basePath: / definitions: chat_svc.EventMessageAdded: properties: threadId: type: string type: object chat_svc.EventThreadAdded: properties: threadId: type: string type: object chat_svc.EventThreadUpdate: properties: threadId: type: string type: object chat_svc.ListMessagesRequest: properties: ids: items: type: string type: array threadId: type: string type: object chat_svc.ListMessagesResponse: properties: messages: items: $ref: '#/definitions/chat_svc.Message' type: array type: object chat_svc.ListThreadsRequest: properties: ids: items: type: string type: array type: object chat_svc.ListThreadsResponse: properties: threads: items: $ref: '#/definitions/chat_svc.Thread' type: array type: object chat_svc.Message: properties: createdAt: type: string fileIds: description: FileIds defines the file attachments the message has. items: type: string type: array id: example: msg_emSOPlW58o type: string meta: additionalProperties: true type: object text: description: Text content of the message eg. "Hi, what's up?" type: string threadId: description: ThreadId of the message. example: thr_emSOeEUWAg type: string updatedAt: type: string userId: description: |- UserId is the id of the user who wrote the message. For AI messages this field is empty. type: string required: - createdAt - id - threadId - updatedAt type: object chat_svc.SaveMessageRequest: properties: fileIds: description: FileIds defines the file attachments the message has. items: type: string type: array id: example: msg_emSOPlW58o type: string meta: additionalProperties: true type: object text: description: Text content of the message eg. "Hi, what's up?" type: string threadId: description: ThreadId of the message. example: thr_emSOeEUWAg type: string userId: description: |- UserId is the id of the user who wrote the message. For AI messages this field is empty. type: string type: object chat_svc.SaveThreadRequest: properties: id: example: thr_emSQnpJbhG type: string title: description: Title of the thread. type: string topicIds: description: |- TopicIds defines which topics the thread belongs to. Topics can roughly be thought of as tags for threads. items: type: string type: array userIds: description: UserIds the ids of the users who can see this thread. items: type: string type: array type: object chat_svc.SaveThreadResponse: properties: thread: $ref: '#/definitions/chat_svc.Thread' type: object chat_svc.Thread: properties: createdAt: type: string id: example: thr_emSQnpJbhG type: string title: description: Title of the thread. type: string topicIds: description: |- TopicIds defines which topics the thread belongs to. Topics can roughly be thought of as tags for threads. items: type: string type: array updatedAt: type: string userIds: description: UserIds the ids of the users who can see this thread. items: type: string type: array required: - createdAt - id - updatedAt type: object config_svc.Config: properties: appId: type: string branch: type: string createdAt: type: string data: additionalProperties: true type: object dataJson: type: string id: description: CamelCased slugs of the config owners type: string internalId: type: string updatedAt: type: string version: type: string required: - appId - branch - createdAt - data - dataJson - id - updatedAt type: object config_svc.ListConfigsRequest: properties: appHost: example: shoes.com type: string branch: description: Branch specifies the branch to get configs from. type: string ids: description: |- Ids are camelCased slugs of the config owners. Specifying only the ids will mean all of the config will be returned for that key. If the configs are large, consider using the `Selector` request field. items: type: string type: array scope: allOf: - $ref: '#/definitions/config_svc.ListConfigsScope' example: branch selector: additionalProperties: items: type: string type: array description: |- Selector allows dotPath-based filtering per config owner. Example: { "user1": ["settings.theme", "featureFlags.enableNewUI"], "user2": ["settings.language"] } type: object required: - appHost type: object config_svc.ListConfigsResponse: properties: configs: additionalProperties: $ref: '#/definitions/config_svc.Config' description: "Configs is a map of camelcase owner slug to Config.\nEg.\n{\n\t\"testUserSlug0\": {\n \"id\": \"testUserSlug0\",\n \"data\": {\n \"key1\": \"value1\",\n \ \"key2\": \"value2\"\n }\n\t}\n}" type: object required: - configs type: object config_svc.ListConfigsScope: enum: - all - branch type: string x-enum-varnames: - ListConfigsScopeAll - ListConfigsScopeBranch config_svc.ListVersionsRequest: properties: afterJson: type: string appHost: example: shoes.com type: string branch: description: Branch specifies the branch to get versions from. type: string ids: description: |- Ids are camelCased slugs of the config owners. Specifying only the ids will mean all of the config will be returned for that key. If the configs are large, consider using the `Selector` request field. items: type: string type: array limit: type: integer selector: additionalProperties: items: type: string type: array description: |- Selector allows dotPath-based filtering per config owner. Example: { "user1": ["settings.theme", "featureFlags.enableNewUI"], "user2": ["settings.language"] } type: object versionIds: items: type: string type: array required: - appHost type: object config_svc.ListVersionsResponse: properties: afterJson: description: |- AfterJson is the cursor to fetch the next page, encoded as a JSON array string. e.g. '["2023-08-01T12:00:00Z","versid-123"]' type: string versions: description: Versions across all IDs, sorted by CreatedAt descending. items: $ref: '#/definitions/config_svc.Version' type: array type: object config_svc.SaveConfigRequest: properties: appHost: description: |- AppHost can only be specified by users who have the `config-svc:config:edit-on-behalf` permission, who are typically admins. If not specified, the config will be saved for the current app of the user's token. type: string branch: description: Branch specifies the branch to get configs from. type: string data: additionalProperties: true type: object dataJson: type: string id: description: |- Id is the slug of the owner to save the config for. Only user with the `config-svc:config:edit-on-behalf` can specify this. For everyone else, it is automatically set to the slug of the caller user. type: string type: object config_svc.SaveConfigResponse: type: object config_svc.Version: properties: appId: type: string branch: type: string createdAt: type: string data: additionalProperties: true type: object dataJson: type: string id: description: |- CamelCased slugs of the config owners. Same as Config.Id. type: string internalId: type: string updatedAt: type: string versionId: type: string required: - appId - branch - createdAt - data - dataJson - id - updatedAt - versionId type: object container_svc.Asset: properties: envVarKey: type: string url: type: string required: - envVarKey - url type: object container_svc.BuildImageRequest: properties: contextPath: description: ContextPath is the local path to the build context example: . type: string dockerfilePath: description: DockerfilePath is the local path to the Dockerfile example: Dockerfile type: string name: description: Name is the name of the image to build example: nginx:latest type: string required: - contextPath - name type: object container_svc.BuildImageResponse: type: object container_svc.Capabilities: properties: gpuEnabled: description: GPUEnabled specifies whether GPU support is enabled for the container. type: boolean type: object container_svc.Container: properties: assets: description: |- Assets maps environment variable names to file URLs. Example: {"MODEL": "https://huggingface.co/TheBloke/Mistral-7B-Instruct-v0.2-GGUF/resolve/main/mistral-7b-instruct-v0.2.Q2_K.gguf"} These files are downloaded by the File Svc and mounted in the container. The environment variable `MODEL` will point to the local file path in the container. items: $ref: '#/definitions/container_svc.Asset' type: array capabilities: allOf: - $ref: '#/definitions/container_svc.Capabilities' description: Capabilities define additional runtime features, such as GPU support. envs: description: Envs are environment variables set within the container. items: $ref: '#/definitions/container_svc.EnvVar' type: array hash: description: Hash is a unique identifier associated with the container. type: string id: description: Id is the unique identifier for the container instance. type: string image: description: Image is the Docker image used to create the container. type: string keeps: description: |- Keeps are paths that persist across container restarts. They function like mounts or volumes, but their external storage location is irrelevant. items: $ref: '#/definitions/container_svc.Keep' type: array labels: description: Labels are metadata tags assigned to the container. items: $ref: '#/definitions/container_svc.Label' type: array names: description: Names are the human-readable aliases assigned to the container. items: type: string type: array network: allOf: - $ref: '#/definitions/container_svc.Network' description: Network contains networking-related information for the container. nodeId: description: |- Node Id Please see the documentation for the envar OB_NODE_ID type: string ports: description: Ports maps host ports (keys) to container ports (values). items: $ref: '#/definitions/container_svc.PortMapping' type: array resources: allOf: - $ref: '#/definitions/container_svc.Resources' description: Resources defines CPU, memory, and disk constraints for the container. runtime: description: Runtime specifies the container runtime (e.g., Docker, containerd, etc.). type: string status: description: Status indicates the current state of the container (e.g., running, stopped). type: string volumes: description: Volumes mounted by the container. items: $ref: '#/definitions/container_svc.Volume' type: array type: object container_svc.ContainerIsRunningResponse: properties: isRunning: type: boolean required: - isRunning type: object container_svc.DaemonInfoResponse: properties: address: type: string available: type: boolean error: type: string required: - available type: object container_svc.EnvVar: properties: key: description: Key is the environment variable name. type: string value: description: Value is the environment variable value. type: string required: - key - value type: object container_svc.ErrorResponse: properties: error: type: string type: object container_svc.GetContainerSummaryResponse: properties: logs: type: string status: type: string summary: description: DEPRECATED. Summary contains both Status and Logs. type: string required: - logs - status - summary type: object container_svc.GetHostResponse: properties: host: type: string required: - host type: object container_svc.ImagePullableResponse: properties: pullable: type: boolean required: - pullable type: object container_svc.Keep: properties: path: description: Path is the absolute path inside the container for the folder that should persist across restarts. type: string readOnly: description: ReadOnly indicates whether the keep is read-only. type: boolean required: - path type: object container_svc.Label: properties: key: type: string value: type: string required: - key - value type: object container_svc.ListContainersRequest: properties: containerId: type: string limit: type: integer nodeId: type: string type: object container_svc.ListContainersResponse: properties: containers: items: $ref: '#/definitions/container_svc.Container' type: array type: object container_svc.ListLogsRequest: properties: containerId: type: string limit: type: integer nodeId: type: string type: object container_svc.ListLogsResponse: properties: logs: items: $ref: '#/definitions/container_svc.Log' type: array type: object container_svc.Log: properties: containerId: description: |- ContainerId is the raw underlying container ID. Eg. Docker container id. Node local. type: string content: type: string createdAt: type: string id: type: string nodeId: description: |- Node Id Please see the documentation for the envar OB_NODE_ID type: string required: - createdAt type: object container_svc.Network: properties: ipAddress: description: IPAddress is the assigned IP address of the container. type: string macAddress: description: MacAddress is the container's MAC address if applicable. type: string mode: description: Mode specifies the container's network mode (e.g., bridge, host, none, custom). type: string type: object container_svc.PortMapping: properties: host: type: integer internal: type: integer required: - host - internal type: object container_svc.Resources: properties: cpu: description: CPU cores allocated to the container (e.g., 0.5 = 500m, 2 = 2 cores). type: number diskMB: description: Disk space allocated to the container in megabytes. type: integer memoryMB: description: Memory allocated to the container in megabytes. type: integer type: object container_svc.RunContainerRequest: properties: assets: description: |- Assets maps environment variable names to file URLs. Example: {"MODEL": "https://huggingface.co/TheBloke/Mistral-7B-Instruct-v0.2-GGUF/resolve/main/mistral-7b-instruct-v0.2.Q2_K.gguf"} These files are downloaded by the File Svc and mounted in the container. The environment variable `MODEL` will point to the local file path in the container. items: $ref: '#/definitions/container_svc.Asset' type: array capabilities: allOf: - $ref: '#/definitions/container_svc.Capabilities' description: Capabilities define additional runtime features, such as GPU support. envs: description: Envs are environment variables set within the container. items: $ref: '#/definitions/container_svc.EnvVar' type: array hash: description: Hash is a unique identifier for the container type: string image: description: Image is the Docker image to use for the container example: nginx:latest type: string keeps: description: |- Keeps are paths that persist across container restarts. They function like mounts or volumes, but their external storage location is irrelevant. items: $ref: '#/definitions/container_svc.Keep' type: array labels: description: Labels are metadata tags assigned to the container. items: $ref: '#/definitions/container_svc.Label' type: array names: description: Names are the human-readable aliases assigned to the container. items: type: string type: array ports: description: Ports maps host ports (keys) to container ports (values). items: $ref: '#/definitions/container_svc.PortMapping' type: array required: - image type: object container_svc.RunContainerResponse: properties: ports: description: Ports is returned here as host ports might get mapped dynamically. items: $ref: '#/definitions/container_svc.PortMapping' type: array started: type: boolean type: object container_svc.StopContainerRequest: properties: id: example: 4378b76e05ba type: string name: example: sup-container-x type: string type: object container_svc.StopContainerResponse: type: object container_svc.Volume: properties: destination: description: Destination is the path inside the container. type: string readOnly: description: ReadOnly indicates whether the mount is read-only. type: boolean source: description: Source is the host path or volume name. type: string type: object data_svc.CreateObjectFields: properties: authors: description: |- Authors is a list of user ID and organization ID who created the object. If an organization ID is not provided, the currently active organization will be queried from the User Svc. example: - '[' items: type: string type: array data: additionalProperties: true type: object deleters: description: |- Deleters is a list of user IDs and role IDs that can delete the object. `_self` can be used to refer to the caller user's userId and `_org` can be used to refer to the user's currently active organization (if exists). items: type: string type: array id: type: string readers: description: |- Readers is a list of user IDs and role IDs that can read the object. `_self` can be used to refer to the caller user's userId and `_org` can be used to refer to the user's currently active organization (if exists). items: type: string type: array table: type: string writers: description: |- Writers is a list of user IDs and role IDs that can write the object. `_self` can be used to refer to the caller user's userId and `_org` can be used to refer to the user's currently active organization (if exists). items: type: string type: array required: - data - table type: object data_svc.CreateObjectRequest: properties: object: $ref: '#/definitions/data_svc.CreateObjectFields' type: object data_svc.CreateObjectResponse: properties: object: $ref: '#/definitions/data_svc.Object' type: object data_svc.DeleteObjectRequest: properties: filters: items: $ref: '#/definitions/datastore.Filter' type: array table: type: string type: object data_svc.DeleteObjectResponse: type: object data_svc.ErrorResponse: properties: error: type: string type: object data_svc.Object: properties: authors: description: |- Authors is a list of user ID and organization ID who created the object. The authors field tracks which users or organizations created an entry, helping to prevent spam. If an organization ID is not provided, the currently active organization will be queried from the User Svc. example: - '[' items: type: string type: array createdAt: type: string data: additionalProperties: true type: object deleters: description: |- Deleters is a list of user IDs and role IDs that can delete the object. `_self` can be used to refer to the caller user's userId and `_org` can be used to refer to the user's currently active organization (if exists). example: - '[' items: type: string type: array id: type: string readers: description: |- Readers is a list of user IDs and role IDs that can read the object. `_self` can be used to refer to the caller user's userId and `_org` can be used to refer to the user's currently active organization (if exists). example: - '[' items: type: string type: array table: type: string updatedAt: type: string writers: description: |- Writers is a list of user IDs and role IDs that can write the object. `_self` can be used to refer to the caller user's userId and `_org` can be used to refer to the user's currently active organization (if exists). example: - '[' items: type: string type: array required: - createdAt - data - table - updatedAt type: object data_svc.QueryRequest: properties: query: $ref: '#/definitions/datastore.Query' readers: items: type: string type: array table: type: string type: object data_svc.QueryResponse: properties: objects: items: $ref: '#/definitions/data_svc.Object' type: array type: object data_svc.UpdateObjectsRequest: properties: filters: description: |- Filters to determine which objects will be updated. Only objects matching all filters will be modified. items: $ref: '#/definitions/datastore.Filter' type: array object: allOf: - $ref: '#/definitions/data_svc.Object' description: The object containing the fields to update in matching objects. table: type: string type: object data_svc.UpdateObjectsResponse: type: object data_svc.UpsertObjectRequest: properties: object: $ref: '#/definitions/data_svc.CreateObjectFields' type: object data_svc.UpsertObjectResponse: properties: object: $ref: '#/definitions/data_svc.Object' type: object datastore.Filter: properties: fields: items: type: string type: array op: $ref: '#/definitions/datastore.Op' subFilters: description: SubFilters is used for operations like OR where multiple filters are combined. items: $ref: '#/definitions/datastore.Filter' type: array valuesJson: type: string type: object datastore.Op: enum: - or - equals - containsSubstring - startsWith - intersects - isInList type: string x-enum-varnames: - OpOr - OpEquals - OpContainsSubstring - OpStartsWith - OpIntersects - OpIsInList datastore.OrderBy: properties: desc: description: Desc indicates whether the sorting should be in descending order. type: boolean field: description: The field by which to order the results type: string sortingType: allOf: - $ref: '#/definitions/datastore.SortingType' description: Defines the type of sorting to apply (numeric, text, date, etc.) type: object datastore.Query: properties: afterJson: description: |- AfterJson is used for cursor-based pagination, which is more effective in scalable and distributed environments compared to offset-based pagination. type: string count: description: |- Count true means return the count of the dataset filtered by Filters without after or limit. type: boolean filters: description: |- Filters are filtering options of a query. It is advised to use It's advised to use helper functions in your respective client library such as filter constructors (`all`, `equal`, `contains`, `startsWith`) and field selectors (`field`, `fields`, `id`) for easier access. items: $ref: '#/definitions/datastore.Filter' type: array limit: description: Limit the number of records in the result set. type: integer orderBys: description: OrderBys order the result set. items: $ref: '#/definitions/datastore.OrderBy' type: array type: object datastore.SortingType: enum: - "" - numeric - text - date - random type: string x-enum-varnames: - SortingTypeDefault - SortingTypeNumeric - SortingTypeText - SortingTypeDate - SortingTypeRandom deploy_svc.AutoScalingConfig: properties: cpuThreshold: description: CPU usage threshold for scaling (as a percentage) type: integer maxReplicas: description: Maximum number of replicas to run type: integer minReplicas: description: Minimum number of replicas to run type: integer type: object deploy_svc.DeleteDeploymentRequest: properties: deploymentId: type: string required: - deploymentId type: object deploy_svc.DeleteDeploymentResponse: type: object deploy_svc.Deployment: properties: autoScaling: allOf: - $ref: '#/definitions/deploy_svc.AutoScalingConfig' description: 'Optional: Auto-scaling rules' definitionId: description: DefinitionId is the id of the definition example: def_deBXZMpxrQ type: string description: description: Description of what this deployment does example: Handles user service requests type: string details: description: |- Details provides additional information about the deployment's current state, including both success and failure conditions (e.g., "Deployment in progress", "Error pulling image"). example: Deployment is in progress type: string envars: additionalProperties: type: string description: |- Envars is a map of environment variables that will be passed down to service instances (see Registry Svc Instance) Also see the Registry Svc Definition for required envars. type: object id: description: ID of the deployment (e.g., "depl_dbOdi5eLQK") example: depl_dbOdi5eLQK type: string name: description: Short name for easy reference (e.g., "user-service-v2") example: user-service-v2 type: string replicas: description: Number of container instances to run type: integer resources: allOf: - $ref: '#/definitions/deploy_svc.ResourceLimits' description: Resource requirements for each replica status: allOf: - $ref: '#/definitions/deploy_svc.DeploymentStatus' description: Current status of the deployment (e.g., "OK", "Error", "Pending") example: OK strategy: allOf: - $ref: '#/definitions/deploy_svc.DeploymentStrategy' description: Deployment strategy (e.g., rolling update) targetRegions: description: Target deployment regions or clusters items: $ref: '#/definitions/deploy_svc.TargetRegion' type: array required: - definitionId - id type: object deploy_svc.DeploymentStatus: enum: - OK - Error - Pending - Failed - Deploying type: string x-enum-varnames: - DeploymentStatusOK - DeploymentStatusError - DeploymentStatusPending - DeploymentStatusFailed - DeploymentStatusDeploying deploy_svc.DeploymentStrategy: properties: maxSurge: description: Max extra replicas during update type: integer maxUnavailable: description: Max unavailable replicas during update type: integer type: allOf: - $ref: '#/definitions/deploy_svc.StrategyType' description: Deployment strategy type (RollingUpdate, Recreate, etc.) type: object deploy_svc.ErrorResponse: properties: error: type: string type: object deploy_svc.ListDeploymentsRequest: type: object deploy_svc.ListDeploymentsResponse: properties: deployments: items: $ref: '#/definitions/deploy_svc.Deployment' type: array type: object deploy_svc.ResourceLimits: properties: cpu: description: CPU limit, e.g., "500m" for 0.5 cores type: string memory: description: Memory limit, e.g., "128Mi" type: string vram: description: 'Optional: GPU VRAM requirement, e.g., "48GB"' type: string type: object deploy_svc.SaveDeploymentRequest: properties: deployment: $ref: '#/definitions/deploy_svc.Deployment' type: object deploy_svc.SaveDeploymentResponse: type: object deploy_svc.StrategyType: enum: - RollingUpdate - Recreate type: string x-enum-varnames: - StrategyRollingUpdate - StrategyRecreate deploy_svc.TargetRegion: properties: cluster: description: Cluster or node where service should be deployed (e.g., "us-west1", "local-docker") type: string zone: description: 'Optional: Specific zone for the deployment' type: string type: object email_svc.Attachment: properties: content: description: |- Base64-encoded file content. Use this for small files. Required for inline attachments (i.e., those not using File Svc, see FileId). type: string contentType: description: |- MIME type of the file (e.g., "application/pdf", "image/png") Required for inline attachments (i.e., those not using File Svc, see FileId). type: string fileId: description: |- A File Svc file ID. Requires the file to be uploaded separately. Recommended for mid to large-sized files. If this field is specified, all other fields are optional. type: string filename: description: |- File name for the attachment. Required for inline attachments (i.e., those not using File Svc, see FileId). type: string required: - contentType - filename type: object email_svc.ErrorResponse: properties: error: type: string type: object email_svc.SendEmailRequest: properties: attachments: description: List of file attachments (optional) items: $ref: '#/definitions/email_svc.Attachment' type: array bcc: description: List of BCC recipient email addresses (optional) items: type: string type: array body: description: Email body content (plain text or HTML) type: string cc: description: List of CC recipient email addresses (optional) items: type: string type: array contentType: description: 'Content type: "text/plain" or "text/html"' type: string id: description: Unique identifier type: string subject: description: Email subject line type: string to: description: List of recipient email addresses items: type: string type: array required: - body - subject - to type: object email_svc.SendEmailResponse: properties: emailId: description: Unique identifier for the sent email type: string status: description: Status of the email send operation ("sent", "queued", etc.) type: string type: object file_svc.Download: properties: createdAt: type: string downloadedBytes: description: DownloadedBytes exists to show the download progress in terms of the number of bytes already downloaded. format: int64 type: integer error: type: string fileName: type: string filePath: type: string fileSize: description: FileSize is the full final downloaded file size. format: int64 type: integer id: type: string progress: type: number status: type: string updatedAt: type: string url: type: string required: - createdAt - updatedAt type: object file_svc.DownloadFileRequest: properties: folderPath: type: string url: type: string required: - url type: object file_svc.DownloadsResponse: properties: downloads: items: $ref: '#/definitions/file_svc.Download' type: array type: object file_svc.ErrorResponse: properties: error: type: string type: object file_svc.GetDownloadResponse: properties: download: $ref: '#/definitions/file_svc.Download' exists: type: boolean required: - exists type: object file_svc.ListUploadsRequest: properties: after: description: After time value type: string limit: type: integer userId: type: string type: object file_svc.ListUploadsResponse: properties: uploads: items: $ref: '#/definitions/file_svc.Upload' type: array type: object file_svc.Upload: properties: createdAt: type: string fileId: description: Logical file ID spanning all replicas type: string fileName: description: Filename is the original name of the file type: string filePath: description: FilePath is the full node local path of the file type: string fileSize: format: int64 type: integer id: description: Unique ID for this replica type: string nodeId: description: ID of the node storing this replica type: string updatedAt: type: string userId: type: string required: - createdAt - fileId - fileName - filePath - fileSize - id - nodeId - updatedAt - userId type: object file_svc.UploadFileResponse: properties: upload: $ref: '#/definitions/file_svc.Upload' type: object firehose_svc.ErrorResponse: properties: error: type: string type: object firehose_svc.Event: properties: data: {} name: type: string type: object firehose_svc.EventPublishRequest: properties: event: $ref: '#/definitions/firehose_svc.Event' type: object image_svc.ErrorResponse: properties: error: type: string type: object model_svc.Architectures: properties: cuda: allOf: - $ref: '#/definitions/model_svc.CudaParameters' description: CUDA-specific container parameters, if applicable. default: allOf: - $ref: '#/definitions/model_svc.DefaultParameters' description: Default container configuration for non-GPU environments. type: object model_svc.Asset: properties: envVarKey: type: string url: type: string required: - envVarKey - url type: object model_svc.Container: properties: envars: description: Environment variables to be passed to the container (e.g., "DEVICES=all"). items: $ref: '#/definitions/model_svc.EnvVar' type: array imageTemplate: description: Template for constructing the container image name. type: string keeps: description: List of container paths that should persist across restarts. items: $ref: '#/definitions/model_svc.Keep' type: array port: description: Internal port exposed by the container. type: integer type: object model_svc.CudaParameters: properties: container: allOf: - $ref: '#/definitions/model_svc.Container' description: Container configuration related to CUDA usage. cudaVersionPrecision: description: |- Level of precision for selecting the CUDA version when resolving the container image. - 2 -> Use "major.minor" (e.g., "12.2") - 3 -> Use "major.minor.patch" (e.g., "12.2.0") type: integer defaultCudaVersion: description: Default CUDA version to use (e.g., "12.2" or "12.2.0"). type: string defaultCudnnVersion: description: Default cuDNN version to use alongside CUDA. type: string type: object model_svc.DefaultParameters: properties: container: $ref: '#/definitions/model_svc.Container' type: object model_svc.EnvVar: properties: key: description: Key is the environment variable name. type: string value: description: Value is the environment variable value. type: string type: object model_svc.ErrorResponse: properties: error: type: string type: object model_svc.GetModelResponse: properties: exists: type: boolean model: $ref: '#/definitions/model_svc.Model' platform: $ref: '#/definitions/model_svc.Platform' required: - exists - model - platform type: object model_svc.Keep: properties: path: description: Path is the absolute path inside the container for the folder that should persist across restarts. type: string readOnly: description: ReadOnly indicates whether the keep is read-only. type: boolean type: object model_svc.ListModelsResponse: properties: models: items: $ref: '#/definitions/model_svc.Model' type: array type: object model_svc.ListPlatformsResponse: properties: platforms: items: $ref: '#/definitions/model_svc.Platform' type: array required: - platforms type: object model_svc.MakeDefaultResponse: type: object model_svc.Model: properties: assets: items: $ref: '#/definitions/model_svc.Asset' type: array bits: type: integer description: type: string extension: type: string flavour: type: string fullName: type: string id: type: string maxBits: type: integer maxRam: type: number mirrors: items: type: string type: array name: type: string parameters: type: string platformId: type: string promptTemplate: type: string quality: type: string quantComment: type: string size: type: number tags: items: type: string type: array uncensored: type: boolean version: type: string required: - id - name - platformId type: object model_svc.ModelStatus: properties: address: type: string assetsReady: type: boolean running: description: "Running triggers onModelLaunch on the frontend.\n\tRunning is true when the model is both running and answering\n\t- fully loaded." type: boolean required: - address - assetsReady - running type: object model_svc.Platform: properties: architectures: $ref: '#/definitions/model_svc.Architectures' id: type: string name: type: string types: description: List of prompt types that the AI engine supports. items: $ref: '#/definitions/prompt_svc.PromptType' type: array version: type: integer type: object model_svc.StartResponse: type: object model_svc.StatusResponse: properties: status: $ref: '#/definitions/model_svc.ModelStatus' type: object policy_svc.BlocklistParameters: properties: blockedIPs: items: type: string type: array type: object policy_svc.CheckRequest: properties: endpoint: type: string ip: type: string method: type: string userId: type: string type: object policy_svc.CheckResponse: properties: allowed: type: boolean required: - allowed type: object policy_svc.Entity: enum: - userId - ip type: string x-enum-varnames: - EntityUserID - EntityIP policy_svc.ErrorResponse: properties: error: type: string type: object policy_svc.Instance: properties: endpoint: example: /user-svc/register type: string id: type: string parameters: $ref: '#/definitions/policy_svc.Parameters' templateId: allOf: - $ref: '#/definitions/policy_svc.TemplateId' example: rate-limit required: - parameters - templateId type: object policy_svc.Parameters: properties: blocklist: $ref: '#/definitions/policy_svc.BlocklistParameters' rateLimit: $ref: '#/definitions/policy_svc.RateLimitParameters' type: object policy_svc.RateLimitParameters: properties: entity: allOf: - $ref: '#/definitions/policy_svc.Entity' example: userId maxRequests: example: 10 type: integer scope: allOf: - $ref: '#/definitions/policy_svc.Scope' example: endpoint timeWindow: example: 1m type: string type: object policy_svc.Scope: enum: - endpoint - global type: string x-enum-varnames: - ScopeEndpoint - ScopeGlobal policy_svc.TemplateId: enum: - rate-limit - blocklist type: string x-enum-varnames: - TemplateIdRateLimit - TemplateIdBlocklist policy_svc.UpsertInstanceRequest: properties: instance: $ref: '#/definitions/policy_svc.Instance' type: object policy_svc.UpsertInstanceResponse: type: object prompt_svc.EngineParameters: properties: llamaCppParameters: $ref: '#/definitions/prompt_svc.LlamaCppParameters' stableDiffusion: $ref: '#/definitions/prompt_svc.StableDiffusionParameters' type: object prompt_svc.ErrorResponse: properties: error: type: string type: object prompt_svc.ListPromptsRequest: properties: query: $ref: '#/definitions/datastore.Query' type: object prompt_svc.ListPromptsResponse: properties: after: {} count: type: integer prompts: items: $ref: '#/definitions/prompt_svc.Prompt' type: array type: object prompt_svc.LlamaCppParameters: properties: template: description: Template of the prompt. Optional. If not present it's derived from ModelId. example: '[INST]{prompt}[/INST]' type: string type: object prompt_svc.Parameters: properties: textToImage: $ref: '#/definitions/prompt_svc.TextToImageParameters' textToText: $ref: '#/definitions/prompt_svc.TextToTextParameters' type: object prompt_svc.Prompt: properties: createdAt: description: CreatedAt is the time of the prompt creation. type: string engineParameters: allOf: - $ref: '#/definitions/prompt_svc.EngineParameters' description: AI engine/platform (eg. LlamaCpp, Stable Diffusion) specific parameters error: description: Error that arose during prompt execution, if any. type: string id: description: Id is the unique ID of the prompt. type: string lastRun: description: LastRun is the time of the last prompt run. type: string maxRetries: description: MaxRetries specified how many times the system should retry a prompt when it keeps erroring. example: 10 type: integer modelId: description: ModelId is just the 1Backend internal ID of the model. example: huggingface/TheBloke/mistral-7b-instruct-v0.2.Q3_K_S.gguf type: string parameters: allOf: - $ref: '#/definitions/prompt_svc.Parameters' description: |- AI engine/platform (eg. LlamaCpp, Stable Diffusion) agnostic parameters. Use these high level parameters when you don't care about the actual engine, only the functionality (eg. text to image, image to image) it provides. prompt: description: Prompt is the message itself eg. "What's a banana? example: What's a banana? type: string requestMessageId: type: string responseMessageId: type: string runCount: description: RunCount is the number of times the prompt was retried due to errors type: integer status: allOf: - $ref: '#/definitions/prompt_svc.PromptStatus' description: Status of the prompt. sync: description: |- Sync drives whether prompt add request should wait and hang until the prompt is done executing. By default the prompt just gets put on a queue and the client will just subscribe to a Thread Stream. For quick and dirty scripting however it's often times easier to do things syncronously. In those cases set Sync to true. type: boolean threadId: description: |- ThreadId is the ID of the thread a prompt belongs to. Clients subscribe to Thread Streams to see the answer to a prompt, or set `prompt.sync` to true for a blocking answer. type: string type: allOf: - $ref: '#/definitions/prompt_svc.PromptType' description: |- Type is inferred from the `Parameters` or `EngineParameters` field. Eg. A LLamaCpp prompt will be "Text-to-Text", a Stabel Diffusion one will be "Text-to-Image" etc. updatedAt: description: UpdatedAt is the last time the prompt was updated. type: string userId: description: UserId contains the ID of the user who submitted the prompt. type: string required: - prompt type: object prompt_svc.PromptRequest: properties: engineParameters: allOf: - $ref: '#/definitions/prompt_svc.EngineParameters' description: