Documentation Portal

Use the stable bridge HTTP surface without inventing transport-local contracts.

This reference keeps the current HTTP routes tied to the live bridge implementation: clear auth lanes, shared response envelopes, explicit workspace targeting, and machine-readable error codes.

Documentation map

The docs portal stays in the same application as the product shell so setup, deployment, connector, and developer guidance can evolve with the codebase.

In-repo docs7 foundation routes5 developer routesCurrent: API Reference

Foundation docs

  • OverviewRoute

    Start with the current architecture, product surfaces, and the stable documentation sections.

  • Getting StartedRoute

    Install the workspace, configure local env files, and run the first verification flow.

  • DeploymentRoute

    Use the managed bridge deployment order, health checks, migrations, and workspace bootstrap flow.

  • ConnectorsRoute

    Understand the Figma reference connector, Satellite runtime, and explicit session routing model.

  • SecurityRoute

    Review auth lanes, workspace isolation, policy controls, rate limiting, and audit semantics.

  • API ReferenceOpen

    Browse the stable HTTP route groups, shared envelopes, auth lanes, and machine-readable errors.

  • TroubleshootingRoute

    Use the current operational failure patterns for readiness, auth, session liveness, policy, and MCP issues.

Developer docs

  • DevelopersRoute

    Developer-facing entry point for HTTP, MCP, connector, and shared-contract guidance.

  • Developer QuickstartRoute

    Bring up the bridge, connect one runtime, and make the first explicit authenticated calls.

  • HTTP GuideRoute

    Use the bridge HTTP transport with the correct auth lane, shared envelopes, and explicit targetSessionId routing.

  • MCP GuideRoute

    Use the Streamable HTTP MCP endpoint, LIST_CAPABILITIES, and the same connector-neutral tool catalog.

  • Connector ModelRoute

    Understand connector definitions, capability metadata, data scopes, and high-risk policy presets.

Auth lanes

Different actors use different lanes on purpose. The transport does not collapse human bootstrap, workspace discovery, and automation execution into one bearer mode.

Health and readiness

No bearer token required

Use these routes for process liveness and dependency readiness before any authenticated discovery or execution call.

  • GET /healthz
  • GET /readyz

Human account bootstrap

Supabase user bearer token

This route resolves bridge-owned workspace memberships for a signed-in human user and is the secure shell bootstrap path.

  • GET /api/v1/account/session

Workspace discovery and governance

API key or Supabase bearer token plus x-uab-workspace-id

Workspace-scoped product routes can use either automation auth or human auth, but both lanes require explicit workspace targeting.

  • GET /api/v1/capabilities
  • GET /api/v1/connectors
  • GET /api/v1/sessions
  • GET /api/v1/sessions/:sessionId
  • GET /api/v1/audit
  • GET /api/v1/admin/api-keys

Automation and execution

API key

Agent and integration execution stays on the API-key lane so transport adapters can remain thin over the shared controller.

  • GET /api/v1/tools
  • POST /api/v1/tools/execute
  • POST /mcp

Shared envelopes

HTTP routes keep one ok-or-error envelope shape so product routes, typed clients, and operators can interpret failures consistently.

Success envelope

JSON
{
  "ok": true,
  "connectorType": "figma",
  "capabilities": [
    {
      "capabilityId": "SET_OPACITY",
      "kind": "tool",
      "connectorType": "figma",
      "commandType": "SET_OPACITY",
      "description": "Set the opacity on one selected node.",
      "outputDataScopes": ["NODE_METADATA"]
    }
  ]
}

Error envelope

JSON
{
  "ok": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authenticated workspace does not match the requested workspace."
  }
}

HTTP route groups

These route groups reflect the current bridge-server transport registrations, including the newer admin and audit paths used by the secure shell.

Health and account

Start here for deployment probes and human workspace bootstrap.

GET

/healthz

Auth: none

Purpose: Proves the bridge process is alive.

GET

/readyz

Auth: none

Purpose: Proves Postgres and Redis are reachable through the active bridge service.

GET

/api/v1/account/session

Auth: Supabase bearer token

Purpose: Returns the authenticated human session plus bridge-owned workspace memberships.

Connector discovery

These routes expose the connector-neutral control plane for capabilities, connectors, and sessions.

GET

/api/v1/capabilities

Auth: API key or Supabase bearer token plus x-uab-workspace-id

Purpose: Lists connector-neutral capability metadata and optionally filters by connectorType.

