Frontegg Agentic Access
Frontegg exposes 877 API operations that an AI agent could call, of which 604 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 273 read, 26 write, and 578 safety-critical.
578 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| POST | / | safety-critical | required |
| POST | / | safety-critical | required |
| POST | /export/csv | safety-critical | required |
| POST | /export/csv | safety-critical | required |
| POST | /export/csv/v2 | safety-critical | required |
| POST | /export/csv/v2 | safety-critical | required |
| PUT | /resources/account-settings/v1 | safety-critical | required |
| PUT | /resources/account-settings/v1 | safety-critical | required |
| PUT | /resources/applications/user-tenants/active/v1 | safety-critical | required |
| PUT | /resources/applications/user-tenants/active/v1 | safety-critical | required |
| POST | /resources/applications/v1 | safety-critical | required |
| DELETE | /resources/applications/v1 | safety-critical | required |
| POST | /resources/applications/v1 | safety-critical | required |
| DELETE | /resources/applications/v1 | safety-critical | required |
| POST | /resources/approval-flows/v1 | safety-critical | required |
| POST | /resources/approval-flows/v1 | safety-critical | required |
| POST | /resources/approval-flows/v1/approver-action | safety-critical | required |
| POST | /resources/approval-flows/v1/approver-action | safety-critical | required |
| POST | /resources/approval-flows/v1/step-up/execute | safety-critical | required |
| POST | /resources/approval-flows/v1/step-up/execute | safety-critical | required |
| PATCH | /resources/approval-flows/v1/{id} | safety-critical | required |
| DELETE | /resources/approval-flows/v1/{id} | safety-critical | required |
| PATCH | /resources/approval-flows/v1/{id} | safety-critical | required |
| DELETE | /resources/approval-flows/v1/{id} | safety-critical | required |
| POST | /resources/approval-flows/v1/{id}/execute | safety-critical | required |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/frontegg-applications-openapi.yml, openapi/frontegg-audits-openapi.yml, openapi/frontegg-combined-openapi.yml,
openapi/frontegg-entitlements-agent-openapi.yml, openapi/frontegg-entitlements-openapi.yml,
openapi/frontegg-env-auth-openapi.yml, openapi/frontegg-identity-openapi.yml, openapi/frontegg-scim-openapi.yml,
openapi/frontegg-sso-openapi.yml, openapi/frontegg-tenants-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 877
by_action_class:
connected: 273
acting: 604
by_consequence:
read: 273
write: 26
safety-critical: 578
human_in_the_loop_required: 578
operations:
- path: /resources/applications/v1
method: get
operationId: getApplications
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/v1
method: post
operationId: createApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/v1/default
method: get
operationId: getDefaultApplication
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/v1/{id}
method: get
operationId: getApplicationById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/v1/{id}
method: patch
operationId: updateApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/v1/{id}
method: delete
operationId: deleteApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/tenant-assignments/v1
method: get
operationId: getApplicationsTenantsAssignments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/tenant-assignments/v1/{appId}
method: get
operationId: getApplicationTenantsAssignmentsByAppId
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/tenant-assignments/v1/{appId}
method: post
operationId: createApplicationTenantAssignment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/tenant-assignments/v1/{appId}/{tenantId}
method: put
operationId: editApplicationTenantAssignment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/tenant-assignments/v1/{appId}/{tenantId}
method: delete
operationId: deleteApplicationTenantAssignment
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/tenant-assignments/v2
method: get
operationId: getApplicationsTenantsAssignmentsV2
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/v1/credentials/{appId}
method: get
operationId: getApplicationClientCredentials
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/applications/v1/credentials/regenerate
method: post
operationId: regenerateApplicationClientCredentials
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /resources/applications/v1/credentials/shared/regenerate
method: post
operationId: regenerateApplicationSharedSecretCredentials
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /application-clients
method: post
operationId: createApplicationClient
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /application-clients/app/{appId}
method: get
operationId: getApplicationClientsByAppId
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /application-clients/{id}
method: get
operationId: getApplicationClientById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /application-clients/{id}
method: patch
operationId: updateApplicationClient
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /application-clients/{id}
method: delete
operationId: deleteApplicationClient
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /
method: get
operationId: AuditsController_getAudits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /
method: post
operationId: AuditsController_addAudits
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /stats
method: get
operationId: AuditsController_getAuditsStats
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /export/csv
method: post
operationId: AuditsController_exportCsv
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /export/csv/v2
method: post
operationId: AuditsController_exportCsvToStream
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/audits/v2
method: get
operationId: AuditsController_V2_getAudits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/audits/v2/export/csv
method: post
operationId: AuditsController_V2_exportCsvToStream
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/metrics/v1
method: get
operationId: MetricsController_getMetrics
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/data/e10s/features/is_entitled_to_input_feature
method: post
operationId: OpenApiPDPController_isEntitledToFeature
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/data/e10s/permissions/is_entitled_to_input_permission
method: post
operationId: OpenApiPDPController_isEntitledToPermission
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v1/data/e10s/routes/is_entitled_to_input_route
method: post
operationId: OpenApiPDPController_isEntitledToRoute
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /
method: get
operationId: AuditsController_getAudits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /
method: post
operationId: AuditsController_addAudits
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /stats
method: get
operationId: AuditsController_getAuditsStats
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /export/csv
method: post
operationId: AuditsController_exportCsv
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /export/csv/v2
method: post
operationId: AuditsController_exportCsvToStream
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/audits/v2
method: get
operationId: AuditsController_V2_getAudits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/audits/v2/export/csv
method: post
operationId: AuditsController_V2_exportCsvToStream
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/metrics/v1
method: get
operationId: MetricsController_getMetrics
