JFrog Agentic Access
JFrog exposes 260 API operations that an AI agent could call, of which 137 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 123 read, 131 write, 3 physical, and 3 safety-critical.
3 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| DELETE | /access/api/v2/tokens/{tokenId} | safety-critical | required |
| DELETE | /api/v2/tokens/{tokenId} | safety-critical | required |
| PUT | /v1/workers/{workerKey}/disable | safety-critical | required |
| POST | /v1/deployments | physical | conditional |
| DELETE | /v1/deployments/{deploymentId} | physical | conditional |
| PUT | /{repoKey}/{itemPath} | physical | conditional |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/jfrog-access-openapi.yml, openapi/jfrog-artifactory-openapi.yml, openapi/jfrog-catalog-openapi.yml,
openapi/jfrog-connect-openapi.yml, openapi/jfrog-curation-openapi.yml, openapi/jfrog-distribution-openapi.yml,
openapi/jfrog-evidence-openapi.yml, openapi/jfrog-mission-control-openapi.yml, openapi/jfrog-ml-openapi.yml,
openapi/jfrog-pipelines-openapi.yml, openapi/jfrog-platform-openapi.yml, openapi/jfrog-release-lifecycle-openapi.yml,
openapi/jfrog-workers-openapi.yml, openapi/jfrog-xray-openapi.yml
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 260
by_action_class:
connected: 123
acting: 137
by_consequence:
read: 123
write: 131
safety-critical: 3
physical: 3
human_in_the_loop_required: 3
operations:
- path: /api/v1/system/ping
method: get
operationId: systemPing
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v1/system/version
method: get
operationId: getSystemVersion
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/tokens
method: get
operationId: listTokens
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/tokens
method: post
operationId: createToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/tokens/{tokenId}
method: get
operationId: getToken
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/tokens/{tokenId}
method: delete
operationId: revokeToken
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /api/v2/users
method: get
operationId: listUsers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/users
method: post
operationId: createUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/users/{username}
method: get
operationId: getUser
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/users/{username}
method: patch
operationId: updateUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/users/{username}
method: delete
operationId: deleteUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups
method: get
operationId: listGroups
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/groups
method: post
operationId: createGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups/{groupName}
method: get
operationId: getGroup
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/groups/{groupName}
method: patch
operationId: updateGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/groups/{groupName}
method: delete
operationId: deleteGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/permissions
method: get
operationId: listPermissions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/permissions
method: post
operationId: createPermission
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/permissions/{permissionName}
method: get
operationId: getPermission
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v2/permissions/{permissionName}
method: put
operationId: updatePermission
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v2/permissions/{permissionName}
method: delete
operationId: deletePermission
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects
method: get
operationId: listProjects
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v1/projects
method: post
operationId: createProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects/{projectKey}
method: get
operationId: getProject
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/v1/projects/{projectKey}
method: put
operationId: updateProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects/{projectKey}
method: delete
operationId: deleteProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects/{projectKey}/users/{username}
method: put
operationId: addUserToProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects/{projectKey}/users/{username}
method: delete
operationId: removeUserFromProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects/{projectKey}/groups/{groupName}
method: put
operationId: addGroupToProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/v1/projects/{projectKey}/groups/{groupName}
method: delete
operationId: removeGroupFromProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/system/ping
method: get
operationId: systemPing
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/system/version
method: get
operationId: getSystemVersion
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/system/configuration
method: get
operationId: getSystemConfiguration
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/system/configuration
method: patch
operationId: updateSystemConfiguration
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/system/licenses
method: get
operationId: getSystemLicenses
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/storage/{repoKey}/{itemPath}
method: get
operationId: getStorageInfo
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/storage/{repoKey}
method: get
operationId: getRepositoryStorageInfo
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/storageinfo
method: get
operationId: getStorageSummaryInfo
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /{repoKey}/{itemPath}
method: get
operationId: retrieveArtifact
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /{repoKey}/{itemPath}
method: put
operationId: deployArtifact
x-agentic-access:
action-class: acting
consequence: physical
subject: required
audience: null
token:
max-ttl: 300
exchange: true
purpose-required: true
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /{repoKey}/{itemPath}
method: delete
operationId: deleteArtifact
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/copy/{srcRepoKey}/{srcItemPath}
method: post
operationId: copyArtifact
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/move/{srcRepoKey}/{srcItemPath}
method: post
operationId: moveArtifact
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/repositories
method: get
operationId: listRepositories
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/repositories/{repoKey}
method: get
operationId: getRepository
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/repositories/{repoKey}
method: put
operationId: createRepository
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/repositories/{repoKey}
method: post
operationId: updateRepository
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/repositories/{repoKey}
method: delete
operationId: deleteRepository
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/search/aql
method: post
operationId: executeAqlSearch
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/search/gavc
method: get
operationId: searchByGAVC
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/search/prop
method: get
operationId: searchByProperties
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/search/checksum