AI engine/platform (eg. Llama, Stable Diffusion) specific parameters id: description: Id is the unique ID of the prompt. type: string maxRetries: description: MaxRetries specified how many times the system should retry a prompt when it keeps erroring. example: 10 type: integer modelId: description: ModelId is just the 1Backend internal ID of the model. example: huggingface/TheBloke/mistral-7b-instruct-v0.2.Q3_K_S.gguf type: string parameters: allOf: - $ref: '#/definitions/prompt_svc.Parameters' description: |- AI engine/platform (eg. Llama, Stable Diffusion) agnostic parameters. Use these high level parameters when you don't care about the actual engine, only the functionality (eg. text to image, image to image) it provides. prompt: description: Prompt is the message itself eg. "What's a banana? example: What's a banana? type: string sync: description: |- Sync drives whether prompt add request should wait and hang until the prompt is done executing. By default the prompt just gets put on a queue and the client will just subscribe to a Thread Stream. For quick and dirty scripting however it's often times easier to do things synchronously. In those cases set Sync to true. type: boolean threadId: description: |- ThreadId is the ID of the thread a prompt belongs to. Clients subscribe to Thread Streams to see the answer to a prompt, or set `prompt.sync` to true for a blocking answer. type: string required: - prompt type: object prompt_svc.PromptResponse: properties: prompt: allOf: - $ref: '#/definitions/prompt_svc.Prompt' description: |- Prompt contains the details of the prompt that was just created by this request. This includes the ID, prompt text, status, and other associated metadata. responseMessage: allOf: - $ref: '#/definitions/chat_svc.Message' description: |- Response message contains the response text and files. This field is populated only for synchronous prompts (`sync = true`). For asynchronous prompts, the response will provided in the associated message identified by the `responseMessageId` of the `promptSvc.prompt` object once the prompt completes. type: object prompt_svc.PromptStatus: enum: - scheduled - running - completed - errored - abandoned - canceled type: string x-enum-varnames: - PromptStatusScheduled - PromptStatusRunning - PromptStatusCompleted - PromptStatusErrored - PromptStatusAbandoned - PromptStatusCanceled prompt_svc.PromptType: enum: - Image-Text-to-Text - Visual Question Answering - Document Question Answering - Text-to-Image - Image-to-Image - Image-to-Video - Unconditional Image Generation - Text-to-Video - Zero-Shot Image Classification - Zero-Shot Object Detection - Text-to-3D - Image-to-3D - Image Feature Extraction - Keypoint Detection - Text-to-Text - Question Answering - Translation - Summarization - Text Generation - Fill-Mask - Text-to-Speech - Text-to-Audio - Automatic Speech Recognition - Audio-to-Audio - Audio Classification - Reinforcement Learning - Robotics - Graph Machine Learning type: string x-enum-varnames: - PromptTypeImageTextToText - PromptTypeVisualQuestionAnswering - PromptTypeDocumentQuestionAnswering - PromptTypeTextToImage - PromptTypeImageToImage - PromptTypeImageToVideo - PromptTypeUnconditionalImageGeneration - PromptTypeTextToVideo - PromptTypeZeroShotImageClassification - PromptTypeZeroShotObjectDetection - PromptTypeTextTo3D - PromptTypeImageTo3D - PromptTypeImageFeatureExtraction - PromptTypeKeypointDetection - PromptTypeTextToText - PromptTypeQuestionAnswering - PromptTypeTranslation - PromptTypeSummarization - PromptTypeTextGeneration - PromptTypeFillMask - PromptTypeTextToSpeech - PromptTypeTextToAudio - PromptTypeAutomaticSpeechRecognition - PromptTypeAudioToAudio - PromptTypeAudioClassification - PromptTypeReinforcementLearning - PromptTypeRobotics - PromptTypeGraphMachineLearning prompt_svc.RemovePromptRequest: properties: promptId: type: string type: object prompt_svc.RemovePromptResponse: type: object prompt_svc.StableDiffusionParameters: properties: txt2Img: allOf: - $ref: '#/definitions/stable_diffusion.Txt2ImgRequest' description: Text to image parameters type: object prompt_svc.TextToImageParameters: properties: aspectRatio: description: Alternative way to specify dimensions (e.g., "16:9", "1:1"). type: string batchSize: description: Number of images to generate per batch. type: integer denoisingStrength: description: Controls how much variation is introduced in image modifications. type: number enableUpscaling: description: Whether to apply AI-based upscaling. type: boolean format: description: Output format for the generated image (png, jpg, webp, etc.). type: string guidanceScale: description: How closely the output should follow the prompt. type: number height: type: integer negativePrompt: description: A negative prompt to specify what should be avoided in the image. type: string numIterations: description: Number of batches to generate. type: integer prompt: description: |- The primary prompt for generating the image. Defaults to the top-level prompt if not specified. If both are provided (which should be avoided), this field takes precedence. type: string qualityPreset: description: Preset quality settings (e.g., Low, Medium, High, Ultra). type: string restoreFaces: description: Whether to enhance facial details for portraits. type: boolean scheduler: description: Specifies the sampling method used during generation. type: string seed: description: Optional seed for reproducibility. If not set, a random seed is used. type: integer steps: description: Number of inference steps for image generation. type: integer styles: description: List of artistic styles or themes to apply. items: type: string type: array width: description: Image dimensions (width and height in pixels). type: integer type: object prompt_svc.TextToTextParameters: properties: template: description: Template of the prompt. Optional. If not present it's derived from ModelId. example: '[INST]{prompt}[/INST]' type: string type: object prompt_svc.TypesRequest: type: object prompt_svc.TypesResponse: properties: chunk: $ref: '#/definitions/prompt_svc_stream.Chunk' type: object prompt_svc_stream.Chunk: properties: messageId: description: |- MessageId is the ChatSvc Message id that the chunk is part of. Might only be available for "done" chunks. type: string text: description: TextChunk contains a part of the text output from the stream. type: string type: allOf: - $ref: '#/definitions/prompt_svc_stream.ChunkType' description: Type indicates the type of the stream event (e.g., text, done). type: object prompt_svc_stream.ChunkType: enum: - progress - done type: string x-enum-varnames: - ChunkTypeProgress - ChunkTypeDone proxy_svc.Cert: properties: cert: description: |- PEM-encoded certificate bundle -----BEGIN EC PARAMETERS----- BggqhkjOPQMBBw== -----END EC PARAMETERS----- -----BEGIN EC PRIVATE KEY----- MHcCAQEEIDC3+7pySTQl6WRBuef... -----END EC PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIBhTCCASugAwIBAgIUQYwE... -----END CERTIFICATE----- type: string commonName: description: Subject Common Name (typically domain) type: string createdAt: description: When cert record was created type: string dnsNames: description: Subject Alternative Names (covered domains) items: type: string type: array id: description: Id is the host which this cert is for, e.g., "example.com" or "www.example.com" example: example.com type: string isCA: description: Whether cert is a CA (usually false for LE certs) type: boolean issuer: description: Certificate issuer name (e.g., Let's Encrypt) type: string notAfter: description: Cert validity end time type: string notBefore: description: Cert validity start time type: string publicKeyAlgorithm: description: Public key algorithm (e.g., RSA, ECDSA) type: string publicKeyBitLength: description: Bit length of the public key type: integer serialNumber: description: Unique certificate serial number type: string signatureAlgorithm: description: Algorithm used to sign the cert (e.g., SHA256-RSA) type: string updatedAt: description: When cert record was last updated type: string required: - cert - createdAt - id - updatedAt type: object proxy_svc.CertInput: properties: cert: description: |- PEM-encoded certificate bundle -----BEGIN EC PARAMETERS----- BggqhkjOPQMBBw== -----END EC PARAMETERS----- -----BEGIN EC PRIVATE KEY----- MHcCAQEEIDC3+7pySTQl6WRBuef... -----END EC PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIBhTCCASugAwIBAgIUQYwE... -----END CERTIFICATE----- type: string id: description: Id is the host which this cert is for, e.g., "example.com" or "www.example.com" example: example.com type: string required: - cert - id type: object proxy_svc.ErrorResponse: properties: error: type: string type: object proxy_svc.ListCertsRequest: properties: ids: items: type: string type: array type: object proxy_svc.ListCertsResponse: properties: certs: items: $ref: '#/definitions/proxy_svc.Cert' type: array type: object proxy_svc.ListRoutesRequest: properties: ids: items: type: string type: array type: object proxy_svc.ListRoutesResponse: properties: routes: items: $ref: '#/definitions/proxy_svc.Route' type: array type: object proxy_svc.Route: properties: id: description: |- Id is the routing key: host plus optional path prefix. Example: "x.com" -> root of the domain "x.com/path1" -> microfrontend at /path1 "x.com/path1/path2" -> deeper microfrontend mounted at /path1/path2 Use case: multiple microfrontends served under the same host but separated by URL path segments. For example: - Marketing site at x.com - Dashboard at x.com/app - Admin UI at x.com/app/admin Lookup algorithm: 1. Take the request host and path (e.g. "x.com/app/admin/users"). 2. Try to match the longest registered Id by progressively stripping trailing path segments: - x.com/app/admin/users (no match) - x.com/app/admin (match -> admin UI) 3. If still no match, strip again: - x.com/app (match -> dashboard) 4. If still no match, fallback to host-only route: - x.com (match -> marketing site) 5. If no host-only route exists, return 404. This provides deterministic longest-prefix routing without regex or rule engines, keeping the model simple but enabling path-based microfrontend composition. type: string target: type: string required: - id - target type: object proxy_svc.RouteInput: properties: id: description: Id is the host itself, e.g. "test.localhost" type: string target: type: string required: - id type: object proxy_svc.SaveCertsRequest: properties: certs: items: $ref: '#/definitions/proxy_svc.CertInput' type: array type: object proxy_svc.SaveCertsResponse: type: object proxy_svc.SaveRoutesRequest: properties: routes: items: $ref: '#/definitions/proxy_svc.RouteInput' type: array type: object proxy_svc.SaveRoutesResponse: properties: routes: items: $ref: '#/definitions/proxy_svc.Route' type: array type: object registry_svc.APISpec: properties: metadata: additionalProperties: type: string description: Additional metadata about the API (e.g., author, license, etc.) type: object protocolType: description: Protocol type (e.g., OpenAPI, Swagger, etc.) type: string url: description: URL to the OpenAPI file or other API definition type: string version: description: Version of the API specification (e.g., 3.0.0) type: string type: object registry_svc.Client: properties: language: allOf: - $ref: '#/definitions/registry_svc.Language' description: Programming language. example: JavaScript url: description: The URL of the client. example: https://example.com/client.js type: string required: - language - url type: object registry_svc.Definition: properties: apiSpecs: description: API Specs such as OpenAPI definitions etc. items: $ref: '#/definitions/registry_svc.APISpec' type: array clients: description: Programming language clients such as on npm or GitHub. items: $ref: '#/definitions/registry_svc.Client' type: array envars: description: |- Envars is a map of Renvironment variables that a deployment (see Deploy Svc Deployment) of this definition will REQUIRE to run. E.g., {"DB_URL": "mysql://user:password@host:port/db"} These will be injected into the service instances (see Registry Svc Instance) at runtime. The value of a key here is the default value. The actual value can be overridden at deployment time. items: $ref: '#/definitions/registry_svc.EnvVar' type: array id: type: string image: allOf: - $ref: '#/definitions/registry_svc.ImageSpec' description: |- Container specifications for Docker, K8s, etc. Use this to deploy already built images. ports: description: |- Ports have host ports and internal ports currently but they really only should have internal ports as host ports should be assigned by the system. Host ports might go away in the future. items: $ref: '#/definitions/registry_svc.PortMapping' type: array repository: allOf: - $ref: '#/definitions/registry_svc.RepositorySpec' description: |- Repository based definitions is an alternative to Image definitions. Instead of deploying an already built and pushed image, a source code repository url can be provided. The container will be built from the source. required: - id type: object registry_svc.EnvVar: properties: key: description: Key is the environment variable name. type: string value: description: Value is the environment variable value. type: string required: - key - value type: object registry_svc.ErrorResponse: properties: error: type: string type: object registry_svc.GPU: properties: busId: type: string computeMode: type: string cudaVersion: type: string gpuUtilization: type: number id: description: Id Node.URL + IntraNodeId type: string intraNodeId: type: integer memoryTotal: type: integer memoryUsage: type: integer name: type: string performanceState: type: string powerCap: type: number powerUsage: type: number processDetails: items: $ref: '#/definitions/registry_svc.Process' type: array temperature: type: number type: object registry_svc.ImageSpec: properties: internalPorts: description: InternalPorts are the ports the container will listen on internally items: type: integer type: array name: description: Name is the container image name/URL to use for the container example: nginx:latest type: string required: - internalPorts - name type: object registry_svc.Instance: properties: deploymentId: description: |- The ID of the deployment that this instance is an instance of. Only instances deployed by 1Backend have a DeploymentId. Services can be deployed through other means (Docker Compose, K8s, anything), in that case they self-register and will not have a DeploymentId. example: depl_deBUCtJirc type: string details: description: Details example: Instance is healthy type: string host: description: Host of the instance address. Required if URL is not provided example: myserver.com type: string id: description: 'Required: ID of the instance' example: inst_di9riJEvH2 type: string ip: description: 'IP of the instance address. Optional: to register by IP instead of host' example: 8.8.8.8 type: string lastHeartbeat: description: Last time the instance gave a sign of life type: string nodeUrl: description: |- NodeURL is the URL of the 1Backend server the instance is running on. To have a NodeURL the instance must either: - Be deployed by 1Backend - Declare the 1Backend server URL when registering its instance example: https://myserver.com:11337 type: string path: description: Path of the instance address. Optional (e.g., "/api") example: /your-svc type: string port: description: Port of the instance address. Required if URL is not provided example: 8080 type: integer scheme: description: Scheme of the instance address. Required if URL is not provided. example: https type: string slug: description: |- Slug of the account that owns this instance Services that want to be proxied by their slug are advised to self register their instance at startup. Keep in mind, instances might be deployed by 1Backend yet they still won't be 1Backend services and they won't have slugs. Think NGINX, MySQL, etc. example: my-svc type: string status: allOf: - $ref: '#/definitions/registry_svc.InstanceStatus' description: Status example: Healthy tags: description: Tags are used to filter instances example: - tag1 - tag2 items: type: string type: array url: description: Full address URL of the instance. example: https://myserver.com:5981 type: string required: - id - status - url type: object registry_svc.InstanceStatus: enum: - Unknown - Healthy - Degraded - Unreachable - Error type: string x-enum-comments: InstanceStatusDegraded: Instance is responding but with performance issues or partial failures InstanceStatusError: Instance encountered errors or failed multiple health checks InstanceStatusHealthy: Instance is fully operational and responding as expected InstanceStatusUnknown: Default state when the instance status is not yet determined InstanceStatusUnreachable: Instance is not reachable, possibly down or with network issues x-enum-varnames: - InstanceStatusUnknown - InstanceStatusHealthy - InstanceStatusDegraded - InstanceStatusUnreachable - InstanceStatusError registry_svc.Language: enum: - JavaScript - Python - Java - C# - C++ - Ruby - Go - Swift - PHP - TypeScript - Kotlin - Scala - Perl - Rust - Haskell - Clojure - Elixir - Objective-C - F# type: string x-enum-varnames: - JavaScript - Python - Java - CSharp - CPlusPlus - Ruby - Go - Swift - PHP - TypeScript - Kotlin - Scala - Perl - Rust - Haskell - Clojure - Elixir - ObjectiveC - FSharp registry_svc.ListDefinitionsResponse: properties: definitions: items: $ref: '#/definitions/registry_svc.Definition' type: array type: object registry_svc.ListInstancesResponse: properties: instances: items: $ref: '#/definitions/registry_svc.Instance' type: array type: object registry_svc.ListNodesRequest: properties: ids: description: Node IDs to filter on items: type: string type: array type: object registry_svc.ListNodesResponse: properties: nodes: items: $ref: '#/definitions/registry_svc.Node' type: array type: object registry_svc.Node: properties: availabilityZone: description: The availability zone of the node type: string gpus: description: List of GPUs available on the node items: $ref: '#/definitions/registry_svc.GPU' type: array id: description: 'Required: ID of the instance' example: node_di9riJEvH2 type: string lastHeartbeat: description: Last time the instance gave a sign of life type: string region: description: The region of the node type: string url: description: |- URL of the daemon running on the node. If not configured defaults to hostname + default 1Backend server port. type: string usage: allOf: - $ref: '#/definitions/registry_svc.ResourceUsage' description: Resource usage metrics of the node. required: - id - url type: object registry_svc.NodeSelfRequest: type: object registry_svc.NodeSelfResponse: properties: node: $ref: '#/definitions/registry_svc.Node' required: - node type: object registry_svc.PortMapping: properties: host: type: integer internal: type: integer required: - host - internal type: object registry_svc.Process: properties: memoryUsage: type: integer pid: type: integer processName: type: string type: object registry_svc.RegisterInstanceRequest: properties: deploymentId: description: The ID of the deployment that this instance is an instance of. example: depl_deBUCtJirc