Summary and recommendation
LiveChat exposes agent lifecycle management through the Configuration API (base: `https://api.livechatinc.com/v3.6/configuration`), authenticated via OAuth 2.0 Bearer tokens issued at `https://accounts.livechat.com/v2/token` - note the distinct domain from the API host. All operations, including list and read actions, use HTTP POST with a JSON body; there are no GET endpoints with query parameters.
Pin the API version in the URL path (`/v3.6/`) and confirm the current stable version in the developer docs before deploying.
Key scopes for user management are `agents--all:rw` (create, update, delete any agent) and `agents--all:ro` (read). Scopes must be declared at app registration in the Developer Console; requesting undeclared scopes at runtime will fail.
The rate limit is 1,000 requests per 10-minute window per license - shared across all tokens and integrations on that license - with `X-RateLimit-Remaining` and `Retry-After` headers available for backoff logic.
For identity graph use cases, the agent `id` field is the agent's email address, not a UUID. This has a direct consequence: changing an agent's email requires deletion and re-creation of the agent record, breaking any downstream reference that stored the original `id`.
Model this carefully in any identity graph that maps LiveChat agents to canonical user records from an IdP.
API quick reference
| Has user API | Yes |
| Auth method | OAuth 2.0 (Bearer token) |
| Base URL | Official docs |
| SCIM available | No |
| SCIM plan required | Enterprise |
Authentication
Auth method: OAuth 2.0 (Bearer token)
Setup steps
- Register an app in the LiveChat Developer Console (https://developers.livechat.com/console/).
- Choose OAuth 2.0 grant type: Authorization Code (for user-context) or Client Credentials (for server-to-server).
- Request required scopes (e.g., agents--all:rw) during app registration.
- Exchange authorization code or client credentials for an access token at https://accounts.livechat.com/v2/token.
- Include the token in every API request as: Authorization: Bearer
.
Required scopes
| Scope | Description | Required for |
|---|---|---|
| agents--all:ro | Read all agents in the license. | List agents, get agent details |
| agents--all:rw | Create, update, and delete any agent. | Create agent, update agent, delete agent |
| agents--my:ro | Read the authenticated agent's own profile. | Get own agent profile |
| agents--my:rw | Update the authenticated agent's own profile. | Update own agent profile |
| groups--all:rw | Create, update, and delete groups; manage group membership. | Group management endpoints |
| groups--all:ro | Read all groups and their members. | List groups, get group details |
User object / data model
| Field | Type | Description | On create | On update | Notes |
|---|---|---|---|---|---|
| id | string | Unique agent identifier (email address). | required | immutable | Used as the primary key in all agent endpoints. |
| name | string | Agent's display name. | required | optional | |
| role | string | Agent role: 'administrator' or 'agent'. | optional | optional | Defaults to 'agent' on create. |
| avatar_path | string | URL of the agent's avatar image. | optional | optional | |
| job_title | string | Agent's job title shown in chat widget. | optional | optional | |
| mobile | string | Agent's mobile phone number. | optional | optional | |
| max_chats_count | integer | Maximum concurrent chats the agent can handle. | optional | optional | 0 means unlimited. |
| awaiting_approval | boolean | Whether the agent invitation is pending acceptance. | read-only | read-only | |
| groups | array[object] | List of group objects the agent belongs to, each with id and priority. | optional | optional | Priority values: first, last, normal, supervisor. |
| notifications | object | Notification preferences (new_visitor, new_goal, etc.). | optional | optional | |
| work_scheduler | object | Agent's work schedule configuration per day. | optional | optional | |
| routing_status | string | Current routing status: accepting_chats or not_accepting_chats. | read-only | read-only | Set via Agent API, not Configuration API. |
Core endpoints
List Agents
- Method: GET
- URL:
https://api.livechatinc.com/v3.6/configuration/action/list_agents - Watch out for: Despite being a 'list' operation, the endpoint uses POST with a JSON body. Filtering by group_ids is supported in the request body.