GET

/api/v1/connectors

Auth: API key or Supabase bearer token plus x-uab-workspace-id

Purpose: Lists the shared connector catalog.

GET

/api/v1/sessions

Auth: API key or Supabase bearer token plus x-uab-workspace-id

Purpose: Lists registered runtime sessions in the authenticated workspace.

GET

/api/v1/sessions/:sessionId

Auth: API key or Supabase bearer token plus x-uab-workspace-id

Purpose: Returns explicit session detail, runtime health, capability summaries, and latest published context when present.

GET

/api/v1/connectors/:connectorType/sessions

Auth: API key or Supabase bearer token plus x-uab-workspace-id

Purpose: Lists sibling sessions for one connector family without changing the shared session model.

Execution and governance

Execution stays explicit about workspaceId and targetSessionId, while governance routes stay workspace-admin scoped.

GET

/api/v1/tools

Auth: API key

Purpose: Lists registered tool names and descriptions for the authenticated workspace.

POST

/api/v1/tools/execute

Auth: API key

Purpose: Executes one tool against one explicit targetSessionId through the shared command controller.

GET

/api/v1/audit

Auth: workspace admin auth

Purpose: Lists persisted audit entries with machine-readable filters for transport, category, status, and error code.

GET

/api/v1/audit/:auditId

Auth: workspace admin auth

Purpose: Returns one audit entry detail for request-level drill-down.

GET

/api/v1/admin/api-keys

Auth: workspace admin auth

Purpose: Lists persisted workspace API keys.

POST

/api/v1/admin/api-keys

Auth: workspace admin auth

Purpose: Creates one new workspace API key and returns the plaintext value once.

POST

/api/v1/admin/api-keys/:apiKeyId/revoke

Auth: workspace admin auth

Purpose: Revokes one persisted workspace API key.

GET

/api/v1/admin/runtime-identities

Auth: workspace admin auth

Purpose: Lists runtime identities with connector detail and available admin actions.

GET

/api/v1/admin/runtime-identities/:sessionId

Auth: workspace admin auth

Purpose: Returns one runtime identity detail.

POST

/api/v1/admin/runtime-identities/:sessionId/disconnect

Auth: workspace admin auth

Purpose: Disconnects one live runtime identity.

POST

/api/v1/admin/runtime-identities/:sessionId/retire

Auth: workspace admin auth

Purpose: Retires one offline runtime identity.

GET

/api/v1/admin/policies/rules

Auth: workspace admin auth

Purpose: Lists persisted workspace policy rules.

POST

/api/v1/admin/policies/rules

Auth: workspace admin auth

Purpose: Creates one policy rule against connector, capability, or data-scope targets.

PATCH

/api/v1/admin/policies/rules/:ruleId

Auth: workspace admin auth

Purpose: Updates one persisted policy rule.

DELETE

/api/v1/admin/policies/rules/:ruleId

Auth: workspace admin auth

Purpose: Deletes one persisted policy rule.

Machine-readable diagnostics

Error codes and audit categories already exist in shared schemas, so docs should surface them directly instead of translating them into page-local copy.

NOT_FOUNDVALIDATION_ERRORSESSION_NOT_FOUNDSESSION_OFFLINERUNTIME_EXECUTION_ERRORRUNTIME_TIMEOUTUNAUTHORIZEDFORBIDDENCAPABILITY_DENIEDDATA_SCOPE_DENIEDRATE_LIMITEDSERVICE_UNAVAILABLEINTERNAL_ERROR

auth

AUTH_SUCCESS, AUTH_FAILURE

runtime_admin

RUNTIME_IDENTITY_READ, RUNTIME_IDENTITY_DISCONNECTED, RUNTIME_IDENTITY_RETIRED

authorization

CAPABILITY_ALLOWED, CAPABILITY_DENIED

data_access

DATA_ALLOWED, DATA_DENIED, DATA_REDACTED

policy_admin

API_KEY_READ, API_KEY_CREATED, API_KEY_REVOKED, POLICY_RULE_READ, POLICY_RULE_CREATED, POLICY_RULE_UPDATED, POLICY_RULE_DELETED

audit_access

AUDIT_LOG_READ

execution

EXECUTION_SUCCESS, EXECUTION_FAILURE

validation

VALIDATION_FAILURE

rate_limit

RATE_LIMITED

runtime

RUNTIME_CONNECTED, RUNTIME_DISCONNECTED, RUNTIME_AUTH_FAILURE