Draftlink

Documentation map

The docs portal stays in the same application as the product shell so setup, deployment, connector, and developer guidance can evolve with the codebase.

In-repo docs7 foundation routes5 developer routesCurrent: HTTP Guide

Foundation docs

OverviewRoute
Start with the current architecture, product surfaces, and the stable documentation sections.
Getting StartedRoute
Install the workspace, configure local env files, and run the first verification flow.
DeploymentRoute
Use the managed bridge deployment order, health checks, migrations, and workspace bootstrap flow.
ConnectorsRoute
Understand the Figma reference connector, Satellite runtime, and explicit session routing model.
SecurityRoute
Review auth lanes, workspace isolation, policy controls, rate limiting, and audit semantics.
API ReferenceRoute
Browse the stable HTTP route groups, shared envelopes, auth lanes, and machine-readable errors.
TroubleshootingRoute
Use the current operational failure patterns for readiness, auth, session liveness, policy, and MCP issues.

Developer docs

DevelopersRoute
Developer-facing entry point for HTTP, MCP, connector, and shared-contract guidance.
Developer QuickstartRoute
Bring up the bridge, connect one runtime, and make the first explicit authenticated calls.
HTTP GuideOpen
Use the bridge HTTP transport with the correct auth lane, shared envelopes, and explicit targetSessionId routing.
MCP GuideRoute
Use the Streamable HTTP MCP endpoint, LIST_CAPABILITIES, and the same connector-neutral tool catalog.
Connector ModelRoute
Understand connector definitions, capability metadata, data scopes, and high-risk policy presets.

Auth expectations

Use the lane that matches the actor. HTTP keeps human bootstrap and automation execution intentionally separate.

Health and readiness

No bearer token required

Use these routes for process liveness and dependency readiness before any authenticated discovery or execution call.

Human account bootstrap

Supabase user bearer token

This route resolves bridge-owned workspace memberships for a signed-in human user and is the secure shell bootstrap path.

Workspace discovery and governance

API key or Supabase bearer token plus x-uab-workspace-id

Workspace-scoped product routes can use either automation auth or human auth, but both lanes require explicit workspace targeting.

Automation and execution

API key

Agent and integration execution stays on the API-key lane so transport adapters can remain thin over the shared controller.

Discovery-first flow

Load capabilities, connectors, and sessions before attempting tool execution. HTTP discovery shares the same capability metadata that MCP exposes.

Capability discovery request

BASH

curl -X GET http://127.0.0.1:3000/api/v1/capabilities?connectorType=satellite \
  -H "Authorization: Bearer <api-key>" \
  -H "x-uab-workspace-id: <workspace-id>"

GET /api/v1/capabilities

Lists connector-neutral capability metadata and optionally filters by connectorType.

GET /api/v1/connectors

Lists the shared connector catalog.

GET /api/v1/sessions

Lists registered runtime sessions in the authenticated workspace.

GET /api/v1/sessions/:sessionId

Returns explicit session detail, runtime health, capability summaries, and latest published context when present.

GET /api/v1/connectors/:connectorType/sessions

Lists sibling sessions for one connector family without changing the shared session model.

Execution request shape

Tool execution requires an API key and one explicit target session. There is no fallback to any currently active runtime.

Execute one tool

BASH

curl -X POST http://127.0.0.1:3000/api/v1/tools/execute \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <api-key>" \
  -d '{
    "workspaceId": "<workspace-id>",
    "targetSessionId": "satellite-session-1",
    "toolName": "SATELLITE_ECHO",
    "arguments": {
      "text": "hello from the bridge"
    }
  }'