Coder Agentic Access
Coder exposes 378 API operations that an AI agent could call, of which 165 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 213 read, 150 write, 7 physical, and 8 safety-critical.
8 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| POST | /api/experimental/users/{user}/skills | safety-critical | required |
| DELETE | /api/experimental/users/{user}/skills/{skillName} | safety-critical | required |
| PATCH | /api/experimental/users/{user}/skills/{skillName} | safety-critical | required |
| PUT | /api/v2/notifications/templates/{notification_template}/method | safety-critical | required |
| POST | /api/v2/templates/{template}/prebuilds/invalidate | safety-critical | required |
| PUT | /api/v2/users/{user}/ai/budget | safety-critical | required |
| DELETE | /api/v2/users/{user}/ai/budget | safety-critical | required |
| POST | /oauth2/revoke | safety-critical | required |
| POST | /api/experimental/chats/{chat}/messages | physical | conditional |
| POST | /api/v2/notifications/custom | physical | conditional |
| POST | /api/v2/notifications/test | physical | conditional |
| POST | /api/v2/organizations/{organization}/provisionerkeys | physical | conditional |
| DELETE | /api/v2/organizations/{organization}/provisionerkeys/{provisionerkey} | physical | conditional |
| POST | /api/v2/tasks/{user}/{task}/send | physical | conditional |
| POST | /api/v2/users/{user}/webpush/test | physical | conditional |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/coder-rest-api-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 378
by_action_class:
connected: 213
acting: 165
by_consequence:
read: 213
write: 150
physical: 7
safety-critical: 8
human_in_the_loop_required: 8
operations:
- path: /.well-known/oauth-authorization-server
method: get
operationId: oauth2-authorization-server-metadata
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /.well-known/oauth-protected-resource
method: get
operationId: oauth2-protected-resource-metadata
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats
method: get
operationId: list-chats
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats
method: post
operationId: create-chat
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/config/retention-days
method: get
operationId: get-chat-retention-days
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/config/retention-days
method: put
operationId: update-chat-retention-days
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/files
method: post
operationId: upload-chat-file
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/files/{file}
method: get
operationId: get-chat-file
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/insights/pull-requests
method: get
operationId: get-pr-insights
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/models
method: get
operationId: list-chat-models
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/watch
method: get
operationId: watch-chat-events-for-a-user-via-websockets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}
method: get
operationId: get-chat-by-id
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}
method: patch
operationId: update-chat
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/{chat}/acl
method: get
operationId: get-chat-acls
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/acl
method: patch
operationId: update-chat-acl
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/{chat}/diff
method: get
operationId: get-chat-diff-contents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/interrupt
method: post
operationId: interrupt-chat
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/{chat}/messages
method: get
operationId: list-chat-messages
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/messages
method: post
operationId: send-chat-message
x-agentic-access:
action-class: acting
consequence: physical
subject: required
audience: null
token:
max-ttl: 300
exchange: true
purpose-required: true
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/{chat}/messages/{message}
method: patch
operationId: edit-chat-message
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/{chat}/prompts
method: get
operationId: list-chat-user-prompts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/reconcile-invalid
method: post
operationId: reconcile-invalid-chat-state
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/chats/{chat}/stream
method: get
operationId: stream-chat-events-via-websockets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/stream/desktop
method: get
operationId: connect-to-chat-workspace-desktop-via-websockets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/stream/git
method: get
operationId: watch-chat-workspace-git-state-via-websockets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/stream/parts
method: get
operationId: stream-chat-parts-via-websockets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/chats/{chat}/title/regenerate
method: post
operationId: regenerate-chat-title
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/experimental/users/{user}/skills
method: get
operationId: list-user-skills
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/users/{user}/skills
method: post
operationId: create-a-user-skill
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /api/experimental/users/{user}/skills/{skillName}
method: get
operationId: get-a-user-skill-by-name
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/experimental/users/{user}/skills/{skillName}
method: delete
operationId: delete-a-user-skill
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /api/experimental/users/{user}/skills/{skillName}
method: patch
operationId: update-a-user-skill
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /api/experimental/watch-all-workspacebuilds
method: get
operationId: watch-all-workspace-builds
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/
method: get
operationId: api-root-handler
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/ai/providers
method: get
operationId: list-ai-providers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/ai/providers
method: post
operationId: create-an-ai-provider
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/ai/providers/{idOrName}
method: get
operationId: get-an-ai-provider
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/ai/providers/{idOrName}
method: delete
operationId: delete-an-ai-provider
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/ai/providers/{idOrName}
method: patch
operationId: update-an-ai-provider
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/aibridge/clients
method: get
operationId: list-ai-bridge-clients
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/aibridge/keys
method: get
operationId: list-ai-gateway-keys
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/aibridge/keys
method: post
operationId: create-ai-gateway-key
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/aibridge/keys/{key}
method: delete
operationId: delete-ai-gateway-key
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/aibridge/models
method: get
operationId: list-ai-bridge-models
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/aibridge/sessions
method: get
operationId: list-ai-bridge-sessions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/aibridge/sessions/{session_id}
method: get
operationId: get-ai-bridge-session-threads
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/appearance
method: get
operationId: get-appearance
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/appearance
method: put
operationId: update-appearance
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/applications/auth-redirect
method: get
operationId: redirect-to-uri-with-encrypted-api-key
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/applications/host
method: get
operationId: get-applications-host
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/applications/reconnecting-pty-signed-token
method: post
operationId: issue-signed-app-token-for-reconnecting-pty
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/audit
method: get
operationId: get-audit-logs
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/audit/testgenerate
