Skip to content

API Overview

The API is served by src/Agentwerke.Api. The OpenAPI document is available at:

text
/openapi/v1.json

Health and runtime

EndpointPurpose
GET /api/health/liveLiveness probe.
GET /api/health/readyReadiness probe with runtime information.
GET /api/health/runtimeActive workflow runtime mode.
GET /api/health/camundaCamunda topology/status when that adapter is active.

Auth

EndpointPurpose
GET /api/auth/configAuth discovery/configuration.
POST /api/auth/tokenDevelopment token endpoint when enabled.

Development token endpoints are not production authentication.

Settings

EndpointPurpose
GET /api/settingsRedacted Admin settings catalog.
PATCH /api/settingsSave supported non-secret values and rotate supported secrets.
POST /api/settings/tests/{target}Run a dry-run readiness check.

Settings requires Admin access.

Workflows and runs

EndpointPurpose
GET /api/workflowsList workflows.
GET /api/workflows/{workflowId}Read one workflow.
POST /api/runsStart a run.
GET /api/runsList runs.
GET /api/runs/{runId}Read run detail.

Approvals

EndpointPurpose
GET /api/approvalsList approval requests.
POST /api/approvals/{approvalId}/decisionApprove, reject, or request changes.

Approval decisions require the Approver role or a higher role with equivalent access.

Artifacts and evidence

EndpointPurpose
POST /api/runs/{runId}/artifacts/{artifactName}Upload artifact bytes.
GET /api/runs/{runId}/artifacts/{artifactName}Download an artifact.
GET /api/runs/{runId}/evidence-packGenerate evidence-pack JSON.
GET /api/runs/{runId}/evidence-pack/downloadDownload evidence-pack JSON.

Webhooks

EndpointPurpose
POST /webhooks/githubReceive signed GitHub events such as issues.

GitHub webhooks are anonymous at the HTTP auth layer but validated through signature checking.

API usage pattern

  1. Obtain a valid token for the target role.
  2. Start or inspect a workflow run.
  3. Follow pending approval or wait-state information.
  4. Retrieve artifacts or evidence after completion.
  5. Use audit and evidence data for investigation or records retention.

Apache-2.0 open core. Enterprise-only capabilities are labeled in context.