Devin Playbooks API
Create, retrieve, list, update, and delete team playbooks - reusable, named instruction sets that seed new Devin sessions via a playbook_id so recurring tasks run the same way every time.
Create, retrieve, list, update, and delete team playbooks - reusable, named instruction sets that seed new Devin sessions via a playbook_id so recurring tasks run the same way every time.
openapi: 3.0.3
info:
title: Devin API (Cognition Labs)
description: >-
The Devin API lets you create and drive Devin, Cognition's autonomous AI
software engineer, programmatically. This document models the legacy v1
surface (api.devin.ai/v1, still live and documented, authenticated with
apk_user_*/apk_* keys) in full - sessions, messages, attachments,
knowledge, playbooks, and secrets - plus representative endpoints from the
current v3 organizations/enterprise surface (api.devin.ai/v3,
authenticated with cog_ service-user or personal access tokens) and the
v2/v3 consumption (ACU usage) endpoints. The v2/v3 enterprise surface has
additional organization, member, and API-key management endpoints not
exhaustively modeled here; see the humanURL/APIReference links in
apis.yml for the full documented set. All endpoints are transcribed from
Cognition's public documentation at https://docs.devin.ai and have not
been exercised against production credentials, which require an active
paid Devin plan or Enterprise contract.
version: '1.0'
contact:
name: Cognition
url: https://cognition.ai
license:
name: Proprietary
url: https://docs.devin.ai/admin/security
servers:
- url: https://api.devin.ai/v1
description: Legacy v1 API (apk_user_*/apk_* keys)
- url: https://api.devin.ai/v3
description: Current v3 organizations/enterprise API (cog_ keys)
security:
- bearerAuth: []
tags:
- name: Sessions
description: Create and manage Devin sessions (v1 legacy surface).
- name: Messages
description: Send and read messages within a running session.
- name: Attachments
description: Upload and download files for Devin to work with.
- name: Knowledge
description: Organization knowledge entries and folders.
- name: Playbooks
description: Reusable team playbooks that seed new sessions.
- name: Secrets
description: Encrypted credentials Devin can use inside sessions.
- name: Organizations (v3)
description: Current org-scoped session and user management.
- name: Enterprise (v3)
description: Cross-organization administration.
- name: Consumption
description: Agent Compute Unit (ACU) usage and billing metrics.
paths:
/sessions:
post:
operationId: createSession
tags:
- Sessions
summary: Create a new Devin session
description: >-
Creates a new Devin session from a natural-language prompt, optionally
seeded with a playbook, snapshot, knowledge, secrets, tags, and a max
ACU cap.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateSessionInput'
responses:
'200':
description: The created (or, if idempotent and matched, existing) session.
content:
application/json:
schema:
$ref: '#/components/schemas/CreateSessionResponse'
'422':
$ref: '#/components/responses/ValidationError'
get:
operationId: listSessions
tags:
- Sessions
summary: List sessions
description: Lists sessions for the organization, with optional filters.
parameters:
- name: limit
in: query
schema:
type: integer
default: 100
- name: offset
in: query
schema:
type: integer
default: 0
- name: skip
in: query
schema:
type: integer
- name: tags
in: query
description: Filter sessions by tag.
schema:
type: array
items:
type: string
style: form
explode: true
- name: user_email
in: query
description: Filter sessions by the creator's email address.
schema:
type: string
responses:
'200':
description: A page of sessions.
content:
application/json:
schema:
type: object
properties:
sessions:
type: array
items:
$ref: '#/components/schemas/SessionSummary'
'422':
$ref: '#/components/responses/ValidationError'
/sessions/{session_id}:
parameters:
- $ref: '#/components/parameters/SessionId'
get:
operationId: getSession
tags:
- Sessions
summary: Retrieve session details
description: Retrieves full status, message history, and structured output for a session.
responses:
'200':
description: The requested session.
content:
application/json:
schema:
$ref: '#/components/schemas/SessionDetail'
'422':
$ref: '#/components/responses/ValidationError'
delete:
operationId: terminateSession
tags:
- Sessions
summary: Terminate a session
description: Terminates a running session. The session must not already be in an exited state.
responses:
'200':
description: Termination confirmation.
content:
application/json:
schema:
type: object
properties:
detail:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/sessions/{session_id}/tags:
parameters:
- $ref: '#/components/parameters/SessionId'
put:
operationId: updateSessionTags
tags:
- Sessions
summary: Update session tags
description: Replaces the tag list on a session (maximum 50 tags).
