generated: '2026-07-15' method: generated source: openapi/consul-http-api.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 58 by_action_class: connected: 33 acting: 25 by_consequence: read: 33 write: 25 human_in_the_loop_required: 0 operations: - path: /agent/self method: get operationId: getAgentSelf x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /agent/members method: get operationId: listAgentMembers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /agent/services method: get operationId: listAgentServices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /agent/service/{serviceID} method: get operationId: getAgentService x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /agent/service/register method: put operationId: registerAgentService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /agent/service/deregister/{serviceID} method: put operationId: deregisterAgentService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /agent/checks method: get operationId: listAgentChecks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /agent/check/register method: put operationId: registerAgentCheck x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /agent/check/deregister/{checkID} method: put operationId: deregisterAgentCheck x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /agent/join/{address} method: put operationId: agentJoin x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /agent/leave method: put operationId: agentLeave x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /agent/maintenance method: put operationId: agentMaintenance x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /catalog/register method: put operationId: catalogRegister x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /catalog/deregister method: put operationId: catalogDeregister x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /catalog/datacenters method: get operationId: listDatacenters x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /catalog/nodes method: get operationId: listCatalogNodes x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /catalog/services method: get operationId: listCatalogServices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /catalog/service/{serviceName} method: get operationId: getCatalogService x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /catalog/node/{node} method: get operationId: getCatalogNode x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /health/node/{node} method: get operationId: getHealthNode x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /health/checks/{serviceName} method: get operationId: getHealthChecks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /health/service/{serviceName} method: get operationId: getHealthService x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /health/state/{state} method: get operationId: getHealthState x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /kv/{key} method: get operationId: getKVKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /kv/{key} method: put operationId: putKVKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /kv/{key} method: delete operationId: deleteKVKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /acl/token method: put operationId: createACLToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /acl/token/{accessorID} method: get operationId: getACLToken x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /acl/token/{accessorID} method: put operationId: updateACLToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /acl/token/{accessorID} method: delete operationId: deleteACLToken x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /acl/tokens method: get operationId: listACLTokens x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /acl/policy method: put operationId: createACLPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /acl/policies method: get operationId: listACLPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /acl/policy/{policyID} method: get operationId: getACLPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /acl/policy/{policyID} method: put operationId: updateACLPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /acl/policy/{policyID} method: delete operationId: deleteACLPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /connect/ca/roots method: get operationId: getConnectCARoots x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/ca/configuration method: get operationId: getConnectCAConfig x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /connect/ca/configuration method: put operationId: updateConnectCAConfig x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /connect/intentions method: get operationId: listConnectIntentions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /config/{kind} method: get operationId: listConfigEntries x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /config method: put operationId: applyConfigEntry x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /config/{kind}/{name} method: get operationId: getConfigEntry x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /config/{kind}/{name} method: delete operationId: deleteConfigEntry x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /event/fire/{name} method: put operationId: fireEvent x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /event/list method: get operationId: listEvents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /session/create method: put operationId: createSession x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /session/destroy/{sessionID} method: put operationId: destroySession x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /session/info/{sessionID} method: get operationId: getSession x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /session/list method: get operationId: listSessions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /coordinate/datacenters method: get operationId: getCoordinateDatacenters x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /coordinate/nodes method: get operationId: getCoordinateNodes x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /status/leader method: get operationId: getStatusLeader x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /status/peers method: get operationId: getStatusPeers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /operator/raft/configuration method: get operationId: getRaftConfiguration x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /txn method: put operationId: executeTxn x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /snapshot method: get operationId: getSnapshot x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /snapshot method: put operationId: restoreSnapshot x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required