Humanitec · Agentic Access

Humanitec Agentic Access

x-agentic-access generated

Humanitec exposes 221 API operations that an AI agent could call, of which 119 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.

By consequence: 102 read, 112 write, 6 physical, and 1 safety-critical.

1 operation are classed safety-critical and should require human-in-the-loop approval at runtime.

Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.

DeploymentsDevOpsInternal Developer PlatformPlatform EngineeringPlatform Orchestrator
Operations: 221 Acting: 119 Human-in-the-loop: 1 Method: generated

By consequence

read 102 write 112 physical 6 safety-critical 1

Highest-consequence actions

The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.

MethodPathConsequenceHuman-in-loop
POST /orgs/{orgId}/artefact-versions/convert-score safety-critical required
POST /orgs/{orgId}/apps/{appId}/envs/{envId}/deploys physical conditional
PUT /orgs/{orgId}/apps/{appId}/envs/{envId}/from_deploy_id physical conditional
POST /orgs/{orgId}/apps/{appId}/envs/{envId}/resources/graph physical conditional
POST /orgs/{orgId}/apps/{appId}/envs/{envId}/resources/graphs physical conditional
POST /orgs/{orgId}/apps/{appId}/sets/{setId} physical conditional
POST /orgs/{orgId}/runtime/actions/check-connectivity physical conditional

