Default server (canonical): http://127.0.0.1:17380. API base path: /api.
Loopback host policy: contract/docs/examples standardize on 127.0.0.1 to avoid
string drift in env/doc gates. localhost may still work locally, but is not the
canonical contract literal.
The product uses several operator-facing surfaces that are related but not interchangeable:
Use this map before assuming every endpoint that mentions a run is talking about the same truth surface.
x-automation-client-id: client correlation id for audit/replay traceability. When token auth is enabled, requests that carry x-automation-token must also include x-automation-client-id (otherwise 400).x-automation-token: shared secret header for token-protected APIs.tests/web-harness/src/api-gen/core/request.ts treats empty success bodies as undefined.content-type includes application/json; otherwise the generated client returns response text.pnpm contracts:generate is the only accepted way to refresh tests/web-harness/src/api-gen/**.
If gate runs regenerate those files, the generated client bundle must be committed together with the source-of-truth contract change.Current scope note:
tests/web-harness/src/api-gen/**health, automation, and command-tower modules, not
the full OpenAPI surfaceIf you need proof, template, or workflow-run integrations today, call the HTTP
contract directly or mirror the first-party fetch pattern from
apps/command-center/src/hooks/useApiClient.ts and
apps/command-center/src/hooks/useProofApi.ts.
Use this API page together with docs/reference/integration-entrypoints.md.
Today the honest builder rule is:
That is similar to the difference between:
Both are useful, but they are not the same promise.
GET /GET /metrics (Prometheus text)GET /health/GET /health/metrics (Prometheus text, same payload as /metrics)GET /health/diagnosticsGET /health/alertsPOST /health/rumHealth payload contracts:
GET /health/diagnostics main fields:
status, uptime_seconds, storage_backend, task_counts, task_total, metricsgenerated_at, diagnostics_index, alertsGET /health/alerts main fields:
state, failure_rate, threshold, completed, failedalerts, totalMetrics/observability notes:
/metrics and /health/metrics expose minimal RED + automation counters:
uiq_http_requests_total, uiq_http_request_errors_totaluiq_http_request_duration_seconds_* (histogram buckets/sum/count)uiq_http_active_requestsuiq_rum_samples_total, uiq_rum_metric_*)RUM ingest:
POST /health/rumBody example:
{
"metric": "LCP",
"value": 1820.1,
"rating": "good",
"path": "/",
"navigationType": "navigate",
"timestampMs": 1739999999999
}
LCP, CLS, INP, FCP, TTFB)..runtime-cache/metrics/rum-summary.json.GET /api/csrfPOST /api/registerRoute /register exists but is excluded from API schema (include_in_schema=false) and only redirects to frontend register page.
GET /api/automation/commandsGET /api/automation/tasksGET /api/automation/tasks/{task_id}POST /api/automation/runPOST /api/automation/tasks/{task_id}/cancelAutomation lane semantics:
POST /api/automation/run queues an allowlisted automation command and
returns an AutomationTask snapshot./api/runs lane../scripts/run-pipeline.sh).script-pipeline-* family, for
example script-pipeline-capture, script-pipeline-capture-midscene,
script-pipeline-full, and script-pipeline-full-midscene.pnpm uiq run.POST /api/computer-use/sessionsPOST /api/computer-use/sessions/{session_id}/previewPOST /api/computer-use/sessions/{session_id}/confirm/{action_id}POST /api/computer-use/sessions/{session_id}/execute/{action_id}GET /api/computer-use/sessions/{session_id}/evidenceComputer Use ownership and execution guarantees:
403.POST /api/computer-use/sessions/{session_id}/execute/{action_id} is mutex + idempotent per action. Concurrent duplicate execute calls do not re-run the underlying Playwright action; repeated calls return the same execution snapshot.POST /api/embeddings/batchGET /api/sessionsPOST /api/sessions/startPOST /api/sessions/{session_id}/finishPOST /api/computer-use/sessionsPOST /api/computer-use/sessions/{session_id}/previewPOST /api/computer-use/sessions/{session_id}/confirm/{action_id}POST /api/computer-use/sessions/{session_id}/execute/{action_id}GET /api/computer-use/sessions/{session_id}/evidenceGET /api/flowsPOST /api/flows/import-latestPOST /api/flowsGET /api/flows/{flow_id}PATCH /api/flows/{flow_id}GET /api/templatesPOST /api/templatesPOST /api/templates/from-artifactsPOST /api/templates/promoteGET /api/templates/{template_id}PATCH /api/templates/{template_id}GET /api/templates/{template_id}/exportGET /api/templates/{template_id}/historyPOST /api/templates/{template_id}/fork-versionPOST /api/templates/{template_id}/mark-recommendedTemplate lifecycle notes:
POST /api/templates/promote creates a versioned template asset from a flow
or an existing run context.GET /api/templates/{template_id}/history lists all versions in one template
family.POST /api/templates/{template_id}/fork-version creates a new version in the
same family.POST /api/templates/{template_id}/mark-recommended switches the family’s
recommended version.PATCH /api/templates/{template_id} still exists for compatibility and
shallow edits, but it is no longer the preferred path for structural version
upgrades.GET /api/runsPOST /api/runsGET /api/runs/{run_id}POST /api/runs/{run_id}/otpPOST /api/runs/{run_id}/resumePOST /api/runs/{run_id}/cancelWorkflow lane semantics:
/api/runs manages operator-facing workflow runs created from saved
