HTTP API
Every route exposed by the gateway (`npm run serve`)
The HTTP gateway (npm run serve) exposes the same agent behind a REST/SSE API. Every route lives on version-prefixed /v1/..., except the unauthenticated /healthz liveness probe.
Authentication
Set GATEWAY_AUTH_TOKEN in the environment to require a bearer token on every /v1/... route. If unset, the gateway accepts all requests (use only for local development).
Authorization: Bearer <GATEWAY_AUTH_TOKEN>Health
| Method | Path | Description |
|---|---|---|
GET | /healthz | Liveness probe. Returns 200 with \{"ok": true\} if the gateway is up. |
GET | /v1/healthz | Versioned mirror of /healthz. Returns \{"ok": true, "ts": ...\} without auth s… |
Chat
| Method | Path | Description |
|---|---|---|
POST | /v1/chat | Single agent turn. The request body is queued, the agent runs to completion (or … |
POST | /v1/chat/stream | Streaming agent turn over Server-Sent Events. Each SSE event is a JSON payload d… |
POST | /v1/assist/system-prompt | Streams a Custom Agent system prompt for the Web UI wizard's Generate-with-AI pa… |
GET | /v1/chat/stream/resume | Reattach to an in-flight /v1/chat/stream SSE buffer that was interrupted by a … |
POST | /v1/chat/interject | Queue a steering message for the session's in-flight turn. The gateway injects i… |
POST | /v1/chat/interrupt | Stop the session's in-flight turn. The turn ends gracefully: partial work is kep… |
GET | /v1/chat/sessions/:id/goal | Return the session's standing goal, or null when none is set. The agent pursue… |
POST | /v1/chat/sessions/:id/goal | Set a standing goal for the session. Rejected with 400 when a goal is already ac… |
POST | /v1/chat/sessions/:id/goal/pause | Pause the standing goal's continuation. Manual turns still work; the goal can be… |
POST | /v1/chat/sessions/:id/goal/resume | Resume a paused goal. Resets the turn budget so the goal gets a fresh run of tur… |
POST | /v1/chat/sessions/:id/goal/clear | Clear the standing goal. Terminal — the goal is gone. |
POST | /v1/chat/sessions/:id/goal/subgoals | Append an acceptance criterion to the standing goal. The judge and the next-turn… |
DELETE | /v1/chat/sessions/:id/goal/subgoals/:n | Remove the acceptance criterion at position n (1-based). Rejected with 400 whe… |
Chat sessions
| Method | Path | Description |
|---|---|---|
GET | /v1/sessions | List the user's chat sessions with last-activity timestamp and turn count. Used … |
POST | /v1/sessions | Provision a new session id; the agent loop scopes per-session state (frozen snap… |
State & control
| Method | Path | Description |
|---|---|---|
GET | /v1/status | Kill switch state, daily spend, tool count, review engine state. Equivalent to t… |
GET | /v1/system-metrics | Process + system snapshot for the Dashboard System status row: CPU percent, memo… |
GET | /v1/dashboard/achievements | Marketing-style stats for the web-ui Dashboard banner: activation timestamp, dis… |
GET | /v1/portfolio | Current portfolio snapshot from the Minara backend, formatted for agent consumpt… |
GET | /v1/methodologies | List of registered methodologies with their pass/fail counts and recent outcomes… |
GET | /v1/learning/audit/reports | Trend + history of methodology audit health reports. Query days (default 30) b… |
GET | /v1/learning/audit/reports/latest | The most recent methodology audit report in full: composite health score, per-di… |
GET | /v1/learning/audit/reports/:passId | One methodology audit report in full, looked up by its pass id. |
POST | /v1/learning/audit/run | Run one audit pass on demand and persist it. Optional body \{ windowDays \} (cla… |
GET | /v1/workflows | List local workflow definitions and executions managed by the workflow engine. |
POST | /v1/kill | Blocks all tier ≥ 2 tool calls until /v1/unkill is called. Intended for emerge… |
POST | /v1/unkill | Clears the kill switch flag. |
POST | /v1/interactions/:id/answer | Submit the user's answer to a paused agent prompt (the agent loop stops on inte… |
Portfolio
| Method | Path | Description |
|---|---|---|