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- tags
properties:
tags:
type: array
maxItems: 50
items:
type: string
responses:
'200':
description: Confirmation.
content:
application/json:
schema:
type: object
properties:
detail:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/sessions/{session_id}/message:
parameters:
- $ref: '#/components/parameters/SessionId'
post:
operationId: sendMessage
tags:
- Messages
summary: Send a message to a session
description: >-
Sends a follow-up message into a running session. The session must be
in a running state to receive it; sending a message also wakes a
sleeping session.
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- message
properties:
message:
type: string
responses:
'200':
description: Message accepted, or a detail note if the session was already suspended.
content:
application/json:
schema:
type: object
nullable: true
properties:
detail:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/attachments:
post:
operationId: uploadAttachment
tags:
- Attachments
summary: Upload a file for Devin to work with
description: >-
Uploads a file and returns its URL. Reference the returned URL in a
session prompt as ATTACHMENT:"{file_url}" on its own line.
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
required:
- file
properties:
file:
type: string
format: binary
responses:
'200':
description: The uploaded file's URL.
content:
application/json:
schema:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/attachments/{attachment_id}:
parameters:
- name: attachment_id
in: path
required: true
schema:
type: string
get:
operationId: downloadAttachment
tags:
- Attachments
summary: Download an attachment file
responses:
'200':
description: The raw attachment file contents.
content:
application/octet-stream:
schema:
type: string
format: binary
'422':
$ref: '#/components/responses/ValidationError'
/knowledge:
get:
operationId: listKnowledge
tags:
- Knowledge
summary: List all knowledge entries and folders
responses:
'200':
description: Knowledge entries and folders for the organization.
content:
application/json:
schema:
type: object
properties:
knowledge:
type: array
items:
$ref: '#/components/schemas/KnowledgeEntry'
folders:
type: array
items:
$ref: '#/components/schemas/KnowledgeFolder'
post:
operationId: createKnowledge
tags:
- Knowledge
summary: Create a knowledge entry
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/KnowledgeInput'
responses:
'200':
description: The created knowledge entry.
content:
application/json:
schema:
$ref: '#/components/schemas/KnowledgeEntry'
'422':
$ref: '#/components/responses/ValidationError'
/knowledge/{knowledge_id}:
parameters:
- name: knowledge_id
in: path
required: true
schema:
type: string
put:
operationId: updateKnowledge
tags:
- Knowledge
summary: Update a knowledge entry
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/KnowledgeInput'
responses:
'200':
description: The updated knowledge entry.
content:
application/json:
schema:
$ref: '#/components/schemas/KnowledgeEntry'
'422':
$ref: '#/components/responses/ValidationError'
delete:
operationId: deleteKnowledge
tags:
- Knowledge
summary: Delete a knowledge entry
responses:
'200':
description: Deletion confirmation.
content:
application/json:
schema:
type: object
properties:
detail:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/playbooks:
get:
operationId: listPlaybooks
tags:
- Playbooks
summary: List all team playbooks
responses:
'200':
description: The organization's playbooks.
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Playbook'
post:
operationId: createPlaybook
tags:
- Playbooks
summary: Create a playbook
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PlaybookInput'
responses:
'200':
description: The created playbook.
content:
application/json:
schema:
$ref: '#/components/schemas/Playbook'
'422':
$ref: '#/components/responses/ValidationError'
/playbooks/{playbook_id}:
parameters:
- name: playbook_id
in: path
required: true
schema:
type: string
get:
operationId: getPlaybook
tags:
- Playbooks
summary: Get a playbook
responses:
'200':
description: The requested playbook.
content:
application/json:
schema:
$ref: '#/components/schemas/Playbook'
'422':
$ref: '#/components/responses/ValidationError'
put:
operationId: updatePlaybook
tags:
- Playbooks
summary: Update a playbook
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PlaybookInput'
responses:
'200':
description: The updated playbook.
content:
application/json:
schema:
$ref: '#/components/schemas/Playbook'
'422':
$ref: '#/components/responses/ValidationError'
delete:
operationId: deletePlaybook
tags:
- Playbooks
summary: Delete a playbook
responses:
'200':
description: Deletion confirmation.
content:
application/json:
schema:
type: object
properties:
detail:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/secrets:
get:
operationId: listSecrets
tags:
- Secrets
summary: List all secrets
description: Returns secret metadata only, never secret values.
responses:
'200':
description: The organization's secret metadata.