templates and parameters.AutomationTask when execution is required./api/runs is therefore related to /api/automation/run, but it is not the
same lane and should not be documented as equivalent.pnpm uiq run --profile ... --target ... lane when you need
manifest/summary/evidence-index bundle semantics.Run status model in current backend implementation:
queued|running|waiting_user|waiting_otp|success|failed|cancelledwaiting_otp: run paused for OTP/3DS input.waiting_user: run paused by manual gate (including protected payment provider flows and protection challenges that require user intervention).Compatibility note:
blocked remains in OpenAPI enum for downstream compatibility but is currently not emitted by backend run records.artifacts_ref may appear in current response models and frontend types, but
it should be treated as a run artifact pointer surface rather than the primary
workflow truth source.RunCreateRequest.session_id is accepted for contract compatibility but is
not the current authoritative selector for run execution in backend behavior.Truth-source note:
Run is not the execution engine itself.AutomationTask to perform the underlying
replay/execution work, then synchronizes Run.status, wait_context, and
progress from task state and runtime output parsing.command-tower endpoints and reconstruction outputs
should be read as runtime projections, not as the primary run ledger.Stress Lab or /api/runs to start work,Runs & Blocks or /api/runs + /api/automation/* to track work,Advanced Review or /api/proof/* when you need governed evidence for
a deeper comparison,command-tower only when you need draft/replay/runtime projection data.RunOtpSubmitRequest.otp_code is optional in v2 contract:
waiting_otp, provide otp_code.waiting_user, otp_code may be omitted when the gate does not require OTP-form input.This section documents the v2 manual-gate flow for protected payment providers.
Trigger conditions:
waiting_user when a manual gate is required beyond normal OTP polling.wait_context fields on Run:
reason_code: machine-readable reason of the wait state (for example provider_protected_payment_step).at_step_id: step id where pause is detected.after_step_id: last completed step id before pause.resume_from_step_id: explicit resume anchor step id.resume_hint: human-readable operator hint.provider_domain: optional provider hint (for example stripe.com).gate_required_by_policy: whether pause is enforced by explicit gate policy.Canonical continue execution flow:
GET /api/runs/{run_id} until status becomes waiting_otp or waiting_user.wait_context for pause reason and resume anchor (resume_from_step_id).POST /api/runs/{run_id}/resume:
waiting_otp example: {"kind":"otp","otp_code":"123456"}.waiting_user example for manual approval: {"kind":"approval","approved":true}.waiting_user example for supplemental input: {"kind":"input","input_text":"continue"}.GET /api/runs/{run_id} until terminal status (success|failed|cancelled).Compatibility note:
POST /api/runs/{run_id}/otp remains as a compatibility wrapper for legacy
clients, but first-party callers should move to /resume.GET /api/proof/campaignsPOST /api/proof/campaignsGET /api/proof/campaigns/{campaign_id}POST /api/proof/campaigns/{campaign_id}/diffPOST /api/proof/runs/compareGET /api/proof/runs/{run_id}/ai-reviewGET /api/proof/runs/{run_id}/release-briefGET /api/proof/runs/{run_id}/similar-failures?limit=<n>GET /api/proof/templates/{template_id}/feasibility?target=<target>Proof/review semantics:
POST /api/proof/runs/compare compares two run bundles and returns gate,
metric, and failed-check deltas.GET /api/proof/runs/{run_id}/ai-review returns the operator-facing AI
review projection for one run, rather than forcing clients to parse raw
artifact files.GET /api/proof/runs/{run_id}/release-brief summarizes one run into an
operator-facing brief with recommendation, observed failed checks, AI finding
counts, and the next suggested decision step.GET /api/proof/runs/{run_id}/similar-failures ranks governed historical
failure cases for one run and returns why each candidate matched.GET /api/proof/templates/{template_id}/feasibility answers whether a
template is realistically supportable on a given target based on current
driver capabilities.Builder note:
GET /api/integrations/vonage/inbound-smsPOST /api/integrations/vonage/inbound-smsVonage inbound auth notes:
x-vonage-inbound-token: <VONAGE_INBOUND_TOKEN>.x-vonage-token and x-inbound-token are accepted only when VONAGE_INBOUND_TOKEN_HEADER_ENABLED=true.?token=... is no longer supported (always rejected with 401).VONAGE_SIGNATURE_SECRET, VONAGE_SIGNATURE_ALGO (current implementation only accepts sha256).messageId callbacks are idempotently accepted and marked as duplicate=true.POST /api/profiles/resolvePOST /api/reconstruction/previewPOST /api/reconstruction/generatePOST /api/embeddings/batchGET /api/command-tower/overviewGET /api/command-tower/latest-flowGET /api/command-tower/latest-flow-draftPATCH /api/command-tower/latest-flow-draftPOST /api/command-tower/replay-latestPOST /api/command-tower/replay-latest-from-stepPOST /api/command-tower/replay-latest-stepPOST /api/command-tower/orchestrate-from-artifactsGET /api/command-tower/evidenceGET /api/command-tower/evidence-timelineCommand-tower query semantics:
session_id is optional on latest-flow*, replay*, and evidence-timeline.step_id is required on /api/command-tower/evidence.session_id to resolve to latest owned session.session_id returns 422.404.