type: string host: description: Host of the instance address. Required if URL is not provided example: myserver.com type: string id: example: inst_di9riJEvH2 type: string ip: description: 'IP of the instance address. Optional: to register by IP instead of host' example: 8.8.8.8 type: string path: description: Path of the instance address. Optional (e.g., "/api") example: /your-svc type: string port: description: Port of the instance address. Required if URL is not provided example: 8080 type: integer scheme: description: Scheme of the instance address. Required if URL is not provided. example: https type: string url: description: Full address URL of the instance. example: https://myserver.com:5981 type: string required: - url type: object registry_svc.RegisterInstanceResponse: type: object registry_svc.RepositorySpec: properties: buildContext: description: Context is the path to the image build context example: path/to/subfolder type: string containerFile: description: |- ContainerFile is the path to the file that contains the container build instructions Relative from the build context. By default, it is assumed to be a Dockerfile. example: docker/Dockerfile type: string internalPorts: description: Ports the container will listen on internally items: type: integer type: array url: description: URL is the URL to the repository example: https://github.com/1backend/1backend.git type: string version: description: Version of the code to use example: v1.0.0 type: string required: - internalPorts - url type: object registry_svc.ResourceUsage: properties: cpu: allOf: - $ref: '#/definitions/registry_svc.Usage' description: CPU usage metrics. disk: allOf: - $ref: '#/definitions/registry_svc.Usage' description: Disk usage metrics. memory: allOf: - $ref: '#/definitions/registry_svc.Usage' description: Memory usage metrics. type: object registry_svc.SaveDefinitionRequest: properties: definition: $ref: '#/definitions/registry_svc.Definition' type: object registry_svc.SaveDefinitionResponse: type: object registry_svc.Usage: properties: percent: description: Usage percentage. type: number total: description: Total available amount (in bytes). format: int64 type: integer used: description: Used amount (in bytes). format: int64 type: integer type: object secret_svc.ChecksumAlgorithm: enum: - "" - CRC32 - BLAKE2s - SHA-256 - SHA-512 type: string x-enum-varnames: - ChecksumAlgorithmUnspecified - ChecksumAlgorithmCRC32 - ChecksumAlgorithmBlake2s - ChecksumAlgorithmSha256 - ChecksumAlgorithmSha512 secret_svc.DecryptValueRequest: properties: value: type: string values: items: type: string type: array type: object secret_svc.DecryptValueResponse: properties: value: type: string values: items: type: string type: array type: object secret_svc.EncryptValueRequest: properties: value: type: string values: items: type: string type: array type: object secret_svc.EncryptValueResponse: properties: value: type: string values: items: type: string type: array type: object secret_svc.IsSecureResponse: properties: isSecure: type: boolean required: - isSecure type: object secret_svc.ListSecretsRequest: properties: allApps: description: |- AllApps indicates whether to list secrets across all apps. If false, the app from the authentication context is used. type: boolean id: type: string ids: items: type: string type: array type: object secret_svc.ListSecretsResponse: properties: secrets: items: $ref: '#/definitions/secret_svc.Secret' type: array type: object secret_svc.RemoveSecretsRequest: properties: id: type: string ids: items: type: string type: array type: object secret_svc.RemoveSecretsResponse: type: object secret_svc.SaveSecretsRequest: properties: secrets: items: $ref: '#/definitions/secret_svc.SecretInput' type: array type: object secret_svc.SaveSecretsResponse: type: object secret_svc.Secret: properties: appId: type: string canChangeDeleters: description: Slugs of services/users who can change the deleters list items: type: string type: array canChangeReaders: description: Slugs of services/users who can change the readers list items: type: string type: array canChangeWriters: description: Slugs of services/users who can change the writers list items: type: string type: array checksum: description: Checksum of the secret value type: string checksumAlgorithm: allOf: - $ref: '#/definitions/secret_svc.ChecksumAlgorithm' description: Algorithm used for the checksum (e.g., "CRC32") example: CRC32 deleters: description: Slugs of services/users who can delete the secret items: type: string type: array encrypted: description: |- Whether the secret is encrypted All secrets are encrypted before written to the DB. This really only exists for write requests to know if the secret is already encrypted. Ie: while most `secret save [id] [value]` commands are probably not encrypted, File based saves, eg. `secret save secretA.yaml` are probably encrypted. type: boolean id: description: Envar- or slug-like id of the secret type: string internalId: type: string readers: description: Slugs of services/users who can read the secret items: type: string type: array value: description: Secret Value type: string writers: description: Slugs of services/users who can modify the secret items: type: string type: array required: - appId - id - value type: object secret_svc.SecretInput: properties: appHost: type: string canChangeDeleters: description: Slugs of services/users who can change the deleters list items: type: string type: array canChangeReaders: description: Slugs of services/users who can change the readers list items: type: string type: array canChangeWriters: description: Slugs of services/users who can change the writers list items: type: string type: array checksum: description: Checksum of the secret value type: string checksumAlgorithm: allOf: - $ref: '#/definitions/secret_svc.ChecksumAlgorithm' description: Algorithm used for the checksum (e.g., "CRC32") example: CRC32 deleters: description: Slugs of services/users who can delete the secret items: type: string type: array encrypted: description: |- Whether the secret is encrypted All secrets are encrypted before written to the DB. This really only exists for write requests to know if the secret is already encrypted. Ie: while most `secret save [id] [value]` commands are probably not encrypted, File based saves, eg. `secret save secretA.yaml` are probably encrypted. type: boolean id: description: Envar- or slug-like id of the secret type: string readers: description: Slugs of services/users who can read the secret items: type: string type: array value: description: Secret Value type: string writers: description: Slugs of services/users who can modify the secret items: type: string type: array required: - id type: object source_svc.CheckoutRepoRequest: properties: password: description: Password or token for HTTPS auth type: string ssh_key: description: SSH private key (optional for SSH connection) type: string ssh_key_pwd: description: Password for SSH private key if encrypted (optional) type: string token: description: Token for HTTPS auth (optional for SSH) type: string url: description: Full repository URL (e.g., https://github.com/user/repo) type: string username: description: Username for HTTPS or SSH user (optional for SSH) type: string version: description: Branch, tag, or commit SHA type: string type: object source_svc.CheckoutRepoResponse: properties: dir: description: Directory where the repository was checked out type: string type: object source_svc.ErrorResponse: properties: error: type: string type: object stable_diffusion.Txt2ImgRequest: properties: alwayson_scripts: additionalProperties: type: string type: object batch_size: type: integer cfg_scale: type: number comments: additionalProperties: type: string type: object denoising_strength: type: number disable_extra_networks: type: boolean do_not_save_grid: type: boolean do_not_save_samples: type: boolean enable_hr: type: boolean eta: type: number firstpass_image: type: string firstphase_height: type: integer firstphase_width: type: integer force_task_id: type: string height: type: integer hr_checkpoint_name: type: string hr_negative_prompt: type: string hr_prompt: type: string hr_resize_x: type: integer hr_resize_y: type: integer hr_sampler_name: type: string hr_scale: type: number hr_scheduler: type: string hr_second_pass_steps: type: integer hr_upscaler: type: string infotext: type: string n_iter: type: integer negative_prompt: type: string override_settings: additionalProperties: type: string type: object override_settings_restore_afterwards: type: boolean prompt: type: string refiner_checkpoint: type: string refiner_switch_at: type: number restore_faces: type: boolean s_churn: type: number s_min_uncond: type: number s_noise: type: number s_tmax: type: number s_tmin: type: number sampler_index: type: string sampler_name: type: string save_images: type: boolean scheduler: type: string script_args: items: type: string type: array script_name: type: string seed: type: integer seed_resize_from_h: type: integer seed_resize_from_w: type: integer send_images: type: boolean steps: type: integer styles: items: type: string type: array subseed: type: integer subseed_strength: type: number tiling: type: boolean width: type: integer type: object user_svc.App: properties: host: type: string id: type: string required: - host - id type: object user_svc.ChangePasswordRequest: properties: currentPassword: type: string newPassword: type: string required: - currentPassword - newPassword type: object user_svc.ChangePasswordResponse: type: object user_svc.Contact: properties: createdAt: type: string deletedAt: type: string handle: description: |- Handle is the platform local unique identifier. Ie. while the `id` of a Twitter contact is `twitter.com/thejoe`, the value will be only `thejoe`. For email and phones the `id` and the `value` will be the same. This field mostly exists for display purposes. Example values: "joe12" (1backend username), "thejoe" (twitter username), "joe@joesdomain.com" (email) example: thejoe type: string id: description: |- The unique identifier, which can be a URL. Example values: "joe12" (1backend username), "twitter.com/thejoe" (twitter url), "joe@joesdomain.com" (email) example: twitter.com/thejoe type: string isPrimary: description: If this is the primary contact method type: boolean platform: description: Platform of the contact (e.g., "email", "phone", "twitter") example: twitter type: string updatedAt: type: string userId: type: string verified: description: Whether the contact is verified type: boolean required: - createdAt - handle - id - platform - updatedAt - userId type: object user_svc.ContactInput: properties: id: description: |- The unique identifier, which can be a URL. Example values: "joe12" (1backend username), "twitter.com/thejoe" (twitter url), "joe@joesdomain.com" (email) example: twitter.com/thejoe type: string otpCode: type: string otpId: type: string platform: description: Platform of the contact (e.g., "email", "phone", "twitter") example: twitter type: string required: - id - platform type: object user_svc.CreateUserRequest: properties: appHost: example: shoes.com type: string contacts: items: $ref: '#/definitions/user_svc.Contact' type: array password: type: string roleIds: items: type: string type: array user: $ref: '#/definitions/user_svc.UserInput' type: object user_svc.CreateUserResponse: type: object user_svc.DeleteMembershipRequest: type: object user_svc.DeleteMembershipResponse: type: object user_svc.DeleteUserResponse: type: object user_svc.Enroll: properties: appId: description: |- App of the enroll. Use `*` to match all apps, such as when bootstrapping in services. type: string contactId: description: |- ContactId is the the recipient of the enroll. If the user is already registered, the role is assigned immediately; otherwise, it is applied upon registration. type: string createdAt: type: string createdBy: description: CreatedBy contains the ID of the user who created the Enroll. type: string deletedAt: type: string id: example: inv_fIYPbMHIcI type: string internalId: type: string role: description: |- Role specifies the role to be assigned to the ContactId. Callers can only assign roles they own, identified by their service slug (e.g., if "my-service" creates an enroll, the role must be "my-service:admin"). Dynamic organization roles can also be assigned (e.g., "user-svc:org:{%orgId}:admin" or "user-svc:org:{%orgId}:user"), but in this case, the caller must be an admin of the target organization. type: string updatedAt: type: string userId: description: |- UserId is the recipient of the enroll. If the user is already registered, the role is assigned immediately; otherwise, it is applied upon registration. type: string required: - appId - createdAt - id - role - updatedAt type: object user_svc.EnrollInput: properties: appHost: type: string contactId: description: |- ContactId is the the recipient of the enroll. If the user is already registered, the role is assigned immediately; otherwise, it is applied upon registration. type: string id: example: inv_fIYPbMHIcI type: string role: type: string userId: description: |- UserId is the recipient of the enroll. If the user is already registered, the role is assigned immediately; otherwise, it is applied upon registration. type: string required: - role type: object user_svc.ErrorResponse: properties: error: type: string type: object user_svc.ExchangeTokenRequest: properties: newAppHost: description: NewApp is the app of the new token that will be returned by this endpoint. type: string newAppId: type: string newDevice: description: NewDevice. If not provided, the device of the original token will be used. type: string type: object user_svc.ExchangeTokenResponse: properties: token: allOf: - $ref: '#/definitions/user_svc.Token' description: Token is the new token that will be returned by this endpoint. required: - token type: object user_svc.GetPublicKeyResponse: properties: publicKey: type: string required: - publicKey type: object user_svc.HasPermissionResponse: properties: app: $ref: '#/definitions/user_svc.App' appId: type: string authorized: type: boolean until: type: string user: $ref: '#/definitions/user_svc.User' required: - app - appId - authorized - until - user type: object user_svc.ListAppsRequest: properties: host: items: type: string type: array ids: items: type: string type: array type: object user_svc.ListAppsResponse: properties: apps: items: $ref: '#/definitions/user_svc.App' type: array required: - apps type: object user_svc.ListEnrollsRequest: properties: contactId: type: string role: type: string userId: type: string type: object user_svc.ListEnrollsResponse: properties: enrolls: items: $ref: '#/definitions/user_svc.Enroll' type: array required: - enrolls type: object user_svc.ListOrganizationsRequest: properties: afterTime: description: |- Organizations by default come back ordered desc by `createdAt` field. type: string ids: items: type: string type: array limit: type: integer type: object user_svc.ListOrganizationsResponse: properties: organizations: items: $ref: '#/definitions/user_svc.Organization' type: array type: object user_svc.ListPermissionsResponse: properties: permissions: items: type: string type: array type: object user_svc.ListPermitsRequest: properties: permission: type: string slug: type: string type: object user_svc.ListPermitsResponse: properties: permits: items: $ref: '#/definitions/user_svc.Permit' type: array type: object user_svc.ListUsersOrderBy: enum: - createdAt - updatedAt type: string x-enum-varnames: - ListUsersOrderByCreatedAt - ListUsersOrderByUpdatedAt user_svc.ListUsersRequest: properties: afterTime: description: |- AfterTime is a time in RFC3339 format. It is used to paginate the results when the `orderByField` is set to `createdAt` or `updatedAt`. The results will be returned after this time. type: string contactId: description: |- ContactId is the id of the contact the user is associated with. Will return a user list with one element if set. type: string count: description: Count is a flag that indicates if the count of the users should be returned. example: false type: boolean ids: description: Ids of the users to list. items: type: string type: array limit: example: 10 type: integer order: allOf: - $ref: '#/definitions/user_svc.OrderDirection' example: desc orderBy: allOf: - $ref: '#/definitions/user_svc.ListUsersOrderBy' example: createdAt search: description: Search term used to find users. Returns users whose slug, username, or contact ID exactly matches the term. type: string type: object user_svc.ListUsersResponse: properties: after: type: string count: type: integer users: items: $ref: '#/definitions/user_svc.UserRecord' type: array type: object user_svc.LoginRequest: properties: appHost: example: shoes.com type: string contact: $ref: '#/definitions/user_svc.ContactInput' device: type: string password: type: string slug: type: string required: - appHost type: object user_svc.LoginResponse: properties: token: $ref: '#/definitions/user_svc.Token' type: object user_svc.OrderDirection: enum: - asc - desc type: string x-enum-varnames: - OrderDirectionAsc - OrderDirectionDesc user_svc.Organization: properties: appId: type: string createdAt: type: string deletedAt: type: string id: type: string internalId: type: string name: description: Full name of the organization example: Acme Corporation type: string slug: description: URL-friendly unique (inside the Singularon platform) identifier for the `organization`. example: acme-corporation type: string thumbnailFileId: example: file_fQDxusW8og type: string updatedAt: type: string required: - createdAt - id - name - slug - updatedAt type: object user_svc.Permit: properties: appId: description: |- App of the permit. Use `*` to match all apps, such as when bootstrapping in services. type: string createdAt: type: string deletedAt: type: string id: example: inv_fIYPbMHIcI type: string internalId: type: string permission: type: string roles: description: |- Role IDs that have been permited the specified permission. Originally, permits were designed for slugs to facilitate service-to-service calls. Due to their convenience—especially with CLI and infrastructure-as-code support—they were later extended to roles. items: type: string type: array slugs: description: Slugs that have been permited the specified permission. items: type: string type: array updatedAt: type: string required: - appId - createdAt - id - permission - updatedAt type: object user_svc.PermitInput: properties: appHost: description: |- App of the permit. Use `*` to match all apps, such as when bootstrapping in services. example: unnamed,omitempty type: string id: example: inv_fIYPbMHIcI type: string permission: type: string roles: description: |- Role IDs that have been permited the specified permission. Originally, permits were designed for slugs to facilitate service-to-service calls. Due to their convenience—especially with CLI and infrastructure-as-code support—they were later extended to roles. items: type: string type: array slugs: description: Slugs that have been permited the specified permission. items: type: string type: array required: - permission type: object