generated: '2026-07-15' method: generated source: openapi/consul-connect-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 9 by_action_class: connected: 6 acting: 3 by_consequence: read: 6 write: 3 human_in_the_loop_required: 0 operations: - path: /connect/intentions method: get operationId: listIntentions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/intentions/exact method: get operationId: readIntentionByExact x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/intentions/exact method: put operationId: upsertIntentionByExact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /connect/intentions/exact method: delete operationId: deleteIntentionByExact x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /connect/intentions/check method: get operationId: checkIntention x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/intentions/match method: get operationId: matchIntentions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/ca/roots method: get operationId: listCaRoots x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/ca/configuration method: get operationId: getCaConfiguration x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/ca/configuration method: put operationId: updateCaConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required