Envestnet Agentic Access
Envestnet exposes 150 API operations that an AI agent could call, of which 76 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 74 read, 70 write, 4 physical, and 2 safety-critical.
2 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| DELETE | /paymentProcessor/token | safety-critical | required |
| DELETE | /paymentProcessor/token | safety-critical | required |
| POST | /paymentProcessor/token | physical | conditional |
| POST | /paymentProcessor/token | physical | conditional |
| PUT | /verification | physical | conditional |
| POST | /verification | physical | conditional |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/envestnet-account-aggregation-openapi-original.yml, openapi/envestnet-account-token-openapi-original.yml,
openapi/envestnet-credit-accelerator-openapi-original.yml, openapi/envestnet-insights-openapi-original.yml,
openapi/envestnet-personalized-views-openapi-original.yml, openapi/envestnet-verification-openapi-original.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 150
by_action_class:
connected: 74
acting: 76
by_consequence:
read: 74
write: 70
physical: 4
safety-critical: 2
human_in_the_loop_required: 2
operations:
- path: /consents/preferences
method: get
operationId: getConsentPreferences
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /transactions
method: get
operationId: getTransactions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /auth/apiKey/{key}
method: delete
operationId: deleteApiKey
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /providerAccounts
method: get
operationId: getAllProviderAccounts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /providerAccounts
method: put
operationId: editCredentialsOrRefreshProviderAccount
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/count
method: get
operationId: getTransactionsCount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /derived/transactionSummary
method: get
operationId: getTransactionSummary
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /consents/{consentId}/renewal
method: put
operationId: renewConsent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /dataExtracts/userData
method: get
operationId: getDataExtractsUserData
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /providers
method: get
operationId: getAllProviders
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /providerAccounts/refresh
method: put
operationId: refreshProviderAccount
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /providers/{providerId}
method: get
operationId: getProvider
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /transactions/categories/txnRules
method: get
operationId: getTransactionCategorizationRules
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /transactions/categories/{categoryId}
method: delete
operationId: deleteTransactionCategory
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /documents
method: get
operationId: getDocuments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /accounts/evaluateAddress
method: post
operationId: evaluateAddress
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /accounts/{accountId}
method: get
operationId: getAccount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /accounts/{accountId}
method: put
operationId: updateAccount
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /accounts/{accountId}
method: delete
operationId: deleteAccount
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /configs/notifications/events
method: get
operationId: getSubscribedNotificationEvents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /consents/history/count
method: get
operationId: getConsentHistoryCount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /providers/count
method: get
operationId: getProvidersCount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /accounts/historicalBalances
method: get
operationId: getHistoricalBalances
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /consents/history
method: get
operationId: getConsentHistory
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /derived/networth
method: get
operationId: getNetworth
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /user/samlLogin
method: post
operationId: samlLogin
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /user/register
method: post
operationId: registerUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /holdings/securities
method: get
operationId: getSecurities
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /configs/notifications/events/{eventName}
method: put
operationId: updateSubscribedNotificationEvent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /configs/notifications/events/{eventName}
method: post
operationId: createSubscriptionNotificationEvent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /configs/notifications/events/{eventName}
method: delete
operationId: deleteSubscribedNotificationEvent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /holdings
method: get
operationId: getHoldings
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /holdings
method: post
operationId: addHolding
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /auth/apiKey
method: get
operationId: getApiKeys
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /auth/apiKey
method: post
operationId: generateApiKey
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/categories/rules/{ruleId}
method: put
operationId: updateTransactionCategorizationRule
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/categories/rules/{ruleId}
method: post
operationId: runTransactionCategorizationRule
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/categories/rules/{ruleId}
method: delete
operationId: deleteTransactionCategorizationRule
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /documents/{documentId}
method: get
operationId: downloadDocument
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /documents/{documentId}
method: delete
operationId: deleteDocument
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /user/accessTokens
method: get
operationId: getAccessTokens
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /consents/{consentId}
method: get
operationId: getConsentDetails
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /consents/{consentId}
method: put
operationId: updateConsent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /providerAccounts/{providerAccountId}/preferences
method: put
operationId: updatePreferences
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /auth/token
method: post
operationId: generateAccessToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /auth/token
method: delete
operationId: deleteToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /user
method: get
operationId: getUser
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /user
method: put
operationId: updateUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /providerAccounts/{providerAccountId}
method: get
operationId: getProviderAccount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /providerAccounts/{providerAccountId}
method: delete
operationId: deleteProviderAccount
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/categories
method: get
operationId: getTransactionCategories
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /transactions/categories
method: put
operationId: updateTransactionCategory
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/categories
method: post
operationId: createTransactionCategory
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/categories/rules
method: get
