Commerce Layer · Agentic Access

Commerce Layer Agentic Access

x-agentic-access generated

Commerce Layer exposes 1334 API operations that an AI agent could call, of which 371 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.

By consequence: 963 read, 270 write, 98 physical, and 3 safety-critical.

3 operations are classed safety-critical and should require human-in-the-loop approval at runtime.

Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.

Headless CommerceComposable CommerceAPI-FirstEcommerceJSON:APIOAuth 2.0Multi-MarketMulti-CurrencyB2CB2BSubscriptionsPromotionsInventoryOrder ManagementCheckout
Operations: 1334 Acting: 371 Human-in-the-loop: 3 Method: generated

By consequence

read 963 write 270 physical 98 safety-critical 3

Highest-consequence actions

The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.

MethodPathConsequenceHuman-in-loop
POST /customer_password_resets safety-critical required
PATCH /customer_password_resets/{customerPasswordResetId} safety-critical required
DELETE /customer_password_resets/{customerPasswordResetId} safety-critical required
POST /adyen_payments physical conditional
PATCH /adyen_payments/{adyenPaymentId} physical conditional
DELETE /adyen_payments/{adyenPaymentId} physical conditional
POST /application_memberships physical conditional
PATCH /application_memberships/{applicationMembershipId} physical conditional
DELETE /application_memberships/{applicationMembershipId} physical conditional
POST /axerve_payments physical conditional
PATCH /axerve_payments/{axervePaymentId} physical conditional
DELETE /axerve_payments/{axervePaymentId} physical conditional
POST /braintree_payments physical conditional
PATCH /braintree_payments/{braintreePaymentId} physical conditional
DELETE /braintree_payments/{braintreePaymentId} physical conditional
POST /checkout_com_gateways physical conditional
PATCH /checkout_com_gateways/{checkoutComGatewayId} physical conditional
DELETE /checkout_com_gateways/{checkoutComGatewayId} physical conditional
POST /checkout_com_payments physical conditional
PATCH /checkout_com_payments/{checkoutComPaymentId} physical conditional
DELETE /checkout_com_payments/{checkoutComPaymentId} physical conditional
POST /customer_payment_sources physical conditional
PATCH /customer_payment_sources/{customerPaymentSourceId} physical conditional
DELETE /customer_payment_sources/{customerPaymentSourceId} physical conditional
POST /external_payments physical conditional

