generated: '2026-07-15' method: generated source: openapi/cisco-secure-client-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 15 by_action_class: acting: 9 connected: 6 by_consequence: write: 9 read: 6 human_in_the_loop_required: 0 operations: - path: /api/fmc_platform/v1/auth/generatetoken method: post operationId: generateToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_platform/v1/auth/refreshtoken method: post operationId: refreshToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/devices/devicerecords method: get operationId: listDeviceRecords x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/fmc_config/v1/domain/{domainUUID}/devices/devicerecords method: post operationId: createDeviceRecord x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/devices/devicerecords/{objectId} method: get operationId: getDeviceRecord x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/fmc_config/v1/domain/{domainUUID}/devices/devicerecords/{objectId} method: put operationId: updateDeviceRecord x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/devices/devicerecords/{objectId} method: delete operationId: deleteDeviceRecord x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/policy/accesspolicies method: get operationId: listAccessPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/fmc_config/v1/domain/{domainUUID}/policy/accesspolicies method: post operationId: createAccessPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/policy/accesspolicies/{containerUUID}/accessrules method: get operationId: listAccessRules x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/fmc_config/v1/domain/{domainUUID}/policy/accesspolicies/{containerUUID}/accessrules method: post operationId: createAccessRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/object/networks method: get operationId: listNetworkObjects x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/fmc_config/v1/domain/{domainUUID}/object/networks method: post operationId: createNetworkObject x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/fmc_config/v1/domain/{domainUUID}/object/hosts method: get operationId: listHosts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/fmc_config/v1/domain/{domainUUID}/object/hosts method: post operationId: createHost x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required