generated: '2026-07-15' method: generated source: openapi/dfns-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 49 by_action_class: acting: 26 connected: 23 by_consequence: write: 25 read: 23 physical: 1 human_in_the_loop_required: 0 operations: - path: /wallets method: post operationId: createWallet x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /wallets method: get operationId: listWallets x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId} method: get operationId: getWallet x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId}/assets method: get operationId: getWalletAssets x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId}/nfts method: get operationId: getWalletNfts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId}/history method: get operationId: getWalletHistory x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId}/transfers method: post operationId: transferAsset x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /wallets/{walletId}/transfers method: get operationId: listTransfers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId}/transfers/{transferId} method: get operationId: getTransfer x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /wallets/{walletId}/transactions method: post operationId: broadcastTransaction x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /wallets/{walletId}/transactions method: get operationId: listTransactions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /keys method: post operationId: createKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /keys method: get operationId: listKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /keys/{keyId} method: get operationId: getKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /keys/{keyId}/delegate method: post operationId: delegateKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /keys/{keyId}/signatures method: post operationId: generateKeySignature x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v2/policies method: post operationId: createPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v2/policies method: get operationId: listPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v2/policies/{policyId} method: get operationId: getPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v2/policies/{policyId} method: put operationId: updatePolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v2/policies/{policyId} method: delete operationId: archivePolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v2/policy-approvals method: get operationId: listApprovals x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v2/policy-approvals/{approvalId} method: get operationId: getApproval x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v2/policy-approvals/{approvalId}/decisions method: post operationId: createApprovalDecision x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /webhooks method: post operationId: createWebhook x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /webhooks method: get operationId: listWebhooks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /webhooks/{webhookId} method: get operationId: getWebhook x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /webhooks/{webhookId} method: put operationId: updateWebhook x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /webhooks/{webhookId} method: delete operationId: deleteWebhook x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /webhooks/{webhookId}/ping method: post operationId: pingWebhook x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /webhooks/{webhookId}/events method: get operationId: listWebhookEvents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /permissions method: post operationId: createPermission x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /permissions method: get operationId: listPermissions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /permissions/{permissionId} method: get operationId: getPermission x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /permissions/{permissionId}/assignments method: post operationId: createPermissionAssignment x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/action/init method: post operationId: createUserActionChallenge x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/action method: post operationId: completeUserAction x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/login method: post operationId: login x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/login/delegated method: post operationId: delegatedLogin x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/users method: get operationId: listUsers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /auth/users method: post operationId: createUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/service-accounts method: post operationId: createServiceAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/service-accounts method: get operationId: listServiceAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /auth/service-accounts/{serviceAccountId} method: get operationId: getServiceAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /auth/service-accounts/{serviceAccountId} method: put operationId: updateServiceAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/service-accounts/{serviceAccountId}/activate method: put operationId: activateServiceAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /auth/service-accounts/{serviceAccountId}/deactivate method: put operationId: deactivateServiceAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /networks/fees method: get operationId: getNetworkFees x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /networks/{network}/call-function method: post operationId: callFunction x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required