Flipdish Agentic Access
Flipdish exposes 591 API operations that an AI agent could call, of which 323 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 268 read, 286 write, 27 physical, and 10 safety-critical.
10 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| POST | /api/v1.0/accounts/password | safety-critical | required |
| POST | /api/v1.0/accounts/password/resetpin | safety-critical | required |
| POST | /api/v1.0/accounts/passwordreset | safety-critical | required |
| POST | /api/v1.0/lightspeed/{storeId}/settings | safety-critical | required |
| POST | /api/v1.0/orders/{id}/dispatch | safety-critical | required |
| POST | /api/v1.0/stores/{storeId}/businesshoursoverrides | safety-critical | required |
| DELETE | /api/v1.0/stores/{storeId}/businesshoursoverrides/{businessHoursOverrideId} | safety-critical | required |
| POST | /api/v1.0/users/{userId}/ResetMfa | safety-critical | required |
| DELETE | /api/v1.0/{appId}/authorizationtokens/{key} | safety-critical | required |
| POST | /api/v1.0/{appId}/features/disable | safety-critical | required |
| POST | /api/v1.0/apps/{appId}/SendPushNotification/{customerId} | physical | conditional |
| POST | /api/v1.0/auditlogs/orders/{orderId} | physical | conditional |
| POST | /api/v1.0/menus/{menuId}/sectiondisplayorders | physical | conditional |
| POST | /api/v1.0/menus/{menuId}/sections/{menuSectionId}/sectionitemdisplayorders | physical | conditional |
| POST | /api/v1.0/menus/{menuId}/sections/{menuSectionId}/sectionitems/{menuSectionItemId}/setorder/{destinationDisplayOrder} | physical | conditional |
| POST | /api/v1.0/orders/{id}/accept | physical | conditional |
| POST | /api/v1.0/orders/{id}/refund | physical | conditional |
| POST | /api/v1.0/orders/{id}/reject | physical | conditional |
| POST | /api/v1.0/orders/{orderId}/deliveryinfo | physical | conditional |
| POST | /api/v1.0/orders/{orderId}/fulfillment/state | physical | conditional |
| POST | /api/v1.0/orders/{orderId}/tracking/{deliveryTrackingStatus} | physical | conditional |
| POST | /api/v1.0/stores/{storeId}/order-batching-configuration | physical | conditional |
| POST | /api/v1.0/stores/{storeId}/preorderconfig/{deliveryType} | physical | conditional |
| POST | /api/v1.0/stores/{storeId}/preorderconfig/{deliveryType}/enabled | physical | conditional |
| POST | /api/v1.0/stores/{storeId}/servicecharge | physical | conditional |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/flipdish-apps-openapi.json, openapi/flipdish-catalog-openapi.json, openapi/flipdish-customers-openapi.json,
openapi/flipdish-devices-openapi.json, openapi/flipdish-marketing-openapi.json, openapi/flipdish-menus-openapi.json,
openapi/flipdish-orders-openapi.json, openapi/flipdish-payments-openapi.json, openapi/flipdish-platform-openapi.json,
openapi/flipdish-stores-openapi.json
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 591
by_action_class:
connected: 268
acting: 323
by_consequence:
read: 268
write: 286
physical: 27
safety-critical: 10
human_in_the_loop_required: 10
operations:
- path: /api/v1.0/apps/{appId}
method: get
operationId: GetApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/{appId}/name
method: get
operationId: GetAppName
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/supportedcountries
method: get
operationId: GetSupportedCountries
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/{appId}/compliance
method: get
operationId: GetCompliance
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/{appId}/compliance
method: post
operationId: SetCompliance
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/panacea/url
method: get
operationId: GetPanaceaVanityUrl
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/{appId}/panacea/url
method: post
operationId: SetPanaceaVanityUrl
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{whitelabelId}/lookup
method: get
operationId: LookupByWhitelabelId
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/{appId}/hostnamestatus
method: get
operationId: GetAppHostnameStatus
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps
method: get
operationId: GetApps
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps
method: post
operationId: CreateApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/panacea/url/available
method: get
operationId: IsPanaceaVanityUrlAvailable
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/apps/{appId}/logo
method: post
operationId: UploadAppLogo
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/config
method: post
operationId: SetAppConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/appstorename
method: post
operationId: SetAppStoreName
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/orgId/{orgId}
method: post
operationId: Apps_SetPropertyId
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/config/languages
method: post
operationId: SetAppLanguages
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/SendPushNotification/{customerId}
method: post
operationId: SendPushNotification
x-agentic-access:
action-class: acting
consequence: physical
subject: required
scope:
- api
audience: null
token:
max-ttl: 300
exchange: true
purpose-required: true
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/third-party-integrations
method: post
operationId: SetThirdPartyIntegrations
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/hostname
method: post
operationId: SetAppHostname
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/apps/{appId}/nextgenweb
method: post
operationId: ToggleNextGenWeb
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/appstore/apps/{appStoreAppId}
method: get
operationId: GetAppStoreApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/appstore/apps
method: get
operationId: GetAppStoreApps
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/appstore/apps
method: get
operationId: GetConfiguredApps
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}
method: get
operationId: GetConfiguredAppSingleApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/appstore/oauthresponse/{appStoreAppId}/responsecode
method: get
operationId: AppStoreConfigurations_AppStoreHandleOauthResponseCode
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/config/{configId}
method: get
operationId: GetAppStoreConfig
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/config/{configId}
method: put
operationId: UpdateAppStoreConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/config/{configId}
method: delete
operationId: DeleteAppStoreConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/config
method: post
operationId: CreateAppStoreConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/config/{configId}/action
method: post
operationId: ExecuteConfigurationAction
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/config/{configId}/updatesettings
method: post
operationId: UpdateAppStoreConfigSettingValues
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}/external_product
method: get
operationId: GetAppExternalProduct
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}/external_product
method: put
operationId: UpdateExternalProduct
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}/external_function_signing_key
method: get
operationId: GetExternalFunctionSigningKey
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}
method: put
operationId: UpdateAppStoreApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}
method: delete
operationId: DeleteAppStoreApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}/verification
