generated: '2026-07-15' method: generated source: openapi/cisco-nexus-nxapi-rest.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 18 by_action_class: acting: 9 connected: 9 by_consequence: write: 7 safety-critical: 2 read: 9 human_in_the_loop_required: 2 operations: - path: /aaaLogin.json method: post operationId: authenticateUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /aaaLogout.json method: post operationId: logoutUser x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /mo/sys/intf/phys-[{interfaceId}].json method: get operationId: getPhysicalInterface x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys/intf.json method: post operationId: configurePhysicalInterface x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /class/l1PhysIf.json method: get operationId: listPhysicalInterfaces x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys/bd.json method: post operationId: createVlan x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /mo/sys/bd/bd-[{vlanEncap}].json method: get operationId: getVlan x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys/bd/bd-[{vlanEncap}].json method: delete operationId: deleteVlan x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /class/l2BD.json method: get operationId: listVlans x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys/intf/svi-[{sviId}].json method: get operationId: getSviInterface x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys/intf/svi-[{sviId}].json method: post operationId: configureSviInterface x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /mo/sys/ipv4/inst.json method: post operationId: configureStaticRoute x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /mo/sys/ipv4/inst/dom-{vrfName}/rt-[{prefix}].json method: get operationId: getStaticRoute x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /class/ipv4Route.json method: get operationId: listStaticRoutes x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys/bgp.json method: get operationId: getBgpConfiguration x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys.json method: get operationId: getSystemInfo x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /mo/sys.json method: post operationId: configureSystem x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /mo/sys/fm.json method: post operationId: configureFeatures x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required