method: get
operationId: searchByChecksum
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/search/latestVersion
method: get
operationId: getLatestVersion
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/users
method: get
operationId: listUsers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/users/{username}
method: get
operationId: getUser
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/users/{username}
method: put
operationId: createOrReplaceUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/security/users/{username}
method: delete
operationId: deleteUser
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/security/groups
method: get
operationId: listGroups
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/groups/{groupName}
method: get
operationId: getGroup
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/groups/{groupName}
method: put
operationId: createOrReplaceGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/security/groups/{groupName}
method: delete
operationId: deleteGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/security/permissions
method: get
operationId: listPermissionTargets
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/permissions/{permissionTargetName}
method: get
operationId: getPermissionTarget
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/security/permissions/{permissionTargetName}
method: put
operationId: createOrReplacePermissionTarget
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/security/permissions/{permissionTargetName}
method: delete
operationId: deletePermissionTarget
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/security/token
method: post
operationId: createToken
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/build
method: get
operationId: listBuilds
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/build/{buildName}
method: get
operationId: getBuildRuns
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/build/{buildName}/{buildNumber}
method: get
operationId: getBuildInfo
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/build/promote/{buildName}/{buildNumber}
method: post
operationId: promoteBuild
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/replications
method: get
operationId: listReplications
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/replications/{repoKey}
method: get
operationId: getReplication
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/replications/{repoKey}
method: put
operationId: createOrReplaceReplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/replications/{repoKey}
method: delete
operationId: deleteReplication
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/storage/{repoKey}/{itemPath}?properties
method: get
operationId: getItemProperties
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /api/storage/{repoKey}/{itemPath}?properties
method: put
operationId: setItemProperties
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /api/storage/{repoKey}/{itemPath}?properties
method: delete
operationId: deleteItemProperties
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /custom/graphql
method: post
operationId: executeGraphQLQuery
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /packages/search
method: post
operationId: searchPackages
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /packages/{packageType}/{packageName}
method: get
operationId: getPackage
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /packages/{packageType}/{packageName}/versions
method: get
operationId: getPackageVersions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /packages/{packageType}/{packageName}/versions/{version}/vulnerabilities
method: get
operationId: getVersionVulnerabilities
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /labels
method: get
operationId: listLabels
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /labels
method: post
operationId: createLabel
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /labels/{labelName}
method: get
operationId: getLabel
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /labels/{labelName}
method: put
operationId: updateLabel
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /labels/{labelName}
method: delete
operationId: deleteLabel
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /labels/{labelName}/packages
method: post
operationId: applyLabelToPackages
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /labels/{labelName}/packages
method: delete
operationId: removeLabelFromPackages
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects
method: get
operationId: listProjects
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects
method: post
operationId: createProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}
method: get
operationId: getProject
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}
method: delete
operationId: deleteProject
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/devices
method: get
operationId: listDevices
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}/devices/{deviceId}
method: get
operationId: getDevice
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}/devices/{deviceId}
method: delete
operationId: removeDevice
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/device-groups
method: get
operationId: listDeviceGroups
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}/device-groups
method: post
operationId: createDeviceGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/device-groups/{groupId}
method: get
operationId: getDeviceGroup
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}/device-groups/{groupId}
method: delete
operationId: deleteDeviceGroup
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/updates
method: get
operationId: listUpdates
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}/updates
method: post
operationId: createUpdate
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/updates/{updateId}
method: get
operationId: getUpdate
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /projects/{projectId}/updates/{updateId}/cancel
method: post
operationId: cancelUpdate
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/commands
method: post
operationId: executeCommand
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /projects/{projectId}/commands/{commandId}
method: get
operationId: getCommandStatus
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/policies
method: get
operationId: listPolicies
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/policies
method: post
operationId: createPolicy
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/policies/{policyName}
method: get
operationId: getPolicy
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v1/policies/{policyName}
method: put
operationId: updatePolicy
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/policies/{policyName}
method: delete
operationId: deletePolicy
x-agentic-access:
action-class: acting
consequence: write
subject: required
audience: null
token:
max-ttl: 900
escalation:
human-in-the-loop: conditional
triggers:
- abnormal
- high-value
audit: required
- path: /v1/audit
method: get
operationId: getAuditLog
x-agentic-access:
# --- truncated at 32 KB (73 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/jfrog/refs/heads/main/agentic-access/jfrog-agentic-access.yml