generated: '2026-07-15' method: generated source: openapi/edgegap-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 34 by_action_class: connected: 15 acting: 19 by_consequence: read: 15 write: 13 physical: 3 safety-critical: 3 human_in_the_loop_required: 3 operations: - path: /v1/app method: get operationId: listApplications x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/app method: post operationId: createApplication x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/app/{app_name} method: get operationId: getApplication x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/app/{app_name} method: patch operationId: updateApplication x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/app/{app_name} method: delete operationId: deleteApplication x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/app/{app_name}/versions method: get operationId: listAppVersions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/app/{app_name}/version method: post operationId: createAppVersion x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/app/{app_name}/version/{version_name} method: get operationId: getAppVersion x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/app/{app_name}/version/{version_name} method: patch operationId: updateAppVersion x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/app/{app_name}/version/{version_name} method: delete operationId: deleteAppVersion x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v2/deployments method: post operationId: createDeployment x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/deployments method: get operationId: listDeployments x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/status/{deployment_id} method: get operationId: getDeploymentStatus x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/stop/{deployment_id} method: delete operationId: stopDeployment x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /v1/deployments/bulk-stop method: post operationId: bulkStopDeployments x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /v1/deployment/{deployment_id}/container-logs method: get operationId: getContainerLogs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/deployments/{deployment_id}/tags method: get operationId: listDeploymentTags x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/deployments/{deployment_id}/tags method: post operationId: addDeