diff --git a/src/dotnet/APIView/APIViewWeb/typespec/main.tsp b/src/dotnet/APIView/APIViewWeb/typespec/main.tsp
index 7a1cddb4dc8..a0c520d2b76 100644
--- a/src/dotnet/APIView/APIViewWeb/typespec/main.tsp
+++ b/src/dotnet/APIView/APIViewWeb/typespec/main.tsp
@@ -5,6 +5,7 @@ import "./autoreview.tsp";
 import "./apirevisions.tsp";
 import "./comments.tsp";
 import "./reviews.tsp";
+import "./permissions.tsp";
 
 using TypeSpec.Http;
 
diff --git a/src/dotnet/APIView/APIViewWeb/typespec/models.tsp b/src/dotnet/APIView/APIViewWeb/typespec/models.tsp
index e8312e82d4a..e06fe2d29f0 100644
--- a/src/dotnet/APIView/APIViewWeb/typespec/models.tsp
+++ b/src/dotnet/APIView/APIViewWeb/typespec/models.tsp
@@ -225,6 +225,21 @@ model ApiViewAgentComment {
     ThreadId?: string;
 }
 
+/** A user returned by a reviewer/admin endpoint */
+model ReviewerInfo {
+    /** GitHub username */
+    name: string;
+    /** The user's role (e.g. "Architect", "DeputyArchitect", "admin") */
+    role: string;
+}
+
+/** Response envelope for the get-approvers-for-language endpoint */
+model ApproversForLanguageResponse {
+    /** The language these approvers are scoped to */
+    language: string;
+    /** List of approvers with their language-scoped role */
+    approvers: ReviewerInfo[];
+}
 
 /**
  * Bad request error response
diff --git a/src/dotnet/APIView/APIViewWeb/typespec/permissions.tsp b/src/dotnet/APIView/APIViewWeb/typespec/permissions.tsp
new file mode 100644
index 00000000000..1b1019122fe
--- /dev/null
+++ b/src/dotnet/APIView/APIViewWeb/typespec/permissions.tsp
@@ -0,0 +1,39 @@
+import "@typespec/http";
+import "./models.tsp";
+
+using TypeSpec.Http;
+
+namespace APIView;
+
+/**
+ * Permissions endpoints accessible via Azure AD token.
+ * These endpoints are intended for use by agents and MCP clients via Bearer token.
+ */
+@route("/api/permissions")
+@useAuth(BearerAuth)
+namespace Permissions {
+    /**
+     * Get the approvers for a given language with their roles.
+     * @param language The language to get approvers for (e.g. "Python", "Java").
+     * @returns List of approvers with their language-scoped role
+     */
+    @get
+    @route("/approvers/{language}")
+    op GetApproversForLanguage(
+        @path language: string
+    ): {
+        @statusCode statusCode: 200;
+        @body body: ApproversForLanguageResponse;
+    } | UnauthorizedErrorResponse | InternalServerErrorResponse;
+
+    /**
+     * Get the list of GitHub usernames who have APIView admin permissions.
+     * @returns Admins with role "admin"
+     */
+    @get
+    @route("/admins")
+    op GetAdminUsernames(): {
+        @statusCode statusCode: 200;
+        @body admins: ReviewerInfo[];
+    } | UnauthorizedErrorResponse | InternalServerErrorResponse;
+}