operationId: getTransactionCategorizationRulesDeprecated
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /transactions/categories/rules
method: post
operationId: createOrRunTransactionCategorizationRules
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /consents
method: get
operationId: getConsents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /consents
method: post
operationId: createConsent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /statements
method: get
operationId: getStatements
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /accounts
method: get
operationId: getAllAccounts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /accounts
method: post
operationId: createManualAccount
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /holdings/holdingTypeList
method: get
operationId: getHoldingTypeList
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /user/logout
method: post
operationId: userLogout
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /transactions/{transactionId}
method: put
operationId: updateTransaction
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /user/unregister
method: delete
operationId: unregister
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /holdings/assetClassificationList
method: get
operationId: getAssetClassificationList
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /dataExtracts/events
method: get
operationId: getDataExtractsEvents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /derived/holdingSummary
method: get
operationId: getHoldingSummary
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /paymentProcessor/token
method: post
operationId: generatePaymentProcessorToken
x-agentic-access:
action-class: acting
consequence: physical
subject: required
audience: null
token:
max-ttl: 300
exchange: true
purpose-required: true
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /paymentProcessor/token
method: delete
operationId: revokePaymentProcessorToken
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /auth/token
method: post
operationId: generateAccessToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /auth/token
method: delete
operationId: deleteToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /partner/paymentProcessor/account/holder
method: get
operationId: getVerifiedAccountHolder
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /partner/paymentProcessor/account
method: get
operationId: getVerifiedAccount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /partner/paymentProcessor/account/balance
method: get
operationId: getVerifiedAccountBalance
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /creditAccelerator/report/refresh
method: put
operationId: refreshFile
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /configs/notifications/events/{eventName}
method: put
operationId: updateSubscribedNotificationEvent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /configs/notifications/events/{eventName}
method: post
operationId: createSubscriptionNotificationEvent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /configs/notifications/events/{eventName}
method: delete
operationId: deleteSubscribedNotificationEvent
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /creditAccelerator/report/status
method: get
operationId: getFileStatus
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /configs/notifications/events
method: get
operationId: getSubscribedNotificationEvents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /auth/token
method: post
operationId: generateAccessToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /auth/token
method: delete
operationId: deleteToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /creditAccelerator/report/statements
method: get
operationId: getFileStatements
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /creditAccelerator/report
method: get
operationId: getFile
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /creditAccelerator/report/generate
method: post
operationId: generateFile
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /insights/configs/customerSubscriptions
method: get
operationId: getCutomerSubscription
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /insights/configs/customerSubscriptions
method: patch
operationId: updateCustomerSubscription
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /insights/configs/userSubscriptions
method: get
operationId: getUserSubscriptions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /insights/configs/userSubscriptions
method: patch
operationId: updateUserSubscription
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /insights/configs/userSubscriptions
method: delete
operationId: deleteUserSubscriptions
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /insights/feed
method: get
operationId: getUserFeed
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /insights/feedExtracts
method: get
operationId: getUserFeedWebHook
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /insights/feed/count
method: get
operationId: getUserFeedCount
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /insights/trigger
method: post
operationId: createTrigger
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /insights/entityDetail
method: get
operationId: getInsightDetailsBasedOnEntityId
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /insights/insightDetail/{insightName}
method: get
operationId: getEntityDetailsBasedOnInsightName
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views
method: post
operationId: createUserView
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views
method: get
operationId: getUserViews
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/system
method: post
operationId: createSystemView
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views/{viewId}
method: get
operationId: getUserView
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/{viewId}
method: put
operationId: updateUserView
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views/{viewId}
method: delete
operationId: deleteUserView
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views/{viewId}/rules
method: delete
operationId: deleteUserViewRule
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views/{viewId}/budgets
method: patch
operationId: patchUserViewbudget
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views/{viewId}/budgets
method: delete
operationId: deleteUserViewbudget
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /views/{viewId}/transactions
method: get
operationId: getUserViewTransactions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/{viewId}/peerData
method: get
operationId: getUserViewPeerData
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/{viewId}/transactionSummary
method: get
operationId: getUserViewTransactionSummary
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/{viewId}/transactionTrends
method: get
operationId: getUserViewTransactionTrends
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/recommendations
method: get
operationId: getUserViewRecommendations
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /views/{viewId}/budgetSummary
method: get
operationId: getUserBudgetSummary
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /transactions
method: get
operationId: getTransactions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /verification/verifiedAccounts
method: get
operationId: getVerifiedAccounts
x-agentic-access:
action-class: c
# --- truncated at 32 KB (42 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/envestnet/refs/heads/main/agentic-access/envestnet-agentic-access.yml