Source

Agentic Access

Raw ↑
generated: '2026-07-15'
method: generated
source: openapi/humanitec-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
  the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
  audience per deployment. See research/curity/agentic-governance/.
summary:
  operations: 221
  by_action_class:
    acting: 119
    connected: 102
  by_consequence:
    write: 112
    read: 102
    physical: 6
    safety-critical: 1
  human_in_the_loop_required: 1
operations:
- path: /orgs/{orgId}/agents
  method: post
  operationId: createAgent
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/agents
  method: get
  operationId: listAgents
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/agents/{agentId}
  method: delete
  operationId: deleteAgent
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/agents/{agentId}
  method: patch
  operationId: patchAgent
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/agents/{agentId}/keys
  method: get
  operationId: listKeysInAgent
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/agents/{agentId}/keys
  method: post
  operationId: createKey
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/agents/{agentId}/keys/{fingerprint}
  method: delete
  operationId: deleteKeyInAgent
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps
  method: get
  operationId: listApplications
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps
  method: post
  operationId: createApplication
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}
  method: get
  operationId: getApplication
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}
  method: patch
  operationId: patchApplication
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}
  method: delete
  operationId: deleteApplication
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs
  method: get
  operationId: listEnvironments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs
  method: post
  operationId: createEnvironment
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}
  method: get
  operationId: getEnvironment
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}
  method: patch
  operationId: updateEnvironment
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}
  method: delete
  operationId: deleteEnvironment
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/deploys
  method: get
  operationId: listDeployments
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/deploys
  method: post
  operationId: createDeployment
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/deploys/{deployId}
  method: get
  operationId: getDeployment
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/deploys/{deployId}/errors
  method: get
  operationId: listDeploymentErrors
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/from_deploy_id
  method: put
  operationId: rebaseEnvironment
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/env-types
  method: get
  operationId: listEnvironmentTypes
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/env-types
  method: post
  operationId: createEnvironmentType
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/env-types/{envTypeId}
  method: get
  operationId: getEnvironmentType
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/env-types/{envTypeId}
  method: delete
  operationId: deleteEnvironmentType
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/env-types/{envTypeId}
  method: patch
  operationId: updateEnvironmentType
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/artefact-versions
  method: get
  operationId: listArtefactVersionsInOrg
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/artefact-versions
  method: post
  operationId: createArtefactVersion
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/artefact-versions/{artefactVersionId}
  method: get
  operationId: getArtefactVersion
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/artefact-versions/{artefactVersionId}/workload-spec
  method: get
  operationId: getWorkloadArtefactVersionSpec
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/artefact-versions/{artefactVersionId}/workload-deployment-set
  method: get
  operationId: getWorkloadArtefactVersionDeploymentSet
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/artefacts
  method: get
  operationId: listArtefacts
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/artefacts/{artefactId}
  method: delete
  operationId: deleteArtefact
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/artefacts/{artefactId}/versions
  method: get
  operationId: listArtefactVersions
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/artefacts/{artefactId}/versions/{versionId}
  method: patch
  operationId: patchArtefactVersion
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/images
  method: get
  operationId: listDeprecatedImages
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/images/{imageId}
  method: get
  operationId: getDeprecatedImage
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/images/{imageId}/builds
  method: get
  operationId: listDeprecatedImageBuilds
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/images/{imageId}/builds
  method: post
  operationId: createDeprecatedImageBuild
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/artefact-versions/convert-score
  method: post
  operationId: convertScoreToSet
  x-agentic-access:
    action-class: acting
    consequence: safety-critical
    subject: required
    audience: null
    token:
      max-ttl: 120
      exchange: true
      purpose-required: true
      proof-of-possession: true
    escalation:
      human-in-the-loop: required
    audit: required
- path: /orgs/{orgId}/audit-logs
  method: get
  operationId: listAuditLogEntries
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/rules
  method: get
  operationId: listAutomationRules
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/rules
  method: post
  operationId: createAutomationRule
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/rules/{ruleId}
  method: get
  operationId: getAutomationRule
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/rules/{ruleId}
  method: put
  operationId: updateAutomationRule
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/rules/{ruleId}
  method: delete
  operationId: deleteAutomationRule
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/deltas
  method: get
  operationId: listDeltas
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/deltas
  method: post
  operationId: createDelta
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/deltas/{deltaId}
  method: get
  operationId: getDelta
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/deltas/{deltaId}
  method: patch
  operationId: patchDelta
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/deltas/{deltaId}
  method: put
  operationId: putDelta
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/deltas/{deltaId}/metadata/archived
  method: put
  operationId: archiveDelta
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/deltas/{deltaId}/metadata/env_id
  method: put
  operationId: changeEnvOfDelta
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/deltas/{deltaId}/metadata/name
  method: put
  operationId: changeNameOfDelta
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/sets
  method: get
  operationId: listSets
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/sets/{setId}
  method: get
  operationId: getSet
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/sets/{setId}
  method: post
  operationId: updateSet
  x-agentic-access:
    action-class: acting
    consequence: physical
    subject: required
    audience: null
    token:
      max-ttl: 300
      exchange: true
      purpose-required: true
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/sets/{setId}/resources
  method: get
  operationId: getSetResourceInputs
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/sets/{setId}/diff/{sourceSetId}
  method: get
  operationId: getDiff
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/jobs
  method: delete
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/webhooks
  method: get
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/webhooks
  method: post
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/webhooks/{jobId}
  method: get
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/webhooks/{jobId}
  method: delete
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/webhooks/{jobId}
  method: patch
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/events
  method: get
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/keys
  method: post
  operationId: createPublicKey
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/keys
  method: get
  operationId: listPublicKeys
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/keys/{keyId}
  method: delete
  operationId: deletePublicKey
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/keys/{keyId}
  method: get
  operationId: getPublicKey
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/humanitec-keys
  method: get
  operationId: listHumanitecPublicKeys
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/envs/{envId}/logs
  method: get
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs
  method: get
  operationId: listOrganizations
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}
  method: get
  operationId: getOrganization
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/pipelines
  method: get
  operationId: listPipelinesInOrg
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines
  method: get
  operationId: listPipelines
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines
  method: post
  operationId: createPipeline
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}
  method: get
  operationId: getPipeline
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}
  method: patch
  operationId: updatePipeline
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}
  method: delete
  operationId: deletePipeline
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/versions
  method: get
  operationId: listPipelineVersions
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/schema
  method: get
  operationId: getPipelineDefinition
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipeline-criteria
  method: get
  operationId: listPipelineCriteriaInApp
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/criteria
  method: post
  operationId: createPipelineCriteria
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/criteria/{criteriaId}
  method: get
  operationId: getPipelineCriteria
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/criteria/{criteriaId}
  method: delete
  operationId: deletePipelineCriteria
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/pipeline-schemas/latest
  method: get
  operationId: getLatestPipelineDefinitionSchema
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/pipeline-runs
  method: get
  operationId: listPipelineRunsByOrg
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipeline-runs
  method: post
  operationId: createPipelineRunByTriggerCriteria
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs
  method: get
  operationId: listPipelineRuns
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs
  method: post
  operationId: createPipelineRun
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}
  method: get
  operationId: getPipelineRun
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}
  method: delete
  operationId: deletePipelineRun
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/cancel
  method: post
  operationId: cancelPipelineRun
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/restart
  method: post
  operationId: restartPipelineRun
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/jobs
  method: get
  operationId: listPipelineJobs
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/jobs/{jobId}
  method: get
  operationId: getPipelineJob
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/jobs/{jobId}/steps/{stepIndex}/logs
  method: get
  operationId: listPipelineStepLogs
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/approvals
  method: get
  operationId: listPipelineApprovalRequests
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/jobs/{jobId}/approvals/{approvalId}
  method: get
  operationId: getPipelineApprovalRequest
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/jobs/{jobId}/approvals/{approvalId}/approve
  method: post
  operationId: approvePipelineApprovalRequest
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/runs/{runId}/jobs/{jobId}/approvals/{approvalId}/deny
  method: post
  operationId: denyPipelineApprovalRequest
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/apps/{appId}/pipelines/{pipelineId}/batches/{batchType}
  method: get
  operationId: GetBatch
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/registries
  method: get
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/registries
  method: post
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/registries/{regId}
  method: get
  x-agentic-access:
    action-class: connected
    consequence: read
    subject: optional
    token:
      max-ttl: 3600
    audit: none
- path: /orgs/{orgId}/registries/{regId}
  method: delete
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      human-in-the-loop: conditional
      triggers:
      - abnormal
      - high-value
    audit: required
- path: /orgs/{orgId}/registries/{regId}
  method: patch
  x-agentic-access:
    action-class: acting
    consequence: write
    subject: required
    audience: null
    token:
      max-ttl: 900
    escalation:
      

# --- truncated at 32 KB (65 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/humanitec/refs/heads/main/agentic-access/humanitec-agentic-access.yml