method: post
operationId: generate-fake-audit-log
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/auth/scopes
method: get
operationId: list-api-key-scopes
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/authcheck
method: post
operationId: check-authorization
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/buildinfo
method: get
operationId: build-info
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/connectionlog
method: get
operationId: get-connection-logs
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/csp/reports
method: post
operationId: report-csp-violations
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/debug/coordinator
method: get
operationId: debug-info-wireguard-coordinator
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/derp/traffic
method: get
operationId: debug-derp-traffic
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/expvar
method: get
operationId: debug-expvar
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/health
method: get
operationId: debug-info-deployment-health
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/health/settings
method: get
operationId: get-health-settings
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/health/settings
method: put
operationId: update-health-settings
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/debug/metrics
method: get
operationId: debug-metrics
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/pprof
method: get
operationId: debug-pprof-index
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/pprof/cmdline
method: get
operationId: debug-pprof-cmdline
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/pprof/profile
method: get
operationId: debug-pprof-profile
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/pprof/symbol
method: get
operationId: debug-pprof-symbol
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/pprof/trace
method: get
operationId: debug-pprof-trace
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/profile
method: post
operationId: collect-debug-profiles
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/debug/tailnet
method: get
operationId: debug-info-tailnet
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/ws
method: get
operationId: debug-info-websocket-test
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/debug/{user}/debug-link
method: get
operationId: debug-oidc-context-for-a-user
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/deployment/config
method: get
operationId: get-deployment-config
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/deployment/ssh
method: get
operationId: ssh-config
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/deployment/stats
method: get
operationId: get-deployment-stats
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/derp-map
method: get
operationId: get-derp-map-updates
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/entitlements
method: get
operationId: get-entitlements
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/experiments
method: get
operationId: get-enabled-experiments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/experiments/available
method: get
operationId: get-safe-experiments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/external-auth
method: get
operationId: get-user-external-auths
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/external-auth/{externalauth}
method: get
operationId: get-external-auth-by-id
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/external-auth/{externalauth}
method: delete
operationId: delete-external-auth-user-link-by-id
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/external-auth/{externalauth}/device
method: get
operationId: get-external-auth-device-by-id
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/external-auth/{externalauth}/device
method: post
operationId: post-external-auth-device-by-id
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/files
method: post
operationId: upload-file
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/files/{fileID}
method: get
operationId: get-file-by-id
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/groups
method: get
operationId: get-groups
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/groups/{group}
method: get
operationId: get-group-by-id
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/groups/{group}
method: delete
operationId: delete-group-by-name
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups/{group}
method: patch
operationId: update-group-by-name
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups/{group}/ai/budget
method: get
operationId: get-group-ai-budget
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/groups/{group}/ai/budget
method: put
operationId: upsert-group-ai-budget
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups/{group}/ai/budget
method: delete
operationId: delete-group-ai-budget
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups/{group}/members
method: get
operationId: get-group-members-by-group-id
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/init-script/{os}/{arch}
method: get
operationId: get-agent-init-script
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/insights/daus
method: get
operationId: get-deployment-daus
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/insights/templates
method: get
operationId: get-insights-about-templates
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/insights/user-activity
method: get
operationId: get-insights-about-user-activity
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/insights/user-latency
method: get
operationId: get-insights-about-user-latency
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/insights/user-status-counts
method: get
operationId: get-insights-about-user-status-counts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/licenses
method: get
operationId: get-licenses
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/licenses
method: post
operationId: add-new-license
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/licenses/refresh-entitlements
method: post
operationId: update-license-entitlements
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/licenses/{id}
method: delete
operationId: delete-license
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/notifications/custom
method: post
operationId: send-a-custom-notification
x-agentic-access:
action-class: acting
consequence: physical
subject: required
audience: null
token:
max-ttl: 300
exchange: true
purpose-required: true
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/notifications/dispatch-methods
method: get
operationId: get-notification-dispatch-methods
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/notifications/inbox
method: get
operationId: list-inbox-notifications
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/notifications/inbox/mark-all-as-read
method: put
operationId: mark-all-unread-notifications-as-read
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/notifications/inbox/watch
method: get
operationId: watch-for-new-inbox-notifications
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/notifications/inbox/{id}/read-status
method: put
operationId: update-read-status-of-a-notification
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/notifications/settings
method: get
operationId: get-notifications-settings
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/notifications/settings
method: put
operationId: update-notifications-settings
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/notifications/templates/custom
method: get
operationId: get-custom-notification-templates
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/notifications/templates/system
method: get
operationId: get-system-notification-templates
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/notifications/templates/{notification_template}/method
method: put
operationId: update-notification-template-dispatch-method
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escal
# --- truncated at 32 KB (111 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/coder/refs/heads/main/agentic-access/coder-agentic-access.yml