Gravitee Agentic Access
Gravitee exposes 381 API operations that an AI agent could call, of which 193 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 188 read, 176 write, 6 physical, and 11 safety-critical.
11 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| POST | /environments/{envId}/apis/{apiId}/_stop | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/roles/{role} | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/cert-credentials/{credential} | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/consents | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/consents/{consent} | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/credentials/{credential} | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/factors/{factor} | safety-critical | required |
| POST | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/resetPassword | safety-critical | required |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/roles/{role} | safety-critical | required |
| POST | /organizations/{organizationId}/users/{user}/resetPassword | safety-critical | required |
| DELETE | /organizations/{organizationId}/users/{user}/tokens/{tokenId} | safety-critical | required |
| POST | /environments/{envId}/apis/{apiId}/_deploy | physical | conditional |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/{member} | physical | conditional |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members/{member} | physical | conditional |
| DELETE | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/protected-resources/{protected-resource}/members/{member} | physical | conditional |
| POST | /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/sendRegistrationConfirmation | physical | conditional |
| DELETE | /organizations/{organizationId}/members/{member} | physical | conditional |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/gravitee-am-openapi.yml, openapi/gravitee-apim-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 381
by_action_class:
connected: 188
acting: 193
by_consequence:
read: 188
write: 176
physical: 6
safety-critical: 11
human_in_the_loop_required: 11
operations:
- path: /organizations/{organizationId}/audits
method: get
operationId: listOrganizationAudits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/audits/{audit}
method: get
operationId: getOrganizationAudit
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/entrypoints
method: get
operationId: listEntrypoints
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/entrypoints
method: post
operationId: createEntrypoint
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/entrypoints/{entrypointId}
method: get
operationId: getEntrypoint
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/entrypoints/{entrypointId}
method: put
operationId: updateEntrypoint
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/entrypoints/{entrypointId}
method: delete
operationId: deleteEntrypoint
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments
method: get
operationId: listEnvironments
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/data-planes
method: get
operationId: listDataPlanes
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/data-sources
method: get
operationId: listAllDataSources
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains
method: get
operationId: listDomains
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains
method: post
operationId: createDomain
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/_hrid/{hrid}
method: get
operationId: findDomainByHrid
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}
method: get
operationId: findDomain
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}
method: put
operationId: updateDomain
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}
method: delete
operationId: deleteDomain
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}
method: patch
operationId: patchDomain
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers
method: get
operationId: listAlertNotifiers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers
method: post
operationId: createAlertNotifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers/{notifierId}
method: get
operationId: getAlertNotifier
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers/{notifierId}
method: delete
operationId: deleteAlertNotifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers/{notifierId}
method: patch
operationId: patchAlertNotifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/triggers
method: get
operationId: listAlertTriggers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/triggers
method: patch
operationId: updateAlertTriggers
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/analytics
method: get
operationId: findDomainAnalytics
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications
method: get
operationId: listApplications
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications
method: post
operationId: createApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}
method: get
operationId: findApplication
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}
method: put
operationId: updateApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}
method: delete
operationId: deleteApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}
method: patch
operationId: patchApplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/analytics
method: get
operationId: getApplicationAnalytics
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails
method: get
operationId: findApplicationEmail
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails
method: post
operationId: createApplicationEmail
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails/{email}
method: put
operationId: updateApplicationEmail
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails/{email}
method: delete
operationId: deleteApplicationEmail
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows
method: get
operationId: listAppFlows
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows
method: put
operationId: defineAppFlows
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows/{flow}
method: get
operationId: getAppFlow
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows/{flow}
method: put
operationId: updateAppFlow
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms
method: get
operationId: findApplicationForm
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms
method: post
operationId: createApplicationForm
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms/{form}
method: put
operationId: updateApplicationForm
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms/{form}
method: delete
operationId: deleteApplicationForm
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members
method: get
operationId: getMembers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members
method: post
operationId: addOrUpdateMember
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/permissions
method: get
operationId: getApplicationMemberPermissions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/{member}
method: delete
operationId: removeApplicationMember
x-agentic-access:
action-class: acting
consequence: physical
subject: required
audience: null
token:
max-ttl: 300
exchange: true
purpose-required: true
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources
method: get
operationId: listApplicationResources
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}
method: get
operationId: getApplicationResource
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}/policies
method: get
operationId: listApplicationPolicies
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}/policies/{policy}
method: get
operationId: getApplicationResourcePolicy
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/secrets
method: get
operationId: listSecrets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/secrets
method: post
operationId: createSecret
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/secrets/{secret}
method: delete
operationId: deleteClientSecret
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/secrets/{secret}/_renew
method: post
operationId: renewClientSecret
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/type
method: put
operationId: updateApplicationType
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/audits
method: get
operationId: listDomainAudits
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/audits/{audit}
method: get
operationId: getDomainAudit
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers
method: get
operationId: listAuthenticationDeviceNotifiers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers
method: post
operationId: createAuthenticationDeviceNotifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers/{authDeviceNotifier}
method: get
operationId: getAuthenticationDeviceNotifier
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers/{authDeviceNotifier}
method: put
operationId: updateAuthenticationDeviceNotifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers/{authDeviceNotifier}
method: delete
operationId: deleteAuthenticationDeviceNotifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/authorization-engines
method: get
operationId: listAuthorizationEngines
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/authorization-engines
method: post
operationId: createAuthorizationEngine
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/authorization-engines/{engineId}
method: get
operationId: findAuthorizationEngine
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/authorization-engines/{engineId}
method: put
operationId: updateAuthorizationEngine
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/authorization-engines/{engineId}
method: delete
operationId: deleteAuthorizationEngine
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections
method: get
operationId: listBotDetections
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections
method: post
operationId: createBotDetection
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections/{botDetection}
method: get
operationId: getBotDetection
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections/{botDetection}
method: put
operationId: updateBotDetection
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections/{botDetection}
method: delete
operationId: deleteBotDetection
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificate-settings
method: put
operationId: updateDomainCertificateSettings
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates
method: get
operationId: listCertificates
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates
method: post
operationId: createCertificate
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/rotate
method: post
operationId: rotateCertificate
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}
method: get
operationId: findCertificate
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}
method: put
operationId: updateCertificate
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}
method: delete
operationId: deleteCertificate
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}/key
method: get
operationId: getCertificatePublicKey
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}/keys
method: get
operationId: getCertificatePublicKeys
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/cimd/applications
method: post
operationId: createApplicationFromCimd
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/cimd/validate
method: post
operationId: validateCimdUrl
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers
method: get
operationId: listDeviceIdentifiers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers
method: post
operationId: createDeviceIdentifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers/{deviceIdentifier}
method: get
operationId: getDeviceIdentifier
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers/{deviceIdentifier}
method: put
operationId: updateDeviceIdentifier
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation
# --- truncated at 32 KB (125 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/gravitee/refs/heads/main/agentic-access/gravitee-agentic-access.yml