method: put
operationId: AppVerificationUpdate
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps
method: post
operationId: CreateAppStoreApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/oauthclients/{oauthAppId}/appstore/apps/{appStoreAppId}/logo
method: post
operationId: UploadAppStoreAppLogo
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/appstore/apps/{appStoreAppId}/entitlements
method: get
operationId: GetAppStoreAppEntitlements
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels
method: get
operationId: GetChannels
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels/{id}
method: get
operationId: GetChannel
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels/assigned-channels
method: get
operationId: GetAssignedChannels
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels/available-channels
method: get
operationId: GetAvailableChannels
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels/{channelId}/stores
method: get
operationId: GetStoresBySalesChannel
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels/{channelId}/stores
method: delete
operationId: DetachAllStoresFromSalesChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/channels/{channelId}/assigned-stores
method: get
operationId: GetStoresAssignedToChannel
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/channels/{channelId}/assign-appId
method: post
operationId: AssignAppIdToSalesChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/channels/{channelId}/stores/{storeId}
method: post
operationId: AttachStoreToSalesChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/channels/{channelId}/stores/{storeId}
method: delete
operationId: DetachStoreFromSalesChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/channels/assign-store
method: post
operationId: AssignStoreToChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/channels/unassign-store
method: delete
operationId: UnassignStoreFromChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/FirebaseApp/{whitelabelId}
method: get
operationId: FirebaseApps_GetFirebaseApp
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/FirebaseApp
method: post
operationId: FirebaseApps_AddFirebaseApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/FirebaseApp/{whiteLabelId}
method: delete
operationId: FirebaseApps_DeleteFirebaseApp
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/submission/details
method: get
operationId: GetSubmissionDetails
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/mobileapps/{appId}/saleschannel/details
method: get
operationId: GetAppConfigSalesChannel
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/mobileapps/{appId}/submission/{submissionId}/status
method: get
operationId: GetSubmissionStatus
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/mobileapps/{appId}/submission/{submissionId}/status
method: post
operationId: UpdateSubmissionStatus
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/statistics
method: get
operationId: GetStatistics
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/mobileapps/{appId}/submission
method: post
operationId: Submission
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/resubmission
method: post
operationId: Resubmission
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/saleschannel
method: post
operationId: UpdateAppConfigSalesChannel
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/submission/image
method: post
operationId: UploadImage
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/submission/{submissionId}/publish
method: post
operationId: Publish
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/mobileapps/{appId}/submission/{submissionId}/unpublish
method: post
operationId: Unpublish
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/website/index
method: get
operationId: GetIndexConfiguration
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/website/index
method: post
operationId: SetIndexConfiguration
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/website/dnscheck
method: get
operationId: Website_CheckNow
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/website/testimonial
method: post
operationId: AddTestimonial
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/website/image/{imageLocation}
method: post
operationId: UploadWebsiteImage
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/website/testimonial/{testimonialId}
method: post
operationId: EditTestimonial
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/website/testimonial/{testimonialId}
method: delete
operationId: DeleteTestimonial
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/website/image/{imageId}
method: delete
operationId: DeleteWebsiteImage
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelbuilds/health
method: get
operationId: HealthCheck
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelbuilds/{appId}/android
method: post
operationId: SubmitAndroidBuild
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelbuilds/ios/multiple
method: post
operationId: SubmitIosApps
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelbuilds/{appId}/ios
method: post
operationId: SubmitIosBuild
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelbuilds/android/multiple
method: post
operationId: SubmitAndroidApps
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelconfig/health
method: get
operationId: HealthCheck
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelconfig/id/{wlid}
method: get
operationId: GetWhiteLabelConfig
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelconfig/name/{appId}
method: get
operationId: GetWhiteLabelConfigByAppNameId
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelconfig/{appId}/general
method: get
operationId: GetAppGeneralConfig
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelconfig/{appId}/general
method: post
operationId: UpdateAppGeneralConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelconfig/{appId}/appstore
method: get
operationId: GetAppStoreConfig
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelconfig/{appId}/appstore
method: post
operationId: UpdateAppStoreConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelconfig/{appId}/playstore
method: get
operationId: GetPlayStoreConfig
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/whitelabelconfig/{appId}/playstore
method: post
operationId: UpdatePlayStoreConfig
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/whitelabelconfig/{appId}/app-store-icon
method: post
operationId: UploadAppStoreIcon
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/menus/catalog-changes/summaries
method: get
operationId: GetPendingMenuChangesSummaries
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/menus/catalog-changes
method: get
operationId: GetPendingMenuChanges
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/menus/catalog-changes/publish
method: post
operationId: PublishPendingMenuChanges
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1.0/{appId}/catalog/groups/{catalogItemId}
method: get
operationId: GetGroupById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
scope:
- api
token:
max-ttl: 3600
audit: none
- path: /api/v1.0/{appId}/catalog/groups/{catalogItemId}
method: post
operationId: UpdateGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
scope:
- api
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
a
# --- truncated at 32 KB (197 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/flipdish/refs/heads/main/agentic-access/flipdish-agentic-access.yml