user_svc.ReadAppRequest: properties: host: type: string type: object user_svc.ReadAppResponse: properties: app: $ref: '#/definitions/user_svc.App' required: - app type: object user_svc.ReadSelfRequest: properties: countTokens: type: boolean type: object user_svc.ReadSelfResponse: properties: activeOrganizationId: description: Active organization of the caller user, if it has any. type: string contacts: description: Contacts of the caller user. items: $ref: '#/definitions/user_svc.Contact' type: array organizations: description: Organizations of the caller user. items: $ref: '#/definitions/user_svc.Organization' type: array roles: description: Roles the token has that made this request. items: type: string type: array tokenCount: type: integer user: allOf: - $ref: '#/definitions/user_svc.User' description: The user who made the request. required: - tokenCount - user type: object user_svc.RefreshTokenResponse: properties: token: $ref: '#/definitions/user_svc.Token' required: - token type: object user_svc.RegisterRequest: properties: appHost: example: shoes.com type: string contact: $ref: '#/definitions/user_svc.ContactInput' device: type: string name: type: string password: description: Password of the user. type: string slug: description: |- Slug is a URL-friendly unique (inside the 1Backend platform) identifier for the `user`. Required due to its central role in the platform. If your project has no use for a slug, just derive it from the email or similar. type: string required: - appHost - slug type: object user_svc.RegisterResponse: properties: token: $ref: '#/definitions/user_svc.Token' type: object user_svc.ResetPasswordRequest: properties: newPassword: type: string required: - newPassword type: object user_svc.ResetPasswordResponse: type: object user_svc.RevokeTokensRequest: properties: allTokens: description: If true, all tokens for the user will be revoked. type: boolean device: type: string userId: description: |- Only used by admins (or whoever has the `user-svc:token:revoke` permission revoke tokens for other users type: string type: object user_svc.RevokeTokensResponse: type: object user_svc.SaveEnrollsRequest: properties: enrolls: items: $ref: '#/definitions/user_svc.EnrollInput' type: array required: - enrolls type: object user_svc.SaveEnrollsResponse: properties: enrolls: items: $ref: '#/definitions/user_svc.Enroll' type: array required: - enrolls type: object user_svc.SaveMembershipRequest: type: object user_svc.SaveMembershipResponse: type: object user_svc.SaveOrganizationRequest: properties: assignCaller: description: |- If true, the caller (the user making the request) will be assigned the admin role for the organization. If false, no Membership or Enroll will be created. example: true type: boolean id: type: string name: description: Full name of the organization. type: string slug: description: URL-friendly unique (inside the Singularon platform) identifier for the `organization`. type: string thumbnailFileId: example: file_fQDxusW8og type: string required: - slug type: object user_svc.SaveOrganizationResponse: properties: organization: $ref: '#/definitions/user_svc.Organization' token: allOf: - $ref: '#/definitions/user_svc.Token' description: |- Due to the nature of JWT tokens, the token must be refreshed after creating an organization, as dynamic organization roles are embedded in it. required: - organization - token type: object user_svc.SavePermitsRequest: properties: permits: items: $ref: '#/definitions/user_svc.PermitInput' type: array type: object user_svc.SavePermitsResponse: type: object user_svc.SaveSelfRequest: properties: labels: additionalProperties: type: string type: object name: type: string thumbnailFileId: example: file_fQDxusW8og type: string type: object user_svc.SaveSelfResponse: type: object user_svc.SaveUserRequest: properties: name: type: string thumbnailFileId: example: file_fQDxusW8og type: string type: object user_svc.SaveUserResponse: type: object user_svc.SendOtpRequest: properties: appHost: type: string contactHandle: type: string contactId: type: string contactPlatform: type: string required: - appHost - contactId - contactPlatform type: object user_svc.SendOtpResponse: properties: code: description: In test mode, the OTP code is returned in the response for easier testing. type: string otpId: type: string required: - otpId type: object user_svc.Token: properties: active: description: |- Active tokens contain the most up-to-date information. When a user's role changes—due to role assignment, organization creation/assignment, etc.—all existing tokens are marked inactive. Active tokens are reused during login, while inactive tokens that have been recently refreshed (being used still) are kept for further refreshing (unless `OB_TOKEN_AUTO_REFRESH_OFF` is set to true, old tokens can be refreshed indefinitely.) Active tokens contain the most up-to-date information. When a user's role changes—due to role assignment, organization creation/assignment, etc.—all existing tokens are marked inactive. Active tokens are reused during login, while inactive tokens that have been recently refreshed (see `lastRefreshedAt` field) and are still in use are retained for further refreshing. (Unless `OB_TOKEN_AUTO_REFRESH_OFF` is set to true, in which case old tokens can be refreshed indefinitely.) type: boolean app: $ref: '#/definitions/user_svc.App' appId: type: string createdAt: type: string deletedAt: type: string device: description: |- The device the token is associated with. This in combination with LastRefreshedAt can be used to determine if the token is still in use, and lets us prune unused tokens. type: string expiresAt: type: string id: type: string internalId: type: string lastRefreshedAt: description: |- The last time the token was refreshed. This is used to determine if the token is still in use. type: string token: description: |- Token is a signed JWT used to authenticate the user without querying the User Svc. You can verify it using the public key at `/user-svc/public-key`. The token is just a JSON object with fields like: - "oui": the user ID (e.g., "usr_dC4K75Cbp6") - "olu": the user slug (e.g., "test-user-slug-0") - "oro": a list of roles, such as: - "user-svc:user" - "user-svc:org:{org_dC4K7NNDCG}:user" type: string updatedAt: type: string userId: type: string required: - appId - createdAt - device - expiresAt - id - token - updatedAt - userId type: object user_svc.User: properties: createdAt: type: string deletedAt: type: string id: type: string labels: additionalProperties: type: string type: object name: description: Full name of the user. example: Jane Doe type: string slug: description: URL-friendly unique (inside the 1Backend platform) identifier for the `user`. example: jane-doe type: string thumbnailFileId: example: file_fQDyi1xdHK type: string updatedAt: type: string required: - createdAt - id - slug - updatedAt type: object user_svc.UserInput: properties: id: type: string labels: additionalProperties: type: string type: object name: description: Full name of the user. example: Jane Doe type: string slug: description: URL-friendly unique (inside the 1Backend platform) identifier for the `user`. example: jane-doe type: string thumbnailFileId: example: file_fQDyi1xdHK type: string required: - id - slug type: object user_svc.UserRecord: properties: contactIds: items: type: string type: array createdAt: type: string id: type: string name: description: Full name of the user. example: Jane Doe type: string roles: items: type: string type: array slug: description: URL-friendly unique (inside the 1Backend platform) identifier for the `user`. example: jane-doe type: string updatedAt: type: string required: - createdAt - id - slug - updatedAt type: object externalDocs: description: 1Backend API url: https://1backend.com/docs/category/1backend-api host: localhost:11337 info: contact: email: sales@singulatron.com name: API Support url: http://1backend.com/ description: AI-native microservices platform. license: name: AGPL v3.0 url: https://www.gnu.org/licenses/agpl-3.0.html termsOfService: http://swagger.io/terms/ title: 1Backend version: 0.9.4 paths: /chat-svc/events: get: consumes: - application/json description: Events is a dummy endpoint to display documentation about the events that this service emits. operationId: events produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/chat_svc.EventThreadUpdate' summary: Events tags: - Chat Svc /chat-svc/message/{messageId}: delete: consumes: - application/json description: Delete a specific message from a chat thread by its ID operationId: deleteMessage parameters: - description: Message ID in: path name: messageId required: true type: string produces: - application/json responses: "200": description: Message successfully deleted schema: additionalProperties: true type: object "400": description: Invalid JSON schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Delete a Message tags: - Chat Svc /chat-svc/messages: post: consumes: - application/json description: Fetch messages (and associated assets) for a specific chat thread. operationId: listMessages parameters: - description: List Messages Request in: body name: body required: true schema: $ref: '#/definitions/chat_svc.ListMessagesRequest' produces: - application/json responses: "200": description: Messages and assets successfully retrieved schema: $ref: '#/definitions/chat_svc.ListMessagesResponse' "400": description: Invalid JSON schema: type: string "401": description: unauthorized schema: type: string "500": description: internal server error schema: type: string security: - BearerAuth: [] summary: List Messages tags: - Chat Svc /chat-svc/thread: post: consumes: - application/json description: |- Create or update a chat thread. Requires the `chat-svc:thread:edit` permission. operationId: saveThread parameters: - description: Save Thread Request in: body name: body required: true schema: $ref: '#/definitions/chat_svc.SaveThreadRequest' produces: - application/json responses: "200": description: Thread successfully created schema: $ref: '#/definitions/chat_svc.SaveThreadResponse' "400": description: Invalid JSON schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Save Thread tags: - Chat Svc /chat-svc/thread/{threadId}: delete: consumes: - application/json description: Delete a specific chat thread by its ID operationId: deleteThread parameters: - description: Thread ID in: path name: threadId required: true type: string produces: - application/json responses: "200": description: Thread successfully deleted schema: additionalProperties: true type: object "400": description: Invalid JSON schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Delete a Thread tags: - Chat Svc /chat-svc/thread/{threadId}/message: post: consumes: - application/json description: Save a new message to a specific thread. operationId: saveMessage parameters: - description: Thread ID in: path name: threadId required: true type: string - description: Save Message Request in: body name: body required: true schema: $ref: '#/definitions/chat_svc.SaveMessageRequest' produces: - application/json responses: "200": description: Message successfully added schema: additionalProperties: true type: object "400": description: Invalid JSON schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Save Message tags: - Chat Svc /chat-svc/threads: post: consumes: - application/json description: Fetch all chat threads associated with a specific user operationId: listThreads parameters: - description: List Threads Request in: body name: body required: true schema: $ref: '#/definitions/chat_svc.ListThreadsRequest' produces: - application/json responses: "200": description: Threads successfully retrieved schema: $ref: '#/definitions/chat_svc.ListThreadsResponse' "400": description: Invalid JSON schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: List Threads tags: - Chat Svc /config-svc/config: put: consumes: - application/json description: |- Save the provided configuration to the server. The app from the caller's token is used to determine which app the config belongs to. The caller's camelCased slug (e.g., "test-user-slug" becomes "testUserSlug") is used as the config key automatically, except for users who have the "config-svc:config:edit-on-behalf" permission (admins), who can specify any key they want. Admins (users with the "config-svc:config:edit-on-behalf" permission) can also provide an "app" field in the request body to specify which app the config belongs to, while non-admin users cannot specify the "app" field, the app associated with their token will be used. The save performs a deep merge, that is: - Nested objects are recursively merged rather than replaced. - If a field exists in both the existing and the incoming config and both values are objects, their contents are merged. - If a field exists in both but one or both values are not objects (e.g., string, number, array), the incoming value replaces the existing one. - Fields present only in the incoming config are added. - Fields present only in the existing config are preserved. - Top-level and nested merges follow the same rules. operationId: saveConfig parameters: - description: Save Config Request in: body name: body required: true schema: $ref: '#/definitions/config_svc.SaveConfigRequest' produces: - application/json responses: "200": description: Save Config Response schema: $ref: '#/definitions/config_svc.SaveConfigResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Save Config tags: - Config Svc /config-svc/configs: post: consumes: - application/json description: |- Retrieves the current configurations for a specified app. Since any user can save configurations, it is strongly advised that you supply a list of owners to filter on. If no app is specified, the default "unnamed" app is used. This is a public endpoint and does not require authentication. Configuration data is non-sensitive. For sensitive data, refer to the Secret Service. Configurations are used to control frontend behavior, A/B testing, feature flags, and other non-sensitive settings. operationId: listConfigs parameters: - description: List Configs Request in: body name: body required: true schema: $ref: '#/definitions/config_svc.ListConfigsRequest' produces: - application/json responses: "200": description: Current configuration schema: $ref: '#/definitions/config_svc.ListConfigsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string summary: List Configs tags: - Config Svc /config-svc/versions: post: consumes: - application/json description: |- Returns the historical versions of a configuration for a given app. Intended for retrieving the version history of a **single configuration ID**. Supplying multiple IDs is supported but not recommended, since results from different IDs will interleave in the same time-ordered list, making chronological paging ambiguous. operationId: listConfigVersions parameters: - description: List Configs Request in: body name: body required: true schema: $ref: '#/definitions/config_svc.ListVersionsRequest' produces: - application/json responses: "200": description: Current configuration schema: $ref: '#/definitions/config_svc.ListVersionsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string summary: List Versions tags: - Config Svc /container-svc/container: put: consumes: - application/json description: |- Runs a Docker container with the specified parameters. Requires the `container-svc:container:run` permission. operationId: runContainer parameters: - description: Run Container Request in: body name: body required: true schema: $ref: '#/definitions/container_svc.RunContainerRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.RunContainerResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Run a Container tags: - Container Svc /container-svc/container/is-running: get: consumes: - application/json description: Check if a Docker container is running, identified by hash or name. operationId: containerIsRunning parameters: - description: Container Hash in: query name: hash type: string - description: Container Name in: query name: name type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.ContainerIsRunningResponse' "400": description: missing parameters schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Check If a Container Is Running tags: - Container Svc /container-svc/container/stop: put: consumes: - application/json description: |- Stops a Docker container with the specified parameters. Requires the `container-svc:container:stop` permission. operationId: stopContainer parameters: - description: Stop Container Request in: body name: body required: true schema: $ref: '#/definitions/container_svc.StopContainerRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.StopContainerResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Stop a Container tags: - Container Svc /container-svc/container/summary: get: consumes: - application/json description: Get a summary of the Docker container identified by hash or name, limited to a specified number of lines. operationId: containerSummary parameters: - description: Container Hash in: query name: hash type: string - description: Container Name in: query name: name type: string - description: Number of Lines in: query name: lines type: integer produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.GetContainerSummaryResponse' "400": description: missing parameters schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: internal server error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Get Container Summary tags: - Container Svc /container-svc/containers: post: consumes: - application/json description: |- List containers. Requires the `container-svc:container:view` permission. operationId: listContainers parameters: - description: List Containers Request in: body name: body required: true schema: $ref: '#/definitions/container_svc.ListContainersRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.ListContainersResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: List Containers tags: - Container Svc /container-svc/daemon/info: get: consumes: - application/json description: Retrieve detailed information about the availability and status of container daemons on the node. operationId: containerDaemonInfo produces: - application/json responses: "200": description: Service Information schema: $ref: '#/definitions/container_svc.DaemonInfoResponse' "401": description: unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: internal server error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Get Container Daemon Information tags: - Container Svc /container-svc/host: get: consumes: - application/json description: Retrieve information about the Container host operationId: getHost produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.GetHostResponse' "401": description: unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: internal server error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Get Container Host tags: - Container Svc /container-svc/image: put: consumes: - application/json description: |- Builds a Docker image with the specified parameters. Requires the `container-svc:image:build` permission. operationId: buildImage parameters: - description: Build Image Request in: body name: body required: true schema: $ref: '#/definitions/container_svc.BuildImageRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.BuildImageResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Build an Image tags: - Container Svc /container-svc/image/{imageName}/pullable: get: consumes: - application/json description: Check if an image exists on in the container registry and is pullable. operationId: imagePullable parameters: - description: Image name in: path name: imageName required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.ImagePullableResponse' "400": description: model ID in path is not URL encoded schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: internal server error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: Check if Container Image is Pullable tags: - Container Svc /container-svc/logs: post: consumes: - application/json description: |- List Container logs. Requires the `container-svc:log:view` permission. operationId: listContainerLogs parameters: - description: List Logs Request in: body name: body required: true schema: $ref: '#/definitions/container_svc.ListLogsRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/container_svc.ListLogsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/container_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/container_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/container_svc.ErrorResponse' security: - BearerAuth: [] summary: List Logs tags: - Container Svc /data-svc/object: post: consumes: - application/json description: Creates a new object with the provided details. Requires authorization and user authentication. operationId: createObject parameters: - description: Create request payload in: body name: body required: true schema: $ref: '#/definitions/data_svc.CreateObjectRequest' produces: - application/json responses: "200": description: Success schema: $ref: '#/definitions/data_svc.CreateObjectResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/data_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/data_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/data_svc.ErrorResponse' security: - BearerAuth: [] summary: Create a Generic Object tags: - Data Svc /data-svc/object/{objectId}: put: consumes: - application/json description: Creates a new dynamic object or updates an existing one based on the provided data. Requires authorization and user authentication. operationId: upsertObject parameters: - description: Object ID in: path name: objectId required: true type: string - description: Upsert request payload in: body name: body required: true schema: $ref: '#/definitions/data_svc.UpsertObjectRequest' produces: - application/json responses: "200": description: Successful creation or update of object schema: $ref: '#/definitions/data_svc.UpsertObjectResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/data_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/data_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/data_svc.ErrorResponse' security: - BearerAuth: [] summary: Upsert a Generic Object tags: - Data Svc /data-svc/objects: post: consumes: - application/json description: |- Retrieves objects from a specified table based on search criteria. Requires authorization and user authentication. Use helper functions in your respective client library such as condition constructors (`equal`, `contains`, `startsWith`) and field selectors (`field`, `fields`, `id`) for easier access. operationId: queryObjects parameters: - description: Query Request in: body name: body schema: $ref: '#/definitions/data_svc.QueryRequest' produces: - application/json responses: "200": description: Successful retrieval of objects schema: $ref: '#/definitions/data_svc.QueryResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/data_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/data_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/data_svc.ErrorResponse' security: - BearerAuth: [] summary: Query Objects tags: - Data Svc /data-svc/objects/delete: post: consumes: - application/json description: Deletes all objects matchin the provided filters. operationId: deleteObjects parameters: - description: Delete request payload in: body name: body required: true schema: $ref: '#/definitions/data_svc.DeleteObjectRequest' produces: - application/json responses: "200": description: Successful deletion of object schema: $ref: '#/definitions/data_svc.DeleteObjectResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/data_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/data_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/data_svc.ErrorResponse' security: - BearerAuth: [] summary: Delete Objects tags: - Data Svc /data-svc/objects/update: post: consumes: - application/json description: |- Update fields of objects that match the given filters using the provided object. Any fields not included in the incoming object will remain unchanged. operationId: updateObjects parameters: - description: Update request payload in: body name: body required: true schema: $ref: '#/definitions/data_svc.UpdateObjectsRequest' produces: - application/json responses: "200": description: Successful update of objects schema: $ref: '#/definitions/data_svc.UpdateObjectsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/data_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/data_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/data_svc.ErrorResponse' security: - BearerAuth: [] summary: Update Objects tags: - Data Svc /data-svc/objects/upsert: put: consumes: - application/json description: Upserts objects by ids. operationId: upsertObjects parameters: - description: Upsert request payload in: body name: body required: true schema: $ref: '#/definitions/data_svc.UpsertObjectRequest' produces: - application/json responses: "200": description: Successful upsert of objects schema: $ref: '#/definitions/data_svc.UpsertObjectResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/data_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/data_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/data_svc.ErrorResponse' security: - BearerAuth: [] summary: Upsert Objects tags: - Data Svc /deploy-svc/deployment: delete: consumes: - application/json description: Delete a deployment. operationId: deleteDeployment parameters: - description: Delete Deploys Request in: body name: body schema: $ref: '#/definitions/deploy_svc.DeleteDeploymentRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/deploy_svc.DeleteDeploymentResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/deploy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/deploy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/deploy_svc.ErrorResponse' security: - BearerAuth: [] summary: Delete Deployment tags: - Deploy Svc put: consumes: - application/json description: Save a deployment. operationId: saveDeployment parameters: - description: Save Deploys Request in: body name: body schema: $ref: '#/definitions/deploy_svc.SaveDeploymentRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/deploy_svc.SaveDeploymentResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/deploy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/deploy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/deploy_svc.ErrorResponse' security: - BearerAuth: [] summary: Save Deployment tags: - Deploy Svc /deploy-svc/deployments: post: consumes: - application/json description: Retrieve a list of deployments. operationId: listDeployments parameters: - description: List Deploys Request in: body name: body schema: $ref: '#/definitions/deploy_svc.ListDeploymentsRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/deploy_svc.ListDeploymentsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/deploy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/deploy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/deploy_svc.ErrorResponse' security: - BearerAuth: [] summary: List Deployments tags: - Deploy Svc /email-svc/email: post: consumes: - application/json description: |- Sends an email with optional attachments via a supported email provider. Currently, only SendGrid is supported. Additional providers may be added in the future. Required secrets from the Secret Svc for SendGrid: - `sender-email`: Sender's email address. - `sender-name`: Sender's display name. - `sendgrid-api-key`: API key for SendGrid. operationId: sendEmail parameters: - description: Send Email Request in: body name: body required: true schema: $ref: '#/definitions/email_svc.SendEmailRequest' produces: - application/json responses: "200": description: Successfully sent the email schema: $ref: '#/definitions/email_svc.SendEmailResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/email_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/email_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/email_svc.ErrorResponse' security: - BearerAuth: [] summary: Send an Email tags: - Email Svc /file-svc/download: put: consumes: - application/json description: |- Start or resume the download for a specified URL. Requires the `file-svc:download:create` permission. operationId: downloadFile parameters: - description: Download Request in: body name: body required: true schema: $ref: '#/definitions/file_svc.DownloadFileRequest' produces: - application/json responses: "200": description: Download initiated successfully schema: additionalProperties: true type: object "400": description: Invalid JSON schema: $ref: '#/definitions/file_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/file_svc.ErrorResponse' "500": description: Failed to download file schema: $ref: '#/definitions/file_svc.ErrorResponse' security: - BearerAuth: [] summary: Download a File tags: - File Svc /file-svc/download/{url}: get: consumes: - application/json description: |- Get a download by URL. Requires the `file-svc:download:view` permission. operationId: getDownload parameters: - description: url in: path name: url required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/file_svc.GetDownloadResponse' "400": description: Invalid URL schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Get a Download tags: - File Svc /file-svc/download/{url}/pause: put: consumes: - application/json description: |- Pause a download that is currently in progress. Requires the `file-svc:download:edit` permission. operationId: pauseDownload parameters: - description: Download URL in: path name: url required: true type: string produces: - application/json responses: "200": description: Success response schema: additionalProperties: true type: object "400": description: Download ID in path is not URL encoded schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Pause a Download tags: - File Svc /file-svc/downloads: post: consumes: - application/json description: |- List download details. Requires the `file-svc:download:view` permission. operationId: listDownloads produces: - application/json responses: "200": description: List of downloads schema: $ref: '#/definitions/file_svc.DownloadsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: List Downloads tags: - File Svc /file-svc/serve/download/{url}: get: description: Serves a previously downloaded file based on its URL. operationId: serveDownload parameters: - description: URL of the file. Even after downloading, the file is still referenced by its original internet URL. in: path name: url required: true type: string produces: - application/octet-stream responses: "200": description: File served successfully schema: type: file "400": description: Error Parsing Download URL schema: $ref: '#/definitions/file_svc.ErrorResponse' "404": description: File Not Found schema: $ref: '#/definitions/file_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/file_svc.ErrorResponse' summary: Serve a Downloaded file tags: - File Svc /file-svc/serve/upload/{fileId}: get: consumes: - application/json description: |- Retrieves and serves a previously uploaded file using its File ID. Note: The `ID` and `FileID` fields of an upload are different. - `FileID` is a unique identifier for the file itself. - `ID` is a unique identifier for a specific replica of the file. Since 1Backend is a distributed system, files can be replicated across multiple nodes. This means each uploaded file may have multiple records with the same `FileID` but different `ID`s. operationId: serveUpload parameters: - description: FileID uniquely identifies the file itself (not an ID, which represents a specific replica) in: path name: fileId required: true type: string produces: - application/octet-stream responses: "200": description: File served successfully schema: type: file "400": description: Missing Upload ID schema: $ref: '#/definitions/file_svc.ErrorResponse' "404": description: File Not Found schema: $ref: '#/definitions/file_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/file_svc.ErrorResponse' summary: Serve an Uploaded File tags: - File Svc /file-svc/upload: put: consumes: - multipart/form-data description: |- Uploads a file to the server. Currently if using the clients only one file can be uploaded at a time due to this bug https://github.com/OpenAPITools/openapi-generator/issues/11341 Once that is fixed we should have an `PUT /file-svc/uploads`/uploadFiles (note the plural) endpoints. In reality the endpoint "unofficially" supports multiple files. YMMV. Requires the `file-svc:upload:create` permission. operationId: uploadFile parameters: - description: File to upload in: formData name: file required: true type: file produces: - application/json responses: "200": description: File uploaded successfully schema: $ref: '#/definitions/file_svc.UploadFileResponse' "400": description: invalid request schema: $ref: '#/definitions/file_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/file_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/file_svc.ErrorResponse' security: - BearerAuth: [] summary: Upload a File tags: - File Svc /file-svc/uploads: post: consumes: - application/json description: |- Lists uploaded files, returning only metadata about each upload. To retrieve file content, use the `Serve an Uploaded File` endpoint, which serves a single file per request. Note: Retrieving the contents of multiple files in a single request is not supported currently. Requires the `file-svc:upload:view` permission. operationId: listUploads parameters: - description: List Uploads Request in: body name: body schema: $ref: '#/definitions/file_svc.ListUploadsRequest' produces: - application/json responses: "200": description: List of uploads schema: $ref: '#/definitions/file_svc.ListUploadsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: List Uploads tags: - File Svc /firehose-svc/event: post: consumes: - application/json description: Publishes an event to the firehose service after authorization check operationId: publishEvent parameters: - description: Event to publish in: body name: event required: true schema: $ref: '#/definitions/firehose_svc.EventPublishRequest' produces: - application/json responses: "200": description: '{}' "400": description: Invalid JSON schema: $ref: '#/definitions/firehose_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/firehose_svc.ErrorResponse' security: - BearerAuth: [] summary: Publish an Event tags: - Firehose Svc /firehose-svc/events/subscribe: get: consumes: - application/json description: Establish a subscription to the firehose events and accept a real time stream of them. operationId: subscribeToEvents produces: - text/event-stream responses: "200": description: Event data schema: type: string "401": description: Unauthorized schema: $ref: '#/definitions/firehose_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/firehose_svc.ErrorResponse' security: - BearerAuth: [] summary: Subscribe to the Event Stream tags: - Firehose Svc /image-svc/serve/upload/{fileId}: get: consumes: - application/json description: Retrieves and serves a previously uploaded image file using its File ID. operationId: serveUploadedImage parameters: - description: FileID uniquely identifies the file itself (not an ID, which represents a specific replica) in: path name: fileId required: true type: string - description: Optional width to resize the image to in: query name: width type: integer - description: Optional height to resize the image to in: query name: height type: integer produces: - application/octet-stream responses: "200": description: File served successfully schema: type: file "400": description: Missing File ID schema: $ref: '#/definitions/image_svc.ErrorResponse' "404": description: File Not Found schema: $ref: '#/definitions/image_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/image_svc.ErrorResponse' summary: Serve Uploaded Image tags: - Image Svc /model-svc/default-model/start: put: consumes: - application/json description: |- Starts The Default Model. Requires the `model-svc:model:create` permission. operationId: startDefaultModel produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/model_svc.StartResponse' "401": description: Unauthorized schema: $ref: '#/definitions/model_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/model_svc.ErrorResponse' security: - BearerAuth: [] summary: Start the Default Model tags: - Model Svc /model-svc/default-model/status: get: consumes: - application/json description: |- Retrieves the status of the default model. Requires the `model-svc:model:view` permission. operationId: getDefaultModelStatus produces: - application/json responses: "200": description: Model status retrieved successfully schema: $ref: '#/definitions/model_svc.StatusResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Get Default Model Status tags: - Model Svc /model-svc/model/{modelId}: get: consumes: - application/json description: |- Retrieves the details of a model by its ID. the Requires `model.view` permission. operationId: getModel parameters: - description: Model ID in: path name: modelId required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/model_svc.GetModelResponse' "400": description: Invalid Model ID schema: $ref: '#/definitions/model_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/model_svc.ErrorResponse' "404": description: Model Not Found schema: $ref: '#/definitions/model_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/model_svc.ErrorResponse' security: - BearerAuth: [] summary: Get a Model tags: - Model Svc /model-svc/model/{modelId}/make-default: put: consumes: - application/json description: Sets a model as the default model — when prompts are sent without a Model ID, the default model is used. operationId: makeDefault parameters: - description: Model ID in: path name: modelId required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/model_svc.MakeDefaultResponse' "400": description: Invalid Model ID schema: $ref: '#/definitions/model_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/model_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/model_svc.ErrorResponse' security: - BearerAuth: [] summary: Make a Model Default tags: - Model Svc /model-svc/model/{modelId}/start: put: consumes: - application/json description: Starts a model by ID operationId: startModel parameters: - description: Model ID in: path name: modelId required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/model_svc.StartResponse' "401": description: Unauthorized schema: $ref: '#/definitions/model_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/model_svc.ErrorResponse' security: - BearerAuth: [] summary: Start a Model tags: - Model Svc /model-svc/model/{modelId}/status: get: consumes: - application/json description: |- Retrieves the status of a model by ID. Requires the `model-svc:model:view` permission. operationId: getModelStatus parameters: - description: Model ID in: path name: modelId required: true type: string produces: - application/json responses: "200": description: Model status retrieved successfully schema: $ref: '#/definitions/model_svc.StatusResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Get Model Status tags: - Model Svc /model-svc/models: post: consumes: - application/json description: |- Retrieves a list of models. Requires `model-svc:model:view` permission. operationId: listModels produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/model_svc.ListModelsResponse' "401": description: Unauthorized schema: $ref: '#/definitions/model_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/model_svc.ErrorResponse' security: - BearerAuth: [] summary: List Models tags: - Model Svc /model-svc/platforms: post: consumes: - application/json description: |- Retrieves a list of AI platforms. Eg. LlamaCpp, StableDiffusion etc. Requires `model-svc:platform:view` permission. operationId: listPlatforms produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/model_svc.ListPlatformsResponse' "401": description: Unauthorized schema: $ref: '#/definitions/model_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/model_svc.ErrorResponse' security: - BearerAuth: [] summary: List Platforms tags: - Model Svc /policy-svc/check: post: consumes: - application/json description: Check records a resource access and returns if the access is allowed. operationId: check parameters: - description: Check Request in: body name: body required: true schema: $ref: '#/definitions/policy_svc.CheckRequest' produces: - application/json responses: "200": description: Checked successfully schema: $ref: '#/definitions/policy_svc.CheckResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/policy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/policy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/policy_svc.ErrorResponse' security: - BearerAuth: [] summary: Check tags: - Policy Svc /policy-svc/instance/{instanceId}: put: consumes: - application/json description: Allows user to upsert a new policy instance based on a template. operationId: upsertInstance parameters: - description: Instance ID in: path name: instanceId required: true type: string - description: Upsert Instance Request in: body name: body required: true schema: $ref: '#/definitions/policy_svc.UpsertInstanceRequest' produces: - application/json responses: "200": description: Instance upserted successfully schema: $ref: '#/definitions/policy_svc.UpsertInstanceResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/policy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/policy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/policy_svc.ErrorResponse' security: - BearerAuth: [] summary: Upsert an Instance tags: - Policy Svc /prompt-svc/prompt: post: consumes: - application/json description: |- Sends a prompt and waits for a response if sync is true. If sync is false, adds the prompt to the queue and returns immediately. Prompts can be used for `text-to-text`, `text-to-image`, `image-to-image`, and other types of generation. If no model ID is specified, the default model will be used (see `Model Svc` for details). The default model may or may not support the requested generation type. **Prompting Modes** - **High-Level Parameters**: Uses predefined parameters relevant to `text-to-image`, `image-to-image`, etc. This mode abstracts away the underlying engine (e.g., LLaMA, Stable Diffusion) and focuses on functionality. - **Engine-Specific Parameters**: Uses `engineParameters` to directly specify an AI engine, exposing all available parameters for fine-tuned control. **Permissions Required:** `prompt-svc:prompt:create` operationId: prompt parameters: - description: Add Prompt Request in: body name: body required: true schema: $ref: '#/definitions/prompt_svc.PromptRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/prompt_svc.PromptResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/prompt_svc.ErrorResponse' security: - BearerAuth: [] summary: Prompt an AI tags: - Prompt Svc /prompt-svc/prompts: post: consumes: - application/json description: List prompts that satisfy a query. operationId: listPrompts parameters: - description: List Prompts Request in: body name: body schema: $ref: '#/definitions/prompt_svc.ListPromptsRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/prompt_svc.ListPromptsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/prompt_svc.ErrorResponse' security: - BearerAuth: [] summary: List Prompts tags: - Prompt Svc /prompt-svc/prompts/{threadId}/responses/subscribe: get: description: |- Subscribe to prompt responses by thread via Server-Sent Events (SSE). You can subscribe to threads before they are created. The streamed strings are of type `StreamChunk`, see the PromptTypes endpoint for more details. operationId: subscribeToPromptResponses parameters: - description: Thread ID in: path name: threadId required: true type: string responses: "200": description: Streaming response schema: type: string "400": description: Missing Parameter schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/prompt_svc.ErrorResponse' security: - BearerAuth: [] summary: Subscribe to Prompt Responses by Thread tags: - Prompt Svc /prompt-svc/remove: post: consumes: - application/json description: Remove a prompt by ID. operationId: removePrompt parameters: - description: Remove Prompt Request in: body name: body required: true schema: $ref: '#/definitions/prompt_svc.RemovePromptRequest' produces: - application/json responses: "200": description: '{}' schema: $ref: '#/definitions/prompt_svc.RemovePromptResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/prompt_svc.ErrorResponse' security: - BearerAuth: [] summary: Remove Prompt tags: - Prompt Svc /prompt-svc/types: post: consumes: - application/json description: |- The only purpose of this "endpoint" is to export types otherwise not appearing in the API docs. This endpoint otherwise does nothing. Do not depend on this endpoint, only its types. operationId: promptTypes parameters: - description: Types Request in: body name: body required: true schema: $ref: '#/definitions/prompt_svc.TypesRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/prompt_svc.TypesResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/prompt_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/prompt_svc.ErrorResponse' security: - BearerAuth: [] summary: Prompt Types tags: - Prompt Svc /proxy-svc/certs: post: consumes: - application/json description: List certs that the edge proxy will use to cert requests. operationId: listCerts parameters: - description: List Certs Request in: body name: body schema: $ref: '#/definitions/proxy_svc.ListCertsRequest' produces: - application/json responses: "200": description: Certs listed successfully schema: $ref: '#/definitions/proxy_svc.ListCertsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/proxy_svc.ErrorResponse' security: - BearerAuth: [] summary: List Certs tags: - Proxy Svc put: consumes: - application/json description: |- This endpoint only exist for testing purposes. Only callable by admins Certs should be saved by the Proxy Svc and its edge proxying functionality internally, not through this endpoint. operationId: saveCerts parameters: - description: Save Certs Request in: body name: body required: true schema: $ref: '#/definitions/proxy_svc.SaveCertsRequest' produces: - application/json responses: "200": description: Certs saved successfully schema: $ref: '#/definitions/proxy_svc.SaveCertsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/proxy_svc.ErrorResponse' security: - BearerAuth: [] summary: Save Certs tags: - Proxy Svc /proxy-svc/routes: post: consumes: - application/json description: List routes that the edge proxy will use to route requests. operationId: listRoutes parameters: - description: List Routes Request in: body name: body schema: $ref: '#/definitions/proxy_svc.ListRoutesRequest' produces: - application/json responses: "200": description: Routes listd successfully schema: $ref: '#/definitions/proxy_svc.ListRoutesResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/proxy_svc.ErrorResponse' security: - BearerAuth: [] summary: List Routes tags: - Proxy Svc put: consumes: - application/json description: Save routes that the edge proxy will use to route requests. operationId: saveRoutes parameters: - description: Save Routes Request in: body name: body required: true schema: $ref: '#/definitions/proxy_svc.SaveRoutesRequest' produces: - application/json responses: "200": description: Routes saved successfully schema: $ref: '#/definitions/proxy_svc.SaveRoutesResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/proxy_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/proxy_svc.ErrorResponse' security: - BearerAuth: [] summary: Save Routes tags: - Proxy Svc /registry-svc/definition: put: consumes: - application/json description: Registers a new definition, associating an definition address with a slug acquired from the bearer token. operationId: saveDefinition parameters: - description: Register Service Definition Request in: body name: body required: true schema: $ref: '#/definitions/registry_svc.SaveDefinitionRequest' produces: - application/json responses: "201": description: Created schema: $ref: '#/definitions/registry_svc.SaveDefinitionResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: Register a Definition tags: - Registry Svc /registry-svc/definition/{id}: delete: consumes: - application/json description: Deletes a registered definition by ID. operationId: deleteDefinition parameters: - description: Definition ID in: path name: id required: true type: string produces: - application/json responses: "204": description: No Content "400": description: Invalid ID schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "404": description: Not Found schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: Delete Definition tags: - Registry Svc /registry-svc/definitions: get: consumes: - application/json description: Retrieves a list of all definitions or filters them by specific criteria. operationId: listDefinitions produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/registry_svc.ListDefinitionsResponse' "400": description: Invalid filters schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: List Definitions tags: - Registry Svc /registry-svc/echo: get: description: |- This endpoint is used to test the server's response to a GET request. It echoes back the query parameters as a JSON object. operationId: echoGet produces: - application/json responses: "200": description: Echoed query parameters schema: additionalProperties: true type: object security: - BearerAuth: [] summary: Echo the query parameters in the response body. tags: - Registry Svc post: consumes: - application/json description: |- This endpoint is used to test the server's response to a request. It simply echoes back the request body as a JSON response. operationId: echoPost produces: - application/json responses: "200": description: Echoed response schema: additionalProperties: true type: object "400": description: Invalid JSON schema: additionalProperties: type: string type: object security: - BearerAuth: [] summary: Echo the request body in the response body. tags: - Registry Svc put: consumes: - application/json description: |- This endpoint is used to test the server's response to a request. It simply echoes back the request body as a JSON response. operationId: echoPut produces: - application/json responses: "200": description: Echoed response schema: additionalProperties: true type: object "400": description: Invalid JSON schema: additionalProperties: type: string type: object security: - BearerAuth: [] summary: Echo the request body in the response body. tags: - Registry Svc /registry-svc/instance: put: consumes: - application/json description: Registers an instance. Idempotent. operationId: registerInstance parameters: - description: Register Instance Request in: body name: body required: true schema: $ref: '#/definitions/registry_svc.RegisterInstanceRequest' produces: - application/json responses: "201": description: Created schema: $ref: '#/definitions/registry_svc.RegisterInstanceResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: Register Instance tags: - Registry Svc /registry-svc/instance/{id}: delete: consumes: - application/json description: Removes a registered instance by ID. operationId: removeInstance parameters: - description: Instance ID in: path name: id required: true type: string produces: - application/json responses: "204": description: No Content "400": description: Invalid ID schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "404": description: Service Not Found schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: Remove Instance tags: - Registry Svc /registry-svc/instances: get: consumes: - application/json description: Retrieves a list of all instances or filters them by specific criteria (e.g., host, IP). operationId: listInstances parameters: - description: Scheme to filter by in: query name: scheme type: string - description: IP to filter by in: query name: ip type: string - description: Deployment ID to filter by in: query name: deploymentId type: string - description: Host to filter by in: query name: host type: string - description: IP to filter by in: query name: ip type: string - description: Id to filter by in: query name: id type: string - description: Slug to filter by in: query name: slug type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/registry_svc.ListInstancesResponse' "400": description: Invalid filters schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: List Service Instances tags: - Registry Svc /registry-svc/node/{url}: delete: consumes: - application/json description: Deletes a registered node by node URL. This endpoint is useful when a node is no longer available but it's still present in the database. operationId: deleteNode parameters: - description: Node URL in: path name: url required: true type: string produces: - application/json responses: "204": description: No Content "400": description: Invalid ID schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "404": description: Service not found schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: Delete Node tags: - Registry Svc /registry-svc/node/self: get: consumes: - application/json description: Show the local node. operationId: selfNode parameters: - description: List Registrys Request in: body name: body schema: $ref: '#/definitions/registry_svc.NodeSelfRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/registry_svc.NodeSelfResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: View Self Node tags: - Registry Svc /registry-svc/nodes: post: consumes: - application/json description: Retrieve a list of nodes. operationId: listNodes parameters: - description: List Nodes Request in: body name: body schema: $ref: '#/definitions/registry_svc.ListNodesRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/registry_svc.ListNodesResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/registry_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/registry_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/registry_svc.ErrorResponse' security: - BearerAuth: [] summary: List Nodes tags: - Registry Svc /secret-svc/decrypt: post: consumes: - application/json description: Decrypt a value and return the encrypted result operationId: decryptValue parameters: - description: Decrypt Value Request in: body name: body required: true schema: $ref: '#/definitions/secret_svc.DecryptValueRequest' produces: - application/json responses: "200": description: Decrypt Value Response schema: $ref: '#/definitions/secret_svc.DecryptValueResponse' "400": description: Bad Request schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Decrypt a Value tags: - Secret Svc /secret-svc/encrypt: post: consumes: - application/json description: Encrypt a value and return the encrypted result operationId: encryptValue parameters: - description: Encrypt Value Request in: body name: body required: true schema: $ref: '#/definitions/secret_svc.EncryptValueRequest' produces: - application/json responses: "200": description: Encrypt Value Response schema: $ref: '#/definitions/secret_svc.EncryptValueResponse' "400": description: Missing Data schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Encrypt a Value tags: - Secret Svc /secret-svc/is-secure: get: consumes: - application/json description: Returns true if the encryption key is sufficiently secure. operationId: isSecure produces: - application/json responses: "200": description: Encrypt Value Response schema: $ref: '#/definitions/secret_svc.IsSecureResponse' "400": description: Bad Request schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Check Security Status tags: - Secret Svc /secret-svc/secrets: delete: consumes: - application/json description: Remove secrets if authorized to do so operationId: removeSecrets parameters: - description: Remove Secret Request in: body name: body required: true schema: $ref: '#/definitions/secret_svc.RemoveSecretsRequest' produces: - application/json responses: "200": description: Remove Secret Response schema: $ref: '#/definitions/secret_svc.RemoveSecretsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Remove Secrets tags: - Secret Svc post: consumes: - application/json description: List secrets by key(s) if authorized. operationId: listSecrets parameters: - description: List Secret Request in: body name: body schema: $ref: '#/definitions/secret_svc.ListSecretsRequest' produces: - application/json responses: "200": description: List Secret Response schema: $ref: '#/definitions/secret_svc.ListSecretsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: List Secrets tags: - Secret Svc put: consumes: - application/json description: |- Save secrets if authorized to do so. Requires the `secret-svc:secret:save` permission. Users can only save secrets prefixed with their user slug unless they also have the `secret-svc:secret:save-unprefixed` permission, which allows them to save a secret without a slug prefix. operationId: saveSecrets parameters: - description: Save Secret Request in: body name: body required: true schema: $ref: '#/definitions/secret_svc.SaveSecretsRequest' produces: - application/json responses: "200": description: Save Secret Response schema: $ref: '#/definitions/secret_svc.SaveSecretsResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Save Secrets tags: - Secret Svc /source-svc/repo/checkout: post: consumes: - application/json description: |- Checkout a git repository over https or ssh at a