Request example
POST /v3.6/configuration/action/list_agents
Authorization: Bearer <token>
Content-Type: application/json
{}
Response example
{
"agents": [
{"id":"agent@example.com","name":"Jane Doe","role":"agent"}
]
}
Get Agent
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/get_agent - Watch out for: Requires agents--all:ro scope; agents--my:ro only works for the authenticated agent's own record.
Request example
POST /v3.6/configuration/action/get_agent
Authorization: Bearer <token>
{"id":"agent@example.com"}
Response example
{
"id":"agent@example.com",
"name":"Jane Doe",
"role":"agent",
"max_chats_count":5
}
Create Agent
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/create_agent - Watch out for: Creates an invitation; agent must accept via email. awaiting_approval=true until accepted. Seat limits apply per plan.
Request example
POST /v3.6/configuration/action/create_agent
Authorization: Bearer <token>
{
"id":"new@example.com",
"name":"New Agent",
"role":"agent"
}
Response example
{
"id":"new@example.com",
"name":"New Agent",
"awaiting_approval":true
}
Update Agent
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/update_agent - Watch out for: Returns empty object on success. Only fields included in the body are updated (partial update semantics).
Request example
POST /v3.6/configuration/action/update_agent
Authorization: Bearer <token>
{
"id":"agent@example.com",
"max_chats_count":8,
"role":"administrator"
}
Response example
{}
Delete Agent
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/delete_agent - Watch out for: Permanently removes the agent and reassigns open chats. Cannot delete the last administrator.
Request example
POST /v3.6/configuration/action/delete_agent
Authorization: Bearer <token>
{"id":"agent@example.com"}
Response example
{}
List Groups
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/list_groups - Watch out for: Group IDs are integers, not strings. Agent membership is managed via update_agent or update_group.
Request example
POST /v3.6/configuration/action/list_groups
Authorization: Bearer <token>
{}
Response example
{
"groups":[
{"id":1,"name":"Sales","agent_priorities":{}}
]
}
Create Group
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/create_group - Watch out for: agent_priorities map uses agent email as key and priority string as value.
Request example
POST /v3.6/configuration/action/create_group
Authorization: Bearer <token>
{
"name":"Support Tier 2",
"agent_priorities":{"agent@example.com":"normal"}
}
Response example
{
"id":5,
"name":"Support Tier 2"
}
Update Group
- Method: POST
- URL:
https://api.livechatinc.com/v3.6/configuration/action/update_group - Watch out for: Sending agent_priorities replaces the entire map for included agents; omitted agents retain existing priority.
Request example
POST /v3.6/configuration/action/update_group
Authorization: Bearer <token>
{
"id":5,
"agent_priorities":{"new@example.com":"first"}
}
Response example
{}
Rate limits, pagination, and events
- Rate limits: LiveChat enforces per-license rate limits on the Configuration API. Limits are applied per access token / license combination. Exceeding limits returns HTTP 429.
- Rate-limit headers: Yes
- Retry-After header: Yes
- Rate-limit notes: Response headers X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset are returned. On 429, Retry-After header indicates seconds to wait. Exact per-plan differentiation is not publicly documented.
- Pagination method: cursor
- Default page size: 1000
- Max page size: 1000
- Pagination pointer: page_id
| Plan | Limit | Concurrent |
|---|---|---|
| All plans (default) | 1000 requests per 10 minutes per license | 0 |
- Webhooks available: Yes
- Webhook notes: LiveChat supports webhooks via the Configuration API. Webhooks can be registered per license and fire on agent/chat lifecycle events.
- Alternative event strategy: LiveChat also supports the Real-Time Messaging (RTM) WebSocket API for push-based event streaming without polling.