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/SecretMetadata'
post:
operationId: createSecret
tags:
- Secrets
summary: Create a secret
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/SecretInput'
responses:
'200':
description: The created secret's identifier.
content:
application/json:
schema:
type: object
properties:
id:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/secrets/{secret_id}:
parameters:
- name: secret_id
in: path
required: true
schema:
type: string
delete:
operationId: deleteSecret
tags:
- Secrets
summary: Delete a secret
responses:
'200':
description: Deletion confirmation.
content:
application/json:
schema:
type: object
properties:
detail:
type: string
'422':
$ref: '#/components/responses/ValidationError'
/organizations/{org_id}/sessions:
parameters:
- $ref: '#/components/parameters/OrgId'
post:
operationId: createOrganizationSession
tags:
- Organizations (v3)
summary: Create a session (v3, organization-scoped)
description: >-
v3 equivalent of POST /sessions, scoped to an organization and served
from https://api.devin.ai/v3. Supports create_as_user_id to attribute
the session to a specific organization member.
servers:
- url: https://api.devin.ai/v3
requestBody:
required: true
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/CreateSessionInput'
- type: object
properties:
create_as_user_id:
type: string
description: Attribute the session to this organization user.
responses:
'200':
description: The created session.
content:
application/json:
schema:
$ref: '#/components/schemas/CreateSessionResponse'
'401':
$ref: '#/components/responses/Unauthorized'
'422':
$ref: '#/components/responses/ValidationError'
/organizations/members/users:
get:
operationId: listOrganizationUsers
tags:
- Organizations (v3)
summary: List organization users (v3)
description: Lists users in the organization, for use with create_as_user_id.
servers:
- url: https://api.devin.ai/v3
responses:
'200':
description: A list of organization users.
content:
application/json:
schema:
type: object
properties:
users:
type: array
items:
type: object
properties:
id:
type: string
email:
type: string
full_name:
type: string
'401':
$ref: '#/components/responses/Unauthorized'
/enterprise/organizations:
get:
operationId: listEnterpriseOrganizations
tags:
- Enterprise (v3)
summary: List enterprise organizations
description: Lists every organization under the enterprise account.
servers:
- url: https://api.devin.ai/v3
responses:
'200':
description: A list of organizations.
content:
application/json:
schema:
type: object
properties:
organizations:
type: array
items:
type: object
properties:
id:
type: string
name:
type: string
'401':
$ref: '#/components/responses/Unauthorized'
/enterprise/audit-logs:
get:
operationId: listEnterpriseAuditLogs
tags:
- Enterprise (v3)
summary: List enterprise audit logs
description: Paginated audit log entries with time-based filtering.
servers:
- url: https://api.devin.ai/v3
parameters:
- name: start_time
in: query
description: Unix timestamp (seconds) lower bound.
schema:
type: integer
- name: end_time
in: query
description: Unix timestamp (seconds) upper bound.
schema:
type: integer
- name: cursor
in: query
schema:
type: string
responses:
'200':
description: A page of audit log entries.
content:
application/json:
schema:
type: object
properties:
entries:
type: array
items:
type: object
additionalProperties: true
next_cursor:
type: string
nullable: true
'401':
$ref: '#/components/responses/Unauthorized'
/enterprise/consumption/daily:
get:
operationId: getEnterpriseDailyConsumption
tags:
- Consumption
summary: Get daily ACU consumption for the enterprise
servers:
- url: https://api.devin.ai/v3
parameters:
- name: start_time
in: query
description: Unix timestamp (seconds) lower bound.
schema:
type: integer
- name: end_time
in: query
description: Unix timestamp (seconds) upper bound.
schema:
type: integer
responses:
'200':
description: Daily ACU consumption totals.
content:
application/json:
schema:
type: object
properties:
days:
type: array
items:
type: object
properties:
date:
type: string
format: date
acu_consumed:
type: number
'401':
$ref: '#/components/responses/Unauthorized'
/organizations/{org_id}/consumption/sessions:
parameters:
- $ref: '#/components/parameters/OrgId'
get:
operationId: getSessionDailyConsumption
tags:
- Consumption
summary: Get per-session daily ACU consumption
servers:
- url: https://api.devin.ai/v3
parameters:
- name: start_time
in: query
schema:
type: integer
- name: end_time
in: query
schema:
type: integer
responses:
'200':
description: Per-session daily ACU consumption.
content:
application/json:
schema:
type: object
properties:
sessions:
type: array
items:
type: object
properties:
session_id:
type: string
date:
type: string
format: date
acu_consumed:
type: number
'401':
$ref: '#/components/responses/Unauthorized'
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
description: >-
v1/v2 keys are prefixed apk_user_* (personal) or apk_* (service). The
current v3 API uses service-user or personal access tokens prefixed
cog_. Passed as `Authorization: Bearer YOUR_API_KEY`.
parameters:
SessionId:
name: session_id
in: path
required: true
description: The unique identifier of the session.
schema:
type: string
OrgId:
name: org_id
in: path
required: true
description: The organization ID, found in Settings > Service Users.
schema:
type: string
responses:
Unauthorized:
description: Missing or invalid bearer token.