specific version into a temporary directory. Performs a shallow clone with minimal history for faster checkout. operationId: checkoutRepo parameters: - description: Checkout Repo Request in: body name: body required: true schema: $ref: '#/definitions/source_svc.CheckoutRepoRequest' produces: - application/json responses: "200": description: Successfully checked out the repository schema: $ref: '#/definitions/source_svc.CheckoutRepoResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/source_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/source_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/source_svc.ErrorResponse' security: - BearerAuth: [] summary: Checkout a git repository tags: - Source Svc /user-svc/{userId}/reset-password: post: consumes: - application/json description: Allows an administrator to change a user's password. operationId: resetPassword parameters: - description: User ID in: path name: userId required: true type: string - description: Change Password Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ResetPasswordRequest' produces: - application/json responses: "200": description: Password changed successfully schema: $ref: '#/definitions/user_svc.ResetPasswordResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Reset Password tags: - User Svc /user-svc/app: post: consumes: - application/json description: Get an app by host, or create it if it does not exist. operationId: readApp parameters: - description: Read App Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ReadAppRequest' produces: - application/json responses: "200": description: App retrieved or created successfully schema: $ref: '#/definitions/user_svc.ReadAppResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Read or Create App tags: - User Svc /user-svc/apps: post: consumes: - application/json description: |- List apps. Role, user ID or contact ID must be specified. Requires the `user-svc:app:view` permission, which by default all users have. Caller can only list apps of roles they own (unless they are an admin). operationId: listApps parameters: - description: List Apps Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ListAppsRequest' produces: - application/json responses: "200": description: Apps listed successfully schema: $ref: '#/definitions/user_svc.ListAppsResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: List Apps tags: - User Svc /user-svc/change-password: post: consumes: - application/json description: Allows an authenticated user to change their own password. operationId: changePassword parameters: - description: Change Password Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ChangePasswordRequest' produces: - application/json responses: "200": description: Password changed successfully schema: $ref: '#/definitions/user_svc.ChangePasswordResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Change Password tags: - User Svc /user-svc/enrolls: post: consumes: - application/json description: |- List enrolls. Role, user ID or contact ID must be specified. Requires the `user-svc:enroll:view` permission, which by default all users have. Caller can only list enrolls of roles they own (unless they are an admin). operationId: listEnrolls parameters: - description: List Enrolls Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ListEnrollsRequest' produces: - application/json responses: "200": description: Enrolls listed successfully schema: $ref: '#/definitions/user_svc.ListEnrollsResponse' "400": description: Role, Contact ID or User ID is Required schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: List Enrolls tags: - User Svc put: consumes: - application/json description: |- Enroll a list of users by contact or user Id to acquire a role. Works on future or current users. A user can only enroll an other user to a role if the user "owns" that role. A user who owns a role can enroll others in that roll in any app. The same request might contain enrolls for different apps. A user "owns" a role in the following cases: - A static role where the role ID is prefixed with the caller's slug. - Any dynamic or static role where the caller is an admin (has `*:admin` postfix of that role). Examples: - A user with the slug `joe-doe` owns roles like `joe-doe:*` such as `joe-doe:any-custom-role`. - A user with any slug who has the role `my-service:admin` owns `my-service:*` roles such as `my-service:user`. - A user with any slug who has the role `user-svc:org:{%orgId}:admin` owns `user-svc:org:{%orgId}:*` such as `user-svc:org:{%orgId}:user`. operationId: saveEnrolls parameters: - description: Save Enrolls Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.SaveEnrollsRequest' produces: - application/json responses: "200": description: Enrolls saved successfully schema: $ref: '#/definitions/user_svc.SaveEnrollsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Save Enrolls tags: - User Svc /user-svc/login: post: consumes: - application/json description: Authenticates a user and returns a token. operationId: login parameters: - description: Login Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.LoginRequest' produces: - application/json responses: "200": description: Login successful schema: $ref: '#/definitions/user_svc.LoginResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "404": description: User Not Found schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' summary: Login tags: - User Svc /user-svc/organization: put: consumes: - application/json description: |- Allows a logged-in user to save an organization. The user initiating the request will be assigned the role of admin for that organization. The initiating user will receive a dynamic role in the format `user-svc:org:{organizationId}:admin`, where `{organizationId}` is a unique identifier for the saved organization. Dynamic roles are generated based on specific user-resource associations (in this case the resource being the organization), offering more flexible permission management compared to static roles. operationId: saveOrganization parameters: - description: Save User Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.SaveOrganizationRequest' produces: - application/json responses: "200": description: User saved successfully schema: $ref: '#/definitions/user_svc.SaveOrganizationResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Save an Organization tags: - User Svc /user-svc/organization/{organizationId}/user/{userId}: delete: consumes: - application/json description: Allows an organization admin to remove a user from an organization. operationId: deleteMembership parameters: - description: Organization ID in: path name: organizationId required: true type: string - description: User ID in: path name: userId required: true type: string - description: Remove User From Organization Request in: body name: body schema: $ref: '#/definitions/user_svc.DeleteMembershipRequest' produces: - application/json responses: "200": description: User added successfully schema: $ref: '#/definitions/user_svc.DeleteMembershipResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "403": description: Forbidden schema: $ref: '#/definitions/user_svc.ErrorResponse' "404": description: Organization/User not found schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Delete Membership tags: - User Svc put: consumes: - application/json description: |- Adds a user to an organization by saving a Membership. Also issues the corresponding Enroll, which grants the user their dynamic organization role (e.g. `user-svc:org:{org_123}:user`). operationId: saveMembership parameters: - description: Organization ID in: path name: organizationId required: true type: string - description: User ID in: path name: userId required: true type: string - description: Add User to Organization Request in: body name: body schema: $ref: '#/definitions/user_svc.SaveMembershipRequest' produces: - application/json responses: "200": description: User added successfully schema: $ref: '#/definitions/user_svc.SaveMembershipResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "403": description: Forbidden schema: $ref: '#/definitions/user_svc.ErrorResponse' "404": description: Organization/User not found schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Save Membership tags: - User Svc /user-svc/organizations: post: consumes: - application/json description: Requires the `user-svc:organization:view` permission, that only admins have by default. operationId: listOrganizations parameters: - description: List Organizations Request in: body name: body schema: $ref: '#/definitions/user_svc.ListOrganizationsRequest' produces: - application/json responses: "200": description: Organization listed successfully schema: $ref: '#/definitions/user_svc.ListOrganizationsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: List Organizations tags: - User Svc /user-svc/otp/send: post: consumes: - application/json description: |- Generates and sends a one-time password (OTP) to the specified contact. The OTP can be used for contact verification or login depending on purpose. operationId: sendOtp parameters: - description: Send OTP Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.SendOtpRequest' produces: - application/json responses: "200": description: OTP sent successfully schema: $ref: '#/definitions/user_svc.SendOtpResponse' "400": description: Invalid request schema: $ref: '#/definitions/user_svc.ErrorResponse' "404": description: Contact not found schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' summary: Send OTP tags: - User Svc /user-svc/permissions: post: consumes: - application/json description: |- List permissions by roles. Caller can only list permissions for roles they have. operationId: listPermissions parameters: - description: Role ID in: path name: roleId required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.ListPermissionsResponse' "400": description: Invalid JSON schema: type: string "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: List Permissions tags: - User Svc /user-svc/permits: post: consumes: - application/json description: |- List permits. Requires the `user-svc:permit:view` permission, which only admins have by default. &todo Users should be able to list permits referring to them. operationId: listPermits parameters: - description: List Permits Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ListPermitsRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.ListPermitsResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: List Permits tags: - User Svc put: consumes: - application/json description: |- Save permits. Permits give access to users with certain slugs and roles to permissions. operationId: savePermits parameters: - description: Save Permits Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.SavePermitsRequest' produces: - application/json responses: "200": description: Permit saved successfully schema: $ref: '#/definitions/user_svc.SavePermitsResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Save Permits tags: - User Svc /user-svc/public-key: get: consumes: - application/json description: Get the public key to verify the JWT signature. operationId: getPublicKey produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.GetPublicKeyResponse' "400": description: Invalid JSON or missing permission id schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' summary: Get Public Key tags: - User Svc /user-svc/refresh-token: post: consumes: - application/json description: |- Refreshes an existing token, including inactive ones. The old token becomes inactive (if not already inactive), and a new, active token is issued. This allows continued verification of user roles without requiring a new login. Inactive tokens are refreshable unless explicitly revoked (no mechanism for this yet). Leaked tokens should be handled separately, via a revocation flag or deletion. operationId: refreshToken produces: - application/json responses: "200": description: Refresh Token successful schema: $ref: '#/definitions/user_svc.RefreshTokenResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' summary: Refresh Token tags: - User Svc /user-svc/register: post: consumes: - application/json description: Register a new user with a name, email, and password. operationId: register parameters: - description: Register Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.RegisterRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.RegisterResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' summary: Register tags: - User Svc /user-svc/self: post: consumes: - application/json description: |- Retrieves user information based on the authentication token in the request header. Typically called by single-page applications during the initial page load. While some details (such as roles, slug, user ID, and active organization ID) can be extracted from the JWT, this endpoint returns additional data, including the full user object and associated organizations. ReadSelf intentionally still works after token revocation until the token expires. This is to ensure that the user is not notified of token revocation (though some information is leaked by the count token functionality @todo). operationId: readSelf parameters: - description: Read Self Request in: body name: body schema: $ref: '#/definitions/user_svc.ReadSelfRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.ReadSelfResponse' "400": description: Token Missing schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Read Self tags: - User Svc put: consumes: - application/json description: Save user's own profile information. operationId: saveSelf parameters: - description: Save Profile Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.SaveSelfRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.SaveSelfResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Save User Profile tags: - User Svc /user-svc/self/has/{permission}: post: consumes: - application/json description: |- Checks whether the caller has a specific permission. Optimized for caching — only the caller and the permission are required. To assign a permission to a user or role, use the `Save Permits` endpoint. This endpoint does not return 401 Unauthorized if access is denied. Instead, it always returns 200 OK with `Authorized: false` if the permission is missing. The response will still include the caller’s user information if not authorized. operationId: hasPermission parameters: - description: Permission in: path name: permission required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.HasPermissionResponse' "400": description: Missing Permission schema: $ref: '#/definitions/user_svc.ErrorResponse' "422": description: No Auth Header schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Has Permission tags: - User Svc /user-svc/token/exchange: put: consumes: - application/json description: |- Exchange an existing token for a new token scoped to a different app (namespace). The new token represents the same user but contains roles specific to the target app. The original token remains valid. The minted token is not stored and cannot be refreshed (and will have the same expiration duration as normal tokens), unlike tokens acquired via login. For now, token exchange is designed to be in situ — the User Svc must be contacted at exchange time. This introduces a stateful dependency on the User Svc, but simplifies things until broader use cases emerge. operationId: exchangeToken parameters: - description: ExchangeToken Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.ExchangeTokenRequest' produces: - application/json responses: "200": description: ExchangeToken successful schema: $ref: '#/definitions/user_svc.ExchangeTokenResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "404": description: User Not Found schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' summary: Exchange Token tags: - User Svc - User Svc /user-svc/tokens: delete: consumes: - application/json description: |- Revoke tokens in one of the following scenarios: - For the current user. - For another user (see `userId` field), if permitted (`user-svc:token:revoke` permission, typically by admins). operationId: revokeTokens parameters: - description: Revoke Tokens Request in: body name: body schema: $ref: '#/definitions/user_svc.RevokeTokensRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.RevokeTokensResponse' "400": description: Mutually Exclusive Parameters schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Revoke Tokens tags: - User Svc /user-svc/user: post: consumes: - application/json description: Allows an authenticated administrator to create a new user with specified details. operationId: createUser parameters: - description: Create User Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.CreateUserRequest' produces: - application/json responses: "200": description: User created successfully schema: $ref: '#/definitions/user_svc.CreateUserResponse' "400": description: Invalid User schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Create a New User tags: - User Svc /user-svc/user/{userId}: delete: consumes: - application/json description: Delete a user based on the user ID. operationId: deleteUser parameters: - description: User ID in: path name: userId required: true type: string produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.DeleteUserResponse' "401": description: Unauthorized schema: type: string "500": description: Internal Server Error schema: type: string security: - BearerAuth: [] summary: Delete a User tags: - User Svc put: consumes: - application/json description: |- Save user information based on the provided user ID. Intended for admins. Requires the `user-svc:user:edit` permission. For a user to edit their own profile, see `saveSelf`. operationId: saveUser parameters: - description: User ID in: path name: userId required: true type: string - description: Save Profile Request in: body name: body required: true schema: $ref: '#/definitions/user_svc.SaveUserRequest' produces: - application/json responses: "200": description: OK schema: $ref: '#/definitions/user_svc.SaveUserResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: Save User tags: - User Svc /user-svc/users: post: consumes: - application/json description: |- Fetches a list of users with optional query filters and pagination. Requires the `user-svc:user:view` permission that only admins have by default. operationId: listUsers parameters: - description: List Users Request in: body name: body schema: $ref: '#/definitions/user_svc.ListUsersRequest' produces: - application/json responses: "200": description: List of users retrieved successfully schema: $ref: '#/definitions/user_svc.ListUsersResponse' "400": description: Invalid JSON schema: $ref: '#/definitions/user_svc.ErrorResponse' "401": description: Unauthorized schema: $ref: '#/definitions/user_svc.ErrorResponse' "500": description: Internal Server Error schema: $ref: '#/definitions/user_svc.ErrorResponse' security: - BearerAuth: [] summary: List Users tags: - User Svc securityDefinitions: BearerAuth: description: Type "Bearer" followed by a space and token acquired from the User Svc Login endpoint. in: header name: Authorization type: apiKey swagger: "2.0"