Source

Agentic Access

Raw ↑
generated: '2026-07-15'
method: generated
source: openapi/commerce-layer-core-api-openapi.json, openapi/commerce-layer-metrics-api-openapi.json,
  openapi/commerce-layer-provisioning-api-openapi.json
description: Recommended x-agentic-access execution contracts, classified heuristically from
  the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
  audience per deployment. See research/curity/agentic-governance/.
summary:
  operations: 1334
  by_action_class:
    connected: 963
    acting: 371
  by_consequence:
    read: 963
    write: 270
    physical: 98
    safety-critical: 3
  human_in_the_loop_required: 3
operations:
- path: /addresses
  method: get
  operationId: GET/addresses
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /addresses
  method: post
  operationId: POST/addresses
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /addresses/{addressId}
  method: get
  operationId: GET/addresses/addressId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /addresses/{addressId}
  method: patch
  operationId: PATCH/addresses/addressId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /addresses/{addressId}
  method: delete
  operationId: DELETE/addresses/addressId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /addresses/{addressId}/geocoder
  method: get
  operationId: GET/addressId/geocoder
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /addresses/{addressId}/events
  method: get
  operationId: GET/addressId/events
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /addresses/{addressId}/tags
  method: get
  operationId: GET/addressId/tags
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /addresses/{addressId}/event_stores
  method: get
  operationId: GET/addressId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adjustments
  method: get
  operationId: GET/adjustments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adjustments
  method: post
  operationId: POST/adjustments
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adjustments/{adjustmentId}
  method: get
  operationId: GET/adjustments/adjustmentId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adjustments/{adjustmentId}
  method: patch
  operationId: PATCH/adjustments/adjustmentId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adjustments/{adjustmentId}
  method: delete
  operationId: DELETE/adjustments/adjustmentId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adjustments/{adjustmentId}/event_stores
  method: get
  operationId: GET/adjustmentId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_gateways
  method: get
  operationId: GET/adyen_gateways
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_gateways
  method: post
  operationId: POST/adyen_gateways
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adyen_gateways/{adyenGatewayId}
  method: get
  operationId: GET/adyen_gateways/adyenGatewayId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_gateways/{adyenGatewayId}
  method: patch
  operationId: PATCH/adyen_gateways/adyenGatewayId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adyen_gateways/{adyenGatewayId}
  method: delete
  operationId: DELETE/adyen_gateways/adyenGatewayId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adyen_gateways/{adyenGatewayId}/payment_methods
  method: get
  operationId: GET/adyenGatewayId/payment_methods
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_gateways/{adyenGatewayId}/event_stores
  method: get
  operationId: GET/adyenGatewayId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_gateways/{adyenGatewayId}/adyen_payments
  method: get
  operationId: GET/adyenGatewayId/adyen_payments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_payments
  method: get
  operationId: GET/adyen_payments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_payments
  method: post
  operationId: POST/adyen_payments
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adyen_payments/{adyenPaymentId}
  method: get
  operationId: GET/adyen_payments/adyenPaymentId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_payments/{adyenPaymentId}
  method: patch
  operationId: PATCH/adyen_payments/adyenPaymentId
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adyen_payments/{adyenPaymentId}
  method: delete
  operationId: DELETE/adyen_payments/adyenPaymentId
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /adyen_payments/{adyenPaymentId}/order
  method: get
  operationId: GET/adyenPaymentId/order
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_payments/{adyenPaymentId}/payment_gateway
  method: get
  operationId: GET/adyenPaymentId/payment_gateway
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /adyen_payments/{adyenPaymentId}/event_stores
  method: get
  operationId: GET/adyenPaymentId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /application
  method: get
  operationId: GET/application/applicationId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /attachments
  method: get
  operationId: GET/attachments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /attachments
  method: post
  operationId: POST/attachments
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /attachments/{attachmentId}
  method: get
  operationId: GET/attachments/attachmentId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /attachments/{attachmentId}
  method: patch
  operationId: PATCH/attachments/attachmentId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /attachments/{attachmentId}
  method: delete
  operationId: DELETE/attachments/attachmentId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /attachments/{attachmentId}/event_stores
  method: get
  operationId: GET/attachmentId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations
  method: get
  operationId: GET/authorizations
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}
  method: get
  operationId: GET/authorizations/authorizationId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}
  method: patch
  operationId: PATCH/authorizations/authorizationId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /authorizations/{authorizationId}/order
  method: get
  operationId: GET/authorizationId/order
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}/attachments
  method: get
  operationId: GET/authorizationId/attachments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}/events
  method: get
  operationId: GET/authorizationId/events
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}/event_stores
  method: get
  operationId: GET/authorizationId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}/captures
  method: get
  operationId: GET/authorizationId/captures
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /authorizations/{authorizationId}/voids
  method: get
  operationId: GET/authorizationId/voids
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts
  method: get
  operationId: GET/avalara_accounts
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts
  method: post
  operationId: POST/avalara_accounts
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /avalara_accounts/{avalaraAccountId}
  method: get
  operationId: GET/avalara_accounts/avalaraAccountId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts/{avalaraAccountId}
  method: patch
  operationId: PATCH/avalara_accounts/avalaraAccountId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /avalara_accounts/{avalaraAccountId}
  method: delete
  operationId: DELETE/avalara_accounts/avalaraAccountId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /avalara_accounts/{avalaraAccountId}/markets
  method: get
  operationId: GET/avalaraAccountId/markets
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts/{avalaraAccountId}/attachments
  method: get
  operationId: GET/avalaraAccountId/attachments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts/{avalaraAccountId}/events
  method: get
  operationId: GET/avalaraAccountId/events
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts/{avalaraAccountId}/event_stores
  method: get
  operationId: GET/avalaraAccountId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /avalara_accounts/{avalaraAccountId}/tax_categories