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationErrorBody'
ValidationError:
description: The request payload failed validation.
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationErrorBody'
schemas:
ValidationErrorBody:
type: object
properties:
detail:
type: array
items:
type: object
properties:
loc:
type: array
items:
type: string
msg:
type: string
type:
type: string
CreateSessionInput:
type: object
required:
- prompt
properties:
prompt:
type: string
description: The task prompt for Devin to work on.
title:
type: string
description: Custom session name; auto-generated if omitted.
snapshot_id:
type: string
playbook_id:
type: string
knowledge_ids:
type: array
items:
type: string
nullable: true
description: Null uses all knowledge; empty array uses none.
secret_ids:
type: array
items:
type: string
nullable: true
description: Null uses all secrets; empty array uses none.
session_secrets:
type: array
items:
type: object
properties:
key:
type: string
value:
type: string
sensitive:
type: boolean
structured_output_schema:
type: object
description: JSON Schema (Draft 7) for validating structured output. Max 64KB.
additionalProperties: true
tags:
type: array
maxItems: 50
items:
type: string
max_acu_limit:
type: integer
description: Maximum ACU allowance for the session.
idempotent:
type: boolean
default: false
unlisted:
type: boolean
default: false
CreateSessionResponse:
type: object
required:
- session_id
- url
properties:
session_id:
type: string
url:
type: string
is_new_session:
type: boolean
SessionStatusEnum:
type: string
enum:
- working
- blocked
- expired
- finished
- suspend_requested
- suspend_requested_frontend
- resume_requested
- resume_requested_frontend
- resumed
SessionSummary:
type: object
required:
- session_id
- status
- created_at
- updated_at
properties:
session_id:
type: string
status:
type: string
status_enum:
$ref: '#/components/schemas/SessionStatusEnum'
created_at:
type: string
format: date-time
updated_at:
type: string
format: date-time
title:
type: string
requesting_user_email:
type: string
playbook_id:
type: string
snapshot_id:
type: string
tags:
type: array
items:
type: string
pull_request:
type: object
properties:
url:
type: string
structured_output:
type: object
additionalProperties: true
SessionDetail:
allOf:
- $ref: '#/components/schemas/SessionSummary'
- type: object
properties:
messages:
type: array
default: []
items:
type: object
additionalProperties: true
KnowledgeInput:
type: object
required:
- name
- body
- trigger_description
properties:
name:
type: string
body:
type: string
trigger_description:
type: string
description: Describes when this knowledge entry should apply.
macro:
type: string
parent_folder_id:
type: string
pinned_repo:
type: string
KnowledgeEntry:
allOf:
- $ref: '#/components/schemas/KnowledgeInput'
- type: object
properties:
id:
type: string
created_at:
type: string
format: date-time
created_by:
type: object
properties:
full_name:
type: string
id:
type: string
nullable: true
image_url:
type: string
nullable: true
KnowledgeFolder:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
created_at:
type: string
format: date-time
PlaybookInput:
type: object
required:
- title
- body
properties:
title:
type: string
body:
type: string
macro:
type: string
access_type:
type: string
Playbook:
allOf:
- $ref: '#/components/schemas/PlaybookInput'
- type: object
properties:
playbook_id:
type: string
status:
type: string
org_id:
type: string
created_at:
type: string
format: date-time
nullable: true
updated_at:
type: string
format: date-time
nullable: true
created_by_user_id:
type: string
nullable: true
created_by_user_name:
type: string
nullable: true
SecretInput:
type: object
required:
- type
- key
- value
properties:
type:
type: string
enum:
- cookie
- key-value
- dictionary
- totp
key:
type: string
description: Unique name for the secret within the organization.
value:
type: string
description: The secret value to store. Encrypted at rest.
sensitive:
type: boolean
description: Whether the value is redacted in logs.
note:
type: string
SecretMetadata:
type: object
properties:
id:
type: string
type:
type: string
enum:
- cookie
- key-value
- dictionary
- totp
key:
type: string
nullable: true
created_at:
type: string
format: date-time
nullable: true