Emburse Agentic Access
Emburse exposes 213 API operations that an AI agent could call, of which 118 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 95 read, 38 write, 3 physical, and 77 safety-critical.
77 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| POST | /oauth/token/revoke | safety-critical | required |
| POST | /po-api | safety-critical | required |
| POST | /po-api/create-or-update | safety-critical | required |
| PATCH | /po-api/delete | safety-critical | required |
| POST | /po-api/item/catalog/create-or-update | safety-critical | required |
| PUT | /po-api/poNumber/search | safety-critical | required |
| POST | /po-api/receipts | safety-critical | required |
| POST | /po-api/receipts/create-or-update | safety-critical | required |
| DELETE | /po-api/receipts/{receiptNumber} | safety-critical | required |
| PATCH | /po-api/receipts/{receiptNumber} | safety-critical | required |
| PUT | /po-api/requestNumber/search | safety-critical | required |
| DELETE | /po-api/{poNumber} | safety-critical | required |
| PATCH | /po-api/{requestNumber} | safety-critical | required |
| POST | /v1/allocations | safety-critical | required |
| PUT | /v1/allocations | safety-critical | required |
| DELETE | /v1/allocations | safety-critical | required |
| POST | /v1/expense-report-approvals/{reportId}/submit | safety-critical | required |
| POST | /v1/expense-reports | safety-critical | required |
| POST | /v1/expense-reports/{report-id}/line-items/{report-line-item-id}/approve | safety-critical | required |
| POST | /v1/expense-reports/{report-id}/line-items/{report-line-item-id}/reassign | safety-critical | required |
| POST | /v1/expense-reports/{report-id}/line-items/{report-line-item-id}/return | safety-critical | required |
| DELETE | /v1/expense-reports/{reportId} | safety-critical | required |
| POST | /v1/expense-reports/{reportId}/approve | safety-critical | required |
| DELETE | /v1/expense-reports/{reportId}/line-items | safety-critical | required |
| POST | /v1/expense-reports/{reportId}/notes | safety-critical | required |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/emburse-enterprise-allocation-openapi.yml, openapi/emburse-enterprise-contacts-openapi.yml,
openapi/emburse-enterprise-entity-openapi.yml, openapi/emburse-enterprise-expense-image-openapi.yml,
openapi/emburse-enterprise-expense-openapi.yml, openapi/emburse-enterprise-exported-reports-openapi.yml,
openapi/emburse-enterprise-invoice-openapi.yml, openapi/emburse-enterprise-paid-expense-openapi.yml,
openapi/emburse-enterprise-person-openapi.yml, openapi/emburse-enterprise-preapproval-openapi.yml,
openapi/emburse-enterprise-purchase-order-openapi.yml, openapi/emburse-enterprise-vendor-openapi.yml,
openapi/emburse-virtual-cards-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 213
by_action_class:
connected: 95
acting: 118
by_consequence:
read: 95
safety-critical: 77
write: 38
physical: 3
human_in_the_loop_required: 77
operations:
- path: /v1/allocations
method: get
operationId: getAllocationUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/allocations
method: post
operationId: createAllocationV1UsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/allocations
method: put
operationId: updateAllocationV1UsingPUT
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/allocations
method: delete
operationId: deleteAllocationV1UsingDELETE
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/allocations
method: get
operationId: getAllocationsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/allocations
method: post
operationId: bulkUpsertAllocationsUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v3/allocations
method: get
operationId: getAllocationsUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v3/allocations
method: post
operationId: bulkUpsertAllocationsUsingPOST_1
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v3/allocations/entity
method: post
operationId: createMatterOnSelectUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v3/allocations/entity
method: put
operationId: updateMatterOnSelectUsingPUT
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v3/allocations/matterFilter
method: post
operationId: updateMatterFilterUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v3/allocations/search
method: get
operationId: searchAllocationsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/contacts
method: post
operationId: createContacts
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entities
method: get
operationId: getUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/entities
method: post
operationId: upsertEntitiesUsingPOST
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entities
method: delete
operationId: deleteEntitiesUsingDELETE
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entity-types
method: get
operationId: getEntityTypesUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/entity-types
method: post
operationId: createEntityTypeUsingPOST
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entity-types/{code}
method: get
operationId: getEntityTypeByCodeUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/entity-types/{code}
method: put
operationId: replaceEntityTypeByCodeUsingPUT
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entity-types/{entityTypeCode}
method: delete
operationId: deleteEntityTypeByCodeUsingDELETE
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entity-types/{entityTypeCode}/languages
method: get
operationId: getLanguagesUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/entity-types/{entityTypeCode}/languages
method: post
operationId: addLanguageUsingPOST
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entity-types/{entityTypeCode}/languages/{languageCode}
method: put
operationId: updateLanguageUsingPUT
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/entity-types/{entityTypeCode}/languages/{languageCode}
method: delete
operationId: deleteLanguageUsingDELETE
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v2/entities
method: get
operationId: getUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/entities/search
method: get
operationId: searchUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getVoucherInvoices
method: get
operationId: getByDateRange
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getVoucherInvoicesForXML
method: get
operationId: getVoucherInvoicesForXml
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getVoucherInvoicesForOFD
method: get
operationId: getVoucherInvoicesForOFD
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getReceipts
method: get
operationId: getReceipts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getReceiptsWithCoverPage
method: get
operationId: getReceiptsWithCoverPage
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getReceiptsForXml
method: get
operationId: getReceiptsForXml
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getReceiptsForOFD
method: get
operationId: getReceiptsForOFD
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getLineItemVoucherInvoices
method: get
operationId: getLineItemVoucherInvoices
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getLineItemReceipts
method: get
operationId: getLineItemReceipts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getLineItemReceiptsWithMileageDetails
method: get
operationId: getLineItemReceiptsWithMileageDetails
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /expense-image-api/getLineItemReceiptsFromLineItemId
method: get
operationId: getLineItemReceiptsFromLineItemId
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-receipts/{reportId}
method: get
operationId: getExpenseReceiptsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-report-approvals
method: get
operationId: getApprovalsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-report-approvals/count
