Skip to content

API Endpoints

The API gateway exposes REST (and WebSocket for chat). Internal-only routes are marked accordingly. Full detail: PRD (gateway sections).

Auth: most routes require JWT; health and login are exceptions. Rate limits depend on deployment.

Authentication

Pattern Auth
Health / login None (login returns token)
Everything else Authorization: Bearer <JWT>

Identity

Method Path Description
POST /users/login Login with email + password; returns JWT
POST /users Create user
GET /users List users
GET /users/{id} Get user
PATCH /users/{id} Update user

Agents

Method Path Description
POST /agents Create agent
GET /agents/{id} Get agent
PATCH /agents/{id} Update agent profile (system_prompt, config)
GET /agents/{id}/profile Get profile — Redis cached, 5 min TTL

Agent documents

Method Path Description
POST /agents/{id}/documents Attach document (rule / skill / context_doc / reference)
GET /agents/{id}/documents List documents; optional ?doc_type= filter
DELETE /agents/{id}/documents/{doc_id} Remove document

Goals & tasks

Method Path Description
POST /agents/{id}/goals Submit goal
GET /tasks/{id} Task state
GET /graphs/{id} Task graph

Chat (Phase 10)

Method Path Description
POST /chat/sessions Create session (agent_id, title)
GET /chat/sessions List sessions for authenticated user
GET /chat/sessions/{id} Session details
GET /chat/ws WebSocket upgrade for streaming
POST /chat/sessions/{id}/inject External message injection into session

Approvals

Method Path Description
POST /approvals/{id}/decide Submit approval decision; supports dual-approval

Slack

Method Path Description
POST /webhooks/{source_id} Webhook ingest with HMAC-SHA256 verification
POST /internal/slack/post Proactive Slack posting — internal, requires X-Slack-Internal-Secret

Internal / Olympus

Method Path Description
POST /internal/goals Agent-to-agent goal posting with rate limiting
POST /internal/apply-plan Called by access-control to apply an approved plan (goal-service)

Dashboard (super-admin)

Path Description
/superadmin/dashboard/ Platform dashboard UI
/superadmin/api/dashboard/snapshot Summary snapshot
/superadmin/api/dashboard/approvals Pending approvals
/superadmin/api/dashboard/goals Goal list
/superadmin/api/dashboard/tasks Task list
/superadmin/api/dashboard/agents Agent list
/superadmin/api/dashboard/chat Chat sessions
/superadmin/api/dashboard/slack Slack config
/superadmin/api/slack/* Slack app configuration

Note

All /superadmin/api/* routes enforce super-admin role and apply redactForSuperAdmin() to response payloads.