- Webhook events: agent_created, agent_updated, agent_deleted, agent_suspended, agent_unsuspended, agent_approved, chat_started, chat_ended, incoming_chat, routing_status_set
SCIM API status
- SCIM available: No
- SCIM version: Not documented
- Plan required: Enterprise
- Endpoint: Not documented
Limitations:
- No SCIM 2.0 endpoint is officially documented by LiveChat.
- SSO via SAML 2.0 is available on the Enterprise plan (Okta and OneLogin IdPs documented).
- User provisioning must be performed via the Configuration API or manually.
Common scenarios
Provisioning a new agent requires POST /configuration/action/create_agent with id (email), name, and role. The agent is not active until they accept the invitation email; awaiting_approval: true during this window.
Downstream provisioning steps - group assignment, routing configuration - should gate on awaiting_approval: false to avoid operating on an inactive record. Group assignment is handled via POST /configuration/action/update_agent with a groups array specifying group id and priority.
Offboarding uses POST /configuration/action/delete_agent. Deletion is permanent and immediate; there is no suspend or deactivate state. As a soft-disable pattern before full deletion, setting max_chats_count to 0 via update_agent prevents new chat routing without removing the agent record. Retrieve current group memberships and settings via get_agent before deletion for audit logging.
For IdP-driven role sync - for example, mapping Okta group membership to LiveChat roles - the flow is: receive IdP event, map to 'agent' or 'administrator' (the only two assignable roles; 'owner' cannot be set via API), then POST /configuration/action/update_agent with the updated role field. If group membership also changed, follow with update_group. This pipeline must be custom-built; LiveChat has no native SCIM endpoint at any documented tier.
Provision a new agent and assign to a group
- POST /configuration/action/create_agent with id (email), name, and role fields.
- Note awaiting_approval=true; agent must accept the invitation email before they can log in.
- POST /configuration/action/update_agent with the agent id and groups array including the target group id and priority.
- Optionally POST /configuration/action/update_group to set agent_priorities for the new agent.
Watch out for: The agent cannot be assigned chats or appear online until they accept the invitation. Automate a check on awaiting_approval before downstream provisioning steps.
Deprovision an agent (offboarding)
- POST /configuration/action/get_agent to retrieve current group memberships and settings for audit logging.
- POST /configuration/action/delete_agent with the agent's email id.
- Verify open chats are reassigned by monitoring via the Agent Chat API or webhooks.
Watch out for: Deletion is permanent and immediate. There is no suspend/deactivate state - consider updating max_chats_count to 0 as a temporary soft-disable before full deletion.
Sync agent role changes from an IdP (e.g., Okta) via API
- Receive a user-update event from the IdP (e.g., via Okta webhook or SCIM-like polling).
- Map IdP group/role to LiveChat role ('agent' or 'administrator').
- POST /configuration/action/update_agent with id and updated role field.
- POST /configuration/action/update_group if group membership also changed.
Watch out for: LiveChat has no native SCIM endpoint; this sync must be custom-built. SSO (SAML) handles authentication but not automated provisioning/deprovisioning.
Why building this yourself is a trap
The most significant integration trap is the invitation model: create_agent does not activate an agent - it sends an email. Any automation that proceeds to assign chats, set routing status, or validate group membership before the agent accepts will operate on a ghost record.
Poll or webhook on agent_approved before treating a provisioning job as complete.
A second trap is the shared rate limit. At 1,000 requests per 10 minutes per license, multiple integrations or sync jobs running concurrently against the same license will contend for the same quota. Bulk onboarding operations should be serialized and instrumented with X-RateLimit-Remaining checks.
The Configuration API is also entirely separate from the Agent Chat API and Customer Chat API - user management endpoints do not exist in those APIs, and mixing base URLs will produce 404s or auth errors.
For identity graph integrity: because id is email-based, any IdP-side email change must trigger a delete-and-recreate cycle in LiveChat, not an update. Treat the LiveChat agent record as non-portable across email changes and design reconciliation logic accordingly.
Automate LiveChat workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
