/swagger. If you are new to the API, read the Introduction and Authentication first, then follow the Quickstart.
Base URL
All resource endpoints are served under a versioned prefix:/api/auth, and invitation endpoints are served at the root (/invites). Every endpoint page states its exact path.
Versioning
The current resource API uses the/api/v1 path prefix. Write clients that ignore unknown response fields, and use the OpenAPI explorer for the current contract.
Conventions
JSON everywhere
Requests and responses are JSON. Send
Content-Type: application/json on any request with a body.Bearer auth
Authenticate with an API key:
Authorization: Bearer sk_.... See Authentication.Schema-defined fields
Field naming follows each endpoint schema and can mix styles. Use the endpoint reference or OpenAPI explorer for the exact shape.
Predictable errors
Errors return the right HTTP status with a JSON message. See the table below.
Error codes
| Status | Meaning | Typical cause |
|---|---|---|
400 | Bad request | Validation failed — a field is missing, malformed, or out of range. |
401 | Unauthorized | Missing, malformed, or invalid credentials. |
403 | Forbidden | Authenticated, but lacking the required role or scope. |
404 | Not found | The resource does not exist or is outside your access. |
409 | Conflict | The request collides with existing state (for example a duplicate name). |
message. Treat any non-2xx status as a failure and read the message for detail.
Who can call what
Endpoints differ in the kind of caller they accept:User session required
Organization, environment, and member administration. These are dashboard operations and are intentionally not exposed to API keys.
API key allowed
Content operations — tenants, knowledge bases, documents, chats, and agents — accept API keys so your application can run them directly.
Resource groups
Organizations
Create organizations and manage members, roles, and invitations.
Environments
Isolate dev, staging, and production inside an organization.
Tenants
Provision tenants, set limits, and manage tenant memory.
Users
Discover the resources and scopes the current caller can reach.
Invites
Accept team invitations and read invite details.
API keys
Create, list, and revoke the
sk_... keys your application uses.Billing
Read credit balances and usage for a tenant.
Knowledge bases
Configure retrieval boundaries, prompts, sharing, and restricted memory.
Documents
Upload, discover, inspect, reprocess, download, and delete content.
Chats
Create conversations, send messages, stream runs, and manage chat access.
Agents
Configure, deploy, schedule, run, and archive saved agents.
Shared chats
Read sanitized public or organization-shared transcripts.
Connectors & connections
Configure connected app access; use
/swagger for database connection routes.Skills
Manage the reusable skill library that agents attach at run time.