method: get
operationId: getExpenseReportCountUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-report-approvals/{reportId}
method: get
operationId: getExpenseReportUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-report-approvals/{reportId}/submit
method: post
operationId: submitExpenseReportForApprovalUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-report-line-item-search
method: get
operationId: getLineItemsUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-reports
method: get
operationId: getExpenseReportsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-reports
method: post
operationId: createExpenseReportUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{report-id}/line-items/{report-line-item-id}/approve
method: post
operationId: approveExpenseReportLineItemUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{report-id}/line-items/{report-line-item-id}/reassign
method: post
operationId: reassignExpenseReportLineItemUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{report-id}/line-items/{report-line-item-id}/return
method: post
operationId: returnExpenseReportLineItemUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}
method: get
operationId: getExpenseReportUsingGET_2
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-reports/{reportId}
method: delete
operationId: deleteExpenseReportUsingDELETE
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/approve
method: post
operationId: approveExpenseReportUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/line-items
method: delete
operationId: deleteExpenseReportLineItemUsingDELETE
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/notes
method: post
operationId: createExpenseHeaderNoteUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/reassign
method: post
operationId: reassignExpenseReportUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/return
method: post
operationId: returnExpenseReportUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/submit
method: post
operationId: submitExpenseReportUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/expense-reports/{reportId}/tracking
method: get
operationId: getReportForTrackingUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/expense-types
method: get
operationId: getExpenseTypesUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/open-expense-reports
method: get
operationId: getOpenExpenseReportsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/returned-payment-expense-reports/lite
method: get
operationId: getReturnedPaymentExpenseReportHeaderIdsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/trip-reports-summary
method: get
operationId: getTripReportsSummaryUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/expense-report-approvals
method: get
operationId: getApprovalsUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/expense-report-approvals/count
method: get
operationId: getExpenseReportCountUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/expense-report-approvals/{reportId}
method: get
operationId: getExpenseReportUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/expense-reports/{reportId}/approve
method: post
operationId: approveExpenseReportUsingPOST_1
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/expense-reports/{reportId}/reassign
method: post
operationId: reassignExpenseReportUsingPOST_1
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/expense-reports/{reportId}/return
method: post
operationId: returnExpenseReportUsingPOST_1
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/expense-reports/{reportId}/submit
method: post
operationId: submitExpenseReportUsingPOST_1
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v3/expense-reports
method: get
operationId: getExpenseReportsUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v3/expense-reports/{reportId}
method: get
operationId: getExpenseReportUsingGET_3
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v3/expense-reports/{reportId}/line-items
method: get
operationId: getLineItemsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/export-status
method: post
operationId: updateExpenseExportStatusUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/export-status/re-post
method: patch
operationId: repostExternalExportStatusByExportIdsUsingPATCH
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/exports
method: get
operationId: getExportIdsUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/export-status
method: post
operationId: updateExportStatusUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/export-status/re-post
method: patch
operationId: repostExternalExportStatusByExportIdsUsingPATCH_1
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/exports
method: get
operationId: getExportIdsUsingGET_1
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/invoice-api/invoices
method: put
operationId: getInvoicesUsingPUT
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/invoice-api/invoices/images/pdf
method: get
operationId: getImagesInPdfUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/invoice-api/invoices/payments
method: put
operationId: getInvoicePaymentsUsingPUT
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/invoice-api/invoices/sdi/xml
method: post
operationId: postInvoicePaymentStatusUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/invoice-api/invoices/{invoiceId}/approve
method: post
operationId: approveInvoiceUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/invoice-api/invoices/{invoiceId}/assign
method: post
operationId: assignInvoiceUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/invoice-api/invoices/{invoiceId}/ocr/images
method: get
operationId: getInvoiceOcrImagesReportUsingGET
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/invoice-api/invoices/{invoiceId}/payment
method: post
operationId: postInvoicePaymentStatusExternalUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/invoice-api/invoices/{invoiceId}/return
method: post
operationId: returnInvoiceUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/paid-expense
method: post
operationId: createPaidExpenseUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/paid-expenses
method: post
operationId: createPaidExpensesUsingPOST
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/persons/{personUniqueId}/person-entities/{person-entity-id}
method: get
operationId: getPersonEntityById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v4/persons/{personUniqueId}/person-entities/{person-entity-id}
method: put
operationId: modifyPersonEntityById
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/persons/{personUniqueId}/person-entities/{person-entity-id}
method: delete
operationId: deletePersonEntityById
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/sap-persons
method: post
operationId: sapPatchyPostBecauseReasons
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/persons
method: get
operationId: getPersons
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v4/persons
method: post
operationId: createPerson
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/persons/{toPersonUniqueId}/assists/{fromPersonUniqueId}
method: post
operationId: addPersonDelegate
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/persons/{toPersonUniqueId}/assists/{fromPersonUniqueId}
method: delete
operationId: deletePersonDelegate
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v4/persons/{personUniqueId}/udas
method: get
operationId: getPersonUdas
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v4/persons/{personUniqueId}/udas
method: post
operationId: createPersonUda
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-requir
# --- truncated at 32 KB (66 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/emburse/refs/heads/main/agentic-access/emburse-agentic-access.yml