  method: get
  operationId: GET/avalaraAccountId/tax_categories
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_gateways
  method: get
  operationId: GET/axerve_gateways
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_gateways
  method: post
  operationId: POST/axerve_gateways
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /axerve_gateways/{axerveGatewayId}
  method: get
  operationId: GET/axerve_gateways/axerveGatewayId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_gateways/{axerveGatewayId}
  method: patch
  operationId: PATCH/axerve_gateways/axerveGatewayId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /axerve_gateways/{axerveGatewayId}
  method: delete
  operationId: DELETE/axerve_gateways/axerveGatewayId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /axerve_gateways/{axerveGatewayId}/payment_methods
  method: get
  operationId: GET/axerveGatewayId/payment_methods
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_gateways/{axerveGatewayId}/event_stores
  method: get
  operationId: GET/axerveGatewayId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_gateways/{axerveGatewayId}/axerve_payments
  method: get
  operationId: GET/axerveGatewayId/axerve_payments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_payments
  method: get
  operationId: GET/axerve_payments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_payments
  method: post
  operationId: POST/axerve_payments
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /axerve_payments/{axervePaymentId}
  method: get
  operationId: GET/axerve_payments/axervePaymentId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_payments/{axervePaymentId}
  method: patch
  operationId: PATCH/axerve_payments/axervePaymentId
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /axerve_payments/{axervePaymentId}
  method: delete
  operationId: DELETE/axerve_payments/axervePaymentId
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /axerve_payments/{axervePaymentId}/order
  method: get
  operationId: GET/axervePaymentId/order
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_payments/{axervePaymentId}/payment_gateway
  method: get
  operationId: GET/axervePaymentId/payment_gateway
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /axerve_payments/{axervePaymentId}/event_stores
  method: get
  operationId: GET/axervePaymentId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bing_geocoders
  method: get
  operationId: GET/bing_geocoders
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bing_geocoders
  method: post
  operationId: POST/bing_geocoders
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /bing_geocoders/{bingGeocoderId}
  method: get
  operationId: GET/bing_geocoders/bingGeocoderId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bing_geocoders/{bingGeocoderId}
  method: patch
  operationId: PATCH/bing_geocoders/bingGeocoderId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /bing_geocoders/{bingGeocoderId}
  method: delete
  operationId: DELETE/bing_geocoders/bingGeocoderId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /bing_geocoders/{bingGeocoderId}/markets
  method: get
  operationId: GET/bingGeocoderId/markets
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bing_geocoders/{bingGeocoderId}/addresses
  method: get
  operationId: GET/bingGeocoderId/addresses
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bing_geocoders/{bingGeocoderId}/attachments
  method: get
  operationId: GET/bingGeocoderId/attachments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bing_geocoders/{bingGeocoderId}/event_stores
  method: get
  operationId: GET/bingGeocoderId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_gateways
  method: get
  operationId: GET/braintree_gateways
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_gateways
  method: post
  operationId: POST/braintree_gateways
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /braintree_gateways/{braintreeGatewayId}
  method: get
  operationId: GET/braintree_gateways/braintreeGatewayId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_gateways/{braintreeGatewayId}
  method: patch
  operationId: PATCH/braintree_gateways/braintreeGatewayId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /braintree_gateways/{braintreeGatewayId}
  method: delete
  operationId: DELETE/braintree_gateways/braintreeGatewayId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /braintree_gateways/{braintreeGatewayId}/payment_methods
  method: get
  operationId: GET/braintreeGatewayId/payment_methods
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_gateways/{braintreeGatewayId}/event_stores
  method: get
  operationId: GET/braintreeGatewayId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_gateways/{braintreeGatewayId}/braintree_payments
  method: get
  operationId: GET/braintreeGatewayId/braintree_payments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_payments
  method: get
  operationId: GET/braintree_payments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_payments
  method: post
  operationId: POST/braintree_payments
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /braintree_payments/{braintreePaymentId}
  method: get
  operationId: GET/braintree_payments/braintreePaymentId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_payments/{braintreePaymentId}
  method: patch
  operationId: PATCH/braintree_payments/braintreePaymentId
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /braintree_payments/{braintreePaymentId}
  method: delete
  operationId: DELETE/braintree_payments/braintreePaymentId
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /braintree_payments/{braintreePaymentId}/order
  method: get
  operationId: GET/braintreePaymentId/order
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_payments/{braintreePaymentId}/payment_gateway
  method: get
  operationId: GET/braintreePaymentId/payment_gateway
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /braintree_payments/{braintreePaymentId}/event_stores
  method: get
  operationId: GET/braintreePaymentId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles
  method: get
  operationId: GET/bundles
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles
  method: post
  operationId: POST/bundles
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /bundles/{bundleId}
  method: get
  operationId: GET/bundles/bundleId
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}
  method: patch
  operationId: PATCH/bundles/bundleId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /bundles/{bundleId}
  method: delete
  operationId: DELETE/bundles/bundleId
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /bundles/{bundleId}/market
  method: get
  operationId: GET/bundleId/market
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}/sku_list
  method: get
  operationId: GET/bundleId/sku_list
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}/skus
  method: get
  operationId: GET/bundleId/skus
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}/attachments
  method: get
  operationId: GET/bundleId/attachments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}/events
  method: get
  operationId: GET/bundleId/events
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}/tags
  method: get
  operationId: GET/bundleId/tags
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /bundles/{bundleId}/event_stores
  method: get
  operationId: GET/bundleId/event_stores
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /buy_x_pay_y_promotions
  method: get
  operationId: GET/buy_x_pay_y_promotions
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /buy_x_pay_y_promotions
  method: post
  operationId: POST/buy_x_pay_y_promotions
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /buy_x_pay_y_promotions/{buyXPayYPromotionId}
  method: get
  operationId: GET/buy_x_pay_y_promotions/buyXPayYPromotionId
  x-agentic-access:
    action-class: connecte

# --- truncated at 32 KB (370 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/commerce-layer/refs/heads/main/agentic-access/commerce-layer-agentic-access.yml