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/plans/v1/tenant/{tenantId}
method: get
operationId: PlansControllerV1_getTenantPlans
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/plans/v1
method: get
operationId: PlansControllerV1_getPlans
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/plans/v1
method: post
operationId: PlansControllerV1_createPlan
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/plans/v1/{id}
method: get
operationId: PlansControllerV1_getSinglePlan
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/plans/v1/{id}
method: patch
operationId: PlansControllerV1_updatePlan
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/plans/v1/{id}
method: delete
operationId: PlansControllerV1_deletePlan
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/plans/v1/{id}/features
method: get
operationId: PlansControllerV1_getPlanFeatures
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/plans/v1/{id}/features/link
method: patch
operationId: PlansControllerV1_linkFeaturesToPlan
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/plans/v1/{id}/features/unlink
method: patch
operationId: PlansControllerV1_unlinkFeaturesFromPlan
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/routes/v1
method: get
operationId: RoutesControllerV1_getMany
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/routes/v1
method: post
operationId: RoutesControllerV1_create
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/routes/v1/{id}
method: get
operationId: RoutesControllerV1_getSingle
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/routes/v1/{id}
method: delete
operationId: RoutesControllerV1_delete
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/routes/v1/{id}
method: patch
operationId: RoutesControllerV1_update
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/routes/v1/import-open-api
method: post
operationId: RoutesControllerV1_importOpenApi
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/routes/v1/{id}/rules
method: put
operationId: RoutesControllerV1_replaceRules
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/routes/v1/configuration
method: get
operationId: RoutesConfigurationsControllerV1_getRoutesConfiguration
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/routes/v1/configuration
method: patch
operationId: RoutesConfigurationsControllerV1_updateRoutesConfiguration
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/features/v1
method: get
operationId: FeaturesControllerV1_getFeatures
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/features/v1
method: post
operationId: FeaturesControllerV1_createFeature
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/features/v1/{featureId}
method: patch
operationId: FeaturesControllerV1_updateFeature
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/features/v1/{featureId}
method: delete
operationId: FeaturesControllerV1_deleteFeature
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/features/v2
method: post
operationId: FeaturesControllerV2_create
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/features/v2/{featureId}
method: patch
operationId: FeaturesControllerV2_update
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entitlements/v2
method: get
operationId: EntitlementsControllerV2_getEntitlements
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/entitlements/v2
method: post
operationId: EntitlementsControllerV2_createEntitlement
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entitlements/v2/batch
method: post
operationId: EntitlementsControllerV2_createBatchEntitlements
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entitlements/v2/batch
method: patch
operationId: EntitlementsControllerV2_updateBatchEntitlements
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entitlements/v2/batch
method: delete
operationId: EntitlementsControllerV2_deleteBatchEntitlements
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entitlements/v2/{id}
method: get
operationId: EntitlementsControllerV2_getSingleEntitlement
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/entitlements/v2/{id}
method: patch
operationId: EntitlementsControllerV2_updateEntitlement
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entitlements/v2/{id}
method: delete
operationId: EntitlementsControllerV2_deleteEntitlement
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/feature-flags/v1
method: get
operationId: FeatureFlagsControllerV1_getFeatureFlags
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/feature-flags/v1
method: post
operationId: FeatureFlagsControllerV1_createFeatureFlag
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/feature-flags/v1/{id}
method: get
operationId: FeatureFlagsControllerV1_getSingleFeatureFlag
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/feature-flags/v1/{id}
method: patch
operationId: FeatureFlagsControllerV1_updateFeatureFlag
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/feature-flags/v1/{id}
method: delete
operationId: FeatureFlagsControllerV1_deleteFeatureFlag
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1
method: get
operationId: EntityTypesV1Controller_getEntityTypes
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/entity-types/v1
method: post
operationId: EntityTypesV1Controller_createEntityType
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}
method: get
operationId: EntityTypesV1Controller_getEntityType
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/entity-types/v1/{key}
method: patch
operationId: EntityTypesV1Controller_updateEntityType
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}
method: delete
operationId: EntityTypesV1Controller_deleteEntityType
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}/actions
method: post
operationId: EntityTypesActionsV1Controller_createEntityTypeActions
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}/actions/{actionKey}
method: patch
operationId: EntityTypesActionsV1Controller_updateEntityTypeAction
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}/actions/{actionKey}
method: delete
operationId: EntityTypesActionsV1Controller_deleteEntityTypeAction
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}/relations
method: post
operationId: EntityTypesRelationsV1Controller_createEntityTypeRelations
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}/relations/{relationKey}
method: patch
operationId: EntityTypesRelationsV1Controller_updateEntityTypeRelation
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/entity-types/v1/{key}/relations/{relationKey}
method: delete
operationId: EntityTypesRelationsV1Controller_deleteEntityTypeRelation
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/relations/v1/assignments
method: get
operationId: RelationsV1Controller_getRelationAssignments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /resources/relations/v1/assign
method: post
operationId: RelationsV1Controller_createRelationAssignments
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/relations/v1/unassign
method: post
operationId: RelationsV1Controller_deleteRelationAssignments
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/auth/v2/api-token
method: post
operationId: AuthenticationApiTokenControllerV2_authApiToken
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /resources/auth/v2/api-token/token/refresh
method: post
operationId: AuthenticationApiTokenControllerV2_refreshToken
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /r
# --- truncated at 32 KB (317 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/agentic-access/frontegg-agentic-access.yml