Civitai · Agentic Access
Civitai Agentic Access
x-agentic-access
generated
Civitai exposes 29 API operations that an AI agent could call, of which 9 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 20 read and 9 write.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
AIArtificial IntelligenceImage GenerationVideo GenerationStable DiffusionSDXLFluxLoRAModel HostingCommunityGenerative AI
Operations: 29
Acting: 9
Human-in-the-loop: 0
Method: generated
By consequence
read 20
write 9
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/civitai-orchestration-api-openapi.yml, openapi/civitai-site-api-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 29
by_action_class:
acting: 9
connected: 20
by_consequence:
write: 9
read: 20
human_in_the_loop_required: 0
operations:
- path: /v2/consumer/workflows
method: post
operationId: submitWorkflow
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v2/consumer/workflows
method: get
operationId: queryWorkflows
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/consumer/workflows/{workflowId}
method: get
operationId: getWorkflow
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/consumer/workflows/{workflowId}
method: put
operationId: updateWorkflow
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v2/consumer/workflows/{workflowId}
method: patch
operationId: patchWorkflow
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v2/consumer/workflows/{workflowId}
method: delete
operationId: deleteWorkflow
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v2/consumer/blobs
method: post
operationId: uploadBlob
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v2/consumer/blobs/upload-url
method: get
operationId: getBlobUploadUrl
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/consumer/blobs/{blobId}
method: get
operationId: getBlob
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/consumer/blobs/{blobId}
method: head
operationId: headBlob
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/consumer/blobs/{blobId}/refresh
method: post
operationId: refreshBlob
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /models
method: get
operationId: listModels
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /models/{id}
method: get
operationId: getModel
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /model-versions/{id}
method: get
operationId: getModelVersion
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /model-versions/mini/{id}
method: get
operationId: getModelVersionMini
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /model-versions/by-hash/{hash}
method: get
operationId: getModelVersionByHash
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /model-versions/by-hash
method: post
operationId: getModelVersionsByHashes
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /model-versions/by-hash/ids
method: post
operationId: getModelVersionIdsByHashes
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /images
method: get
operationId: listImages
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /creators
method: get
operationId: listCreators
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /tags
method: get
operationId: listTags
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /me
method: get
operationId: getCurrentUser
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /users
method: get
operationId: listUsers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /permissions/check
method: get
operationId: checkPermissions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /vault/get
method: get
operationId: getVaultItem
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /vault/all
method: get
operationId: getAllVaultItems
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /vault/check-vault
method: get
operationId: checkVault
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /vault/toggle-version
method: post
operationId: toggleVaultVersion
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /enums
method: get
operationId: getEnums
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none