GET | /v1/portfolio/status | Quick readiness probe: whether Minara is authenticated and which venues are reac… |
GET | /v1/portfolio/spot | Aggregate spot balances across every connected wallet, normalized to the gateway… |
GET | /v1/portfolio/spot/positions | Per-asset spot positions including avg cost basis when known. |
GET | /v1/portfolio/perps | Open perp positions across every Minara perp sub-wallet. Use ?subAccountId= to… |
GET | /v1/portfolio/perps/summary | Aggregated equity / margin / unrealized PnL across perp subs. |
GET | /v1/portfolio/history | Timeseries of total portfolio value bucketed for chart display. |
GET | /v1/portfolio/spot/activity | Cross-chain spot activity feed (swaps + transfers) for the user's primary wallet… |
Perps
| Method | Path | Description |
|---|---|---|
GET | /v1/perps/account-state | Live state for one Hyperliquid sub: equity, margin usage, withdrawable, open ord… |
GET | /v1/perps/sub-accounts | All perp sub-wallets under the user's Minara perp wallet, with the multi-exchang… |
GET | /v1/perp-wallets | Same handler as /v1/perps/sub-accounts; aligned with the upstream OpenAPI path… |
POST | /v1/perp-wallets | Create a new perp sub-account bound to one exchange (hyperliquid |
POST | /v1/perps/sub-accounts | Agent-native alias of POST /v1/perp-wallets. Same body, same response shape. |
POST | /v1/perp-wallets/rename | Rename an existing perp sub-account. Body: \{ subAccountId: string, name: string… |
POST | /v1/perps/sub-accounts/rename | Agent-native alias of POST /v1/perp-wallets/rename. |
POST | /v1/trading-gateway/place-orders | Batch place perp orders against the sub-account's bound exchange. Each order use… |
POST | /v1/trading-gateway/cancel-orders | Batch cancel by \{ symbol, orderId \}. Body: \{ cancels: \{ symbol: string, order… |
POST | /v1/trading-gateway/modify-order | Modify an active order's price, quantity, or trigger price. Body: \{ symbol: str… |
POST | /v1/trading-gateway/update-leverage | Change leverage and margin mode (cross vs isolated) on a symbol in one round-tri… |
POST | /v1/trading-gateway/update-isolated-margin | Adjust the isolated-margin amount on an existing position. Body: \{ symbol: stri… |
POST | /v1/trading-gateway/withdraw | Withdraw USDC to an external address. Body: \{ amount: string, toAddress: string… |
GET | /v1/trading-gateway/summary | One-shot read for a single sub-wallet's equity, open positions, and open orders.… |
GET | /v1/wallet/deposits | One envelope with spot + perps deposit addresses. Spot maps from the user's cros… |
GET | /v1/wallet/supported-chains | Proxy of the upstream Minara /tokens/supported-chains endpoint. Returns the li… |
POST | /v1/wallet/deposits/watch | Server-sent-events stream tracking real-time deposit detection for one perps USD… |
POST | /v1/wallet/withdraw/spot | Preview a cross-chain spot withdraw (confirm: false) or execute it (confirm: … |
POST | /v1/wallet/withdraw/perps | Preview a perps USDC/Arbitrum withdraw (confirm: false) or execute it (confir… |
GET | /v1/wallet/withdrawals/{operationId} | Durable status lookup for a withdraw operation. Returns the latest known \{opera… |
POST | /v1/wallet/withdrawals/{operationId}/watch | Server-sent-events stream tracking outbound tx finality for one withdraw operati… |
GET | /v1/perps/trades | Hyperliquid fill history for one sub-wallet (live, not the local mirror). Mirror… |
GET | /v1/perps/funding | Funding payments received / paid per perp position. |
GET | /v1/perps/order-history | Recently filled / cancelled orders. |
GET | /v1/perps/lighter-pnl | Rolling realized PnL for a Lighter sub-wallet, fetched from Lighter's first-clas… |
GET | /v1/orders | Currently resting orders across every perp sub-wallet. |
POST | /v1/perps/transfer | Move idle USDC from one perp sub-wallet to another. USDC only. Fund-moving: prev… |
GET | /v1/perps/sub-account/:subAccountId/idle-usdc | The single 'available to transfer' number for a perp sub-wallet: idle USDC after… |
Autopilot
| Method | Path | Description |
|---|---|---|
GET | /v1/autopilot/strategies | List user-deployed autopilot strategies + their on/off state. |
GET | /v1/autopilot/records | Recent autopilot decision + execution log. Useful for the Autopilot tab in the w… |
POST | /v1/autopilot/:strategyId/:action | Enable, disable, pause, or resume one strategy. Fund-moving toggles are gated on… |
GET | /v1/autopilot/managed/catalog | List the managed (fully-managed) strategy types the picker can offer — Sharpe Gu… |
GET | /v1/autopilot/managed/catalog/:strategyType/backtest | Backtest preview for one managed strategy type (equity curve + headline stats). … |
GET | /v1/autopilot/managed/strategies | Every managed strategy with its bound sub-account and normalized status. The /au… |
GET | /v1/autopilot/managed/aggregated-summary | Single aggregate source shared by the /autopilot KPI bar and the Dashboard manag… |
GET | /v1/autopilot/managed/xstrategy/deployments | Lists the user's live XStrategy deployments (any status) so the Autopilot strate… |
GET | /v1/autopilot/managed/xstrategy/backtest/:backtestId | Full multi-asset backtest report for a deployment (add /curves for the equity … |
GET | /v1/autopilot/managed/by-sub-account/:subAccountId | Per-sub-account snapshot the detail panel consumes: the bound strategy (or null)… |
POST | /v1/autopilot/managed/strategies | Create a managed strategy on a sub-wallet. Fund-moving: omit confirm (or pass … |
POST | /v1/autopilot/managed/run | Run a strategy from another source as autopilot. marketplace subscribes the pu… |
POST | /v1/autopilot/managed/:strategyId/disable | Stop a running managed strategy. Fund-affecting, so it follows the same preview … |
POST | /v1/autopilot/managed/xstrategy/:strategyId/stop | Stop a live XStrategy deployment the user authored (Autopilot surfaces it alongs… |
POST | /v1/autopilot/managed/xstrategy/:strategyId/deploy | Deploy an XStrategy onto the selected sub-wallet by cloning the existing deploym… |
Market data
| Method | Path | Description |
|---|---|---|
GET | /v1/quote/batch | Spot/perp quotes for many tickers in one round trip — used by the Ticker Board t… |
GET | /v1/quote/:ticker | Spot price + 24h change + traditional metrics (P/E, EPS, dividend yield, 52-week… |
GET | /v1/quote/crypto/:symbol | Market cap, FDV, 24h volume (USD), 24h % change, name, logo, and chain for one c… |
GET | /v1/market/candles | OHLC bars for one ticker + interval. Routes to the appropriate provider (Hyperli… |
GET | /v1/market/sparkline | Compact close-only series for inline sparkline rendering in the web UI. |
GET | /v1/market/search | Fuzzy-match ticker symbols + names across crypto, stocks, ETFs, commodities, for… |
GET | /v1/markets/movers | Biggest movers for the markets overview board. class=stocks (default) returns … |
GET | /v1/markets/snapshot | The markets overview board's macro bundle in one call: major index quotes (with … |
GET | /v1/markets/sectors | Daily performance of the 11 GICS sectors for the board's heatmap, proxied by the… |
GET | /v1/markets/news | A market headline feed for the board, parsed from Yahoo Finance's keyless RSS. ``… |
GET | /v1/markets/calendar | The next session's earnings reports from Nasdaq's keyless calendar, forward-fill… |
Voice
| Method | Path | Description |
|---|---|---|
GET | /v1/voice/status | Whether speech services are configured: stt_configured (a transcription provid… |
GET | /v1/voice/voices | The voice-picker option list: official preset voices (ElevenLabs + OpenAI, alway… |
GET | /v1/voice/settings | Current user-tunable speech-synthesis settings (stability, similarity_boost, sty… |
PUT | /v1/voice/settings | Persist user-tuned speech-synthesis settings. Accepts a partial object; every fi… |
POST | /v1/voice/cleanup | Delete persisted voice audio (spoken replies + mic recordings) on chat messages … |
POST | /v1/voice/transcribe | Transcribe an uploaded audio recording via the configured voice provider (Eleven… |
POST | /v1/voice/tts | Stream synthesized speech for up to 4096 chars of text. The provider body is pip… |
POST | /v1/sessions/:id/voice-audio | Attach a previously-uploaded audio file (POST /v1/files) to an assistant message… |
Files & artifacts
| Method | Path | Description |
|---|---|---|
POST | /v1/files | Upload a file into the sandboxed workspace. Returns a key that can be referenced… |
GET | /v1/files/:key | Stream a previously-uploaded sandboxed file back to the caller. |
GET | /v1/artifacts/:id | Fetch an agent-generated artifact (chart, spreadsheet, report payload) by its id… |
GET | /v1/artifacts | List completed report artifacts for the web UI's Files pages. Filter by kind=ch… |
GET | /v1/sandbox/files/:name | Read a file the agent wrote into its per-session sandbox. Cannot escape the sand… |
Workspace files
| Method | Path | Description |
|---|---|---|
GET | /v1/workspace/files | Enumerate every editable workspace md file with size, mtime, and sha256. Files t… |
GET | /v1/workspace/files/:name | Return the contents of a single workspace md file plus its sha256. :name must … |
PUT | /v1/workspace/files/:name | Atomically replace a workspace md file. expected_sha256 is REQUIRED — pass the… |
POST | /v1/workspace/files/:name/restore-template | Overwrite the workspace file with the shipped template from src/workspace/templ… |
Research
| Method | Path | Description |
|---|---|---|
POST | /v1/research | Run the deep-research pipeline directly from the gateway without going through t… |
Personalization & memory
| Method | Path | Description |
|---|---|---|
GET | /v1/profile | Read the rebuilt personalization snapshot the agent injects into every system pr… |
GET | /v1/profile/onboarding | Whether the user has completed onboarding, plus their raw saved answers. Used by… |
POST | /v1/profile/onboarding | Apply onboarding answers: maps finance knowledge / frequency / risk / markets to… |
GET | /v1/financial-profile | Latest persisted financial_profile row: rebuilt platform wallet summary (compo… |
PUT | /v1/profile/prompt | Replace the user's custom system-prompt addendum (max 2000 chars). Surfaces in t… |
DELETE | /v1/profile/prompt | Drop the addendum. UI surfaces a hard-confirm before calling. |
PUT | /v1/profile/tags/:name | Set or clear one of the 10 behavioural-tag dimensions (e.g. risk, markets, ``… |
DELETE | /v1/profile/tags/:name | Equivalent to PUT with value: null — the tag is cleared and the agent re-infer… |
GET | /v1/memory | Read recent memories filtered by category, or run a hybrid (BM25 + vector) sea… |
GET | /v1/memory/trading-cases | Legacy free-form notes feed (memories table where category = 'trading-cases').… |
GET | /v1/memory/research-cases | Memories from /research runs filtered by topic. Used by the Research retrosp… |
POST | /v1/memory | Hand-write a memory the agent should always remember. Server stamps category=pe… |
PATCH | /v1/memory/:id | Edit statement, fact_type, or tickers on a source=user_manual memory. Ot… |
DELETE | /v1/memory/:id | Mark deleted_at = now(). Read paths (FTS, listings, snapshot) filter the row o… |
POST | /v1/memory/:id/restore | Clears deleted_at. Wired to the web-UI undo toast (5 second window) but works … |
POST | /v1/profile/refresh | Run all three personalization rebuilds (trading_summary / tags / memories) with … |
GET | /v1/profile/trade-history-breakdown | Three-source breakdown feeding the Financial Profile dashboard: local trade_hist… |
GET | /v1/profile/reference-wallets | User's watchlist of external wallet addresses. |
PUT | /v1/profile/reference-wallets | Replace the watchlist atomically. Server validates EVM (0x + 40 hex) and Solan… |
Learned preferences
| Method | Path | Description |
|---|---|---|
GET | /v1/learned-preferences | Inferred behavioural preferences awaiting your call (proposed / active / depreca… |
POST | /v1/learned-preferences/:id/:action | Transition one learned preference. Approve makes it active and brings it into th… |
GET | /v1/learned-preferences/:id | Full record for one learned preference id (description, signal strength, history… |
GET | /v1/watchlist | User-curated symbol watchlist persisted on the profile. |
PUT | /v1/watchlist | Replace the watchlist (max 100 symbols). |
GET | /v1/runtime-preferences | Returns the sub-feature toggle schema, current overrides, and the resolved value… |
PUT | /v1/runtime-preferences | Batch apply user overrides with all-or-nothing validation. Supports If-Match con… |
GET | /v1/runtime-preferences/critical-unlock-status | Read whether critical-tier toggles are currently unlocked (via the CLI minara s… |
POST | /v1/runtime-preferences/critical-unlock | Issue a short-lived unlock that lets a subsequent PUT /v1/runtime-preferences fl… |
POST | /v1/runtime-preferences/sign-ack | Mint a short-lived signed ack token consumed by the next PUT /v1/runtime-prefere… |
GET | /v1/runtime-preferences/events | Server-sent stream emitting saved \{ revision, lifecycleEffects \} whenever runt… |
GET | /v1/credentials/families | Returns the provider-family registry (web search, market data, embeddings, cloud… |
PUT | /v1/credentials/families/:id | Writes overrides for a single provider family into ~/.minara/runtime-credential… |
DELETE | /v1/credentials/families/:id/field/:envVar | Remove a single field's override (reverts to env-derived fallback). |
Notifications
| Method | Path | Description |
|---|---|---|
GET | /v1/notifications | Recent in-app notifications (newest first) plus an unread_count. A notificatio… |
DELETE | /v1/notifications | Delete every notification. Returns \{ ok, cleared \}. |
GET | /v1/notifications/stream | Server-sent stream emitting a notification event whenever a new notification i… |
POST | /v1/notifications/read-all | Mark every unread notification as read. Returns \{ ok, updated \}. |
POST | /v1/notifications/:id/read | Mark a single notification read (idempotent). Returns \{ ok: true, updated \} — … |
DELETE | /v1/notifications/:id | Delete a single notification by id. |
Learning & methodology
| Method | Path | Description |
|---|---|---|
GET | /v1/memory/trading-cases/stats | 4-number snapshot for the Trading-cases dashboard: total cases, last 30 days, wi… |
GET | /v1/memory/trading-cases/methodology-trend | Per-week timeseries of outcome_alpha_return for the top-N methodologies over t… |
GET | /v1/memory/methodologies | Top-N methodologies ranked by Wilson-lower confidence, with case count, asset cl… |
GET | /v1/memory/methodology-cases | Read the methodology_cases table directly. Powers the audit ledger drawer; row… |
GET | /v1/memory/trading-cases/:id | Full row JSON for one methodology_cases.id. Used by the right-side Drawer in t… |
Skills
| Method | Path | Description |
|---|---|---|
GET | /v1/skills | Every registered domain skill the agent can activate. Each entry carries activat… |
POST | /v1/skills/reload | Re-mirror vendored external skill packages into the sandbox and re-register them… |
Workflows
| Method | Path | Description |
|---|---|---|
POST | /v1/workflows/batch/actions | Apply the same action (activate / deactivate / pause / delete) to many workflows… |
POST | /v1/workflows/import/n8n | Convert an n8n workflow JSON into a local Minara workflow definition. Idempotent… |
GET | /v1/workflows/:id | Full workflow definition by <backend>:<rawId> (or legacy unprefixed id, defaul… |
PATCH | /v1/workflows/:id | Edit a workflow's draft / metadata / steps. |
DELETE | /v1/workflows/:id | Soft-delete a workflow definition; running instances continue. |
POST | /v1/workflows/:id/run | Kick off a one-shot execution of the workflow. |
POST | /v1/workflows/:id/pause | Pause the running instance(s) of a workflow. |
POST | /v1/workflows/:id/activate | Set the workflow's active flag to true (eligible for triggers). |
POST | /v1/workflows/:id/deactivate | Set the workflow's active flag to false (no new trigger fires). |
POST | /v1/workflows/:id/validate | Static + simulated validation of a workflow draft before publish. |
POST | /v1/workflows/:id/publish | Promote the draft revision to the active definition. |
POST | /v1/workflows/:id/test | Dry-run a workflow with operator-supplied input for previewing. |
POST | /v1/workflows/from-template | Render one of the curated landing-page templates into a real WorkflowDefinition … |
POST | /v1/workflows/generate | LLM authoring: turns a plain-language description into a validated WorkflowDefin… |
POST | /v1/workflows/:id/refine | Open an SSE stream that streams cluster events as the LLM edits the workflow def… |
GET | /v1/workflows/:id/refine/stream | SSE endpoint that replays the active refine session's event buffer in order, the… |
GET | /v1/workflows/:id/executions | Recent execution instances for one workflow. |
GET | /v1/workflows/:id/export/n8n | Convert a Minara workflow back to the n8n JSON format. |
GET | /v1/workflows/:id/executions/:instanceId | Full state for one workflow execution instance. |
DELETE | /v1/workflows/:id/executions/:instanceId | Remove the persisted record of one execution instance. |
POST | /v1/workflows/:id/instances/:instanceId/resume | Resume an instance that's currently waiting on a confirm step. |
POST | /v1/workflows/:id/instances/:instanceId/cancel | Cancel a running execution. The cancellation reason is logged. |
Stats
| Method | Path | Description |
|---|---|---|
GET | /v1/stats | Token + cost + tool-call counters bucketed by chat session. |
POST | /v1/telemetry/block-action | Fire-and-forget click record for a ui_block event (UBP v1). Posted by the web-… |
LLM provider
| Method | Path | Description |
|---|---|---|
GET | /v1/llm/default-model | The model id the agent loop currently uses for new turns. |
PUT | /v1/llm/default-model | Switch the agent loop to a different model id. Validated against the live avail… |
GET | /v1/llm/available-models | Models the gateway can dispatch to, grouped by provider. Reflects the user's act… |
POST | /v1/llm/available-models/refresh | Force a live re-fetch of the active provider's model catalog, bypassing the in-m… |
GET | /v1/shortcut-questions | Hand-authored fixed lists plus LLM-generated dynamic questions per category, use… |
Theme
| Method | Path | Description |
|---|---|---|
GET | /v1/theme | Web-UI theme preference (light/dark/system + accent). |
POST | /v1/theme | Update the persisted theme preference. |
Gateway
| Method | Path | Description |
|---|---|---|
GET | /v1/gateway/providers | Inbound messaging providers registered with the gateway (Slack, Lark, etc). |
POST | /v1/gateway/providers/:id/fields/:envVar/reveal | Return the plaintext value of a single masked credential field (e.g. TELEGRAM_B… |
POST | /v1/gateway/providers/:id/oauth/init | Begin a Google OAuth consent flow for an OAuth-style messaging provider (email-… |
GET | /studio/p/:pageId | Serve a generated Data Studio dashboard as a standalone HTML page on its own lin… |
Migrate
| Method | Path | Description |
|---|---|---|
GET | /v1/migrate/manifest | List the data sets that can be exported (memories, profile, prefs, workflows). P… |
POST | /v1/migrate/export | Bundle the requested manifest entries into a portable JSON blob for backup / mig… |
POST | /v1/migrate/import | Restore from a previously exported bundle. Idempotent on stable ids (memories, p… |
Admin
| Method | Path | Description |
|---|---|---|
GET | /v1/admin/script-risk/decisions | Audit log of the script-risk gate's decisions in front of execute_code / term… |
GET | /v1/admin/script-risk/decisions/:id | Full audit record for one script-risk gate decision. |
GET | /v1/consent/grants | List authoring-time consent grants for Tier-3 / Tier-4 tools running from cron /… |
POST | /v1/consent/grants | Record operator authorization for a Tier-3 / Tier-4 tool call scheduled to run f… |
GET | /v1/consent/grants/:id | Return the full record for one consent grant. |
DELETE | /v1/consent/grants/:id | Mark a grant revoked. Subsequent autonomous calls to the tool under the same sco… |
POST | /v1/consent/grants/requirements | Dry-run scan of a draft cron / workflow / agent definition for Tier-3 / Tier-4 t… |
Config
| Method | Path | Description |
|---|---|---|
GET | /v1/config/financial-profile | Debug endpoint. Returns the effective FinancialProfileConfig currently loaded … |
GET | /v1/config/financial-profile | Current resolved FinancialProfileConfig — useful when debugging why a rebuild … |
Authentication
| Method | Path | Description |
|---|---|---|
POST | /v1/auth/elevenlabs/api-key | Save an ElevenLabs key for speech synthesis and transcription. Validated against… |
GET | /v1/auth/status | List all configured auth profiles (OpenAI / Anthropic / OpenRouter / Minara). |
POST | /v1/auth/oauth/openai/init | Start an OpenAI Codex device-code login flow. Returns \{ flowId, userCode, verif… |
GET | /v1/auth/oauth/openai/poll | Poll an in-flight OpenAI device-code flow by flowId (from /v1/auth/oauth/open… |
GET | /v1/auth/oauth/openai/callback | Retired in 2026-05. The previous PKCE-loopback redirect target now returns 410 G… |
POST | /v1/auth/oauth/openrouter/init | Start an OpenRouter OAuth PKCE flow. |
GET | /v1/auth/oauth/openrouter/callback | OAuth redirect target for OpenRouter. |
POST | /v1/auth/openrouter/api-key | Skip the OAuth flow and register an OpenRouter API key directly. |
POST | /v1/auth/oauth/anthropic/init | Start the Anthropic device-flow reuse path (reuses an existing Claude CLI login)… |
POST | /v1/auth/oauth/anthropic/exchange | Complete the Anthropic device flow by exchanging the verifier for credentials. |
DELETE | /v1/auth/:provider | Remove a stored auth profile. :provider is openai |
POST | /v1/auth/oauth/xai/init | Start a SuperGrok-style PKCE flow against auth.x.ai. The gateway binds the loopb… |
GET | /v1/auth/oauth/flows/:flowId | Query the in-process orchestrator for the status of an in-flight web-OAuth flow.… |
DELETE | /v1/auth/oauth/flows/:flowId | Cancel an in-flight web-OAuth flow — closes the bound loopback port immediately … |
POST | /v1/auth/openai/api-key | Save an OpenAI platform API key (api.openai.com). Validates via GET /v1/models b… |
POST | /v1/auth/anthropic/api-key | Save an Anthropic platform API key. Validates via GET /v1/models before persisti… |
POST | /v1/auth/xai/api-key | Save an xAI (Grok) API key. Validates via GET /v1/models before persisting. |
POST | /v1/auth/ollama/api-key | Save an Ollama Cloud API key. Validates the key against the configured Ollama ho… |
GET | /v1/auth/preferred-provider | Read the user's explicit "Use this provider" override from auth-profiles.json. s… |
PUT | /v1/auth/preferred-provider | Set or clear the preferred provider override. Live-probes the selected credentia… |
GET | /v1/security/totp/status | Projection of /auth/me through the agent's normalizeTotpStatus adapter. Retu… |
GET | /v1/user/wallet-addresses | Verbatim pass-through of /auth/me's wallets object, filtered to string-value… |
GET | /v1/user/profile | Display identity for the account menu. Projects the signed-in Minara account's ``… |
POST | /v1/security/totp/generate | Mints a fresh TOTP secret + QR code URL + backup codes for the user to add to an… |
POST | /v1/security/totp/enable | Activates TOTP after the user proves they configured the authenticator by submit… |
POST | /v1/security/totp/disable | Turns TOTP off without removing the device binding. Requires both a fresh TOTP c… |
POST | /v1/security/totp/verify | Agent-internal verifier used by the Settings page to confirm the user can read a… |
POST | /v1/security/totp/unbind | Irrevocably removes the authenticator binding — re-enabling requires a fresh sca… |
POST | /v1/security/email-code | Triggers POST /auth/email/code upstream so the user can receive a fresh verifi… |
PUT | /v1/security/totp/settings | Independently toggle new-device-login and withdraw TOTP requirements. The withdr… |
POST | /v1/auth/minara/oauth/start | Kick off the Minara platform OAuth 2.0 + PKCE login. Binds a loopback callback s… |
POST | /v1/auth/minara/oauth/poll | Poll the in-flight OAuth flow by flow_id. Returns pending until the callback fir… |
POST | /v1/auth/oauth/minara/init | Alias of the Minara OAuth start under the shared provider-reauth namespace. Runs… |
DELETE | /v1/auth/minara | Forget the stored Minara token; subsequent calls become unauthenticated. |