will be issued with explicit origin policy.
- Unauthenticated MCP/SDK calls should be treated as denied by default.
SDK
Server-first usage
- Use same-origin calls from the Nina app with
credentials: include. - Do not ship provider tokens or OAuth secrets to the client.
- Production SDK keys will be scoped, revocable, and invite-only.
Quick start
Read available Nina slices
const response = await fetch('/api/nina/v1/slices', {
credentials: 'include',
cache: 'no-store',
});
if (response.status === 401) {
throw new Error('Nina access requires an approved Google session.');
}
const { slices } = await response.json();Reference
Current access status
- Console login: admin allowlist only.
- Early access: request queue only, no automatic authorization.
- API proxy: authenticated session required.
- Docs: readable without secrets.
Public discovery
Nina public SEO graph
These pages describe Nina for search engines, AI discovery, and technical reviewers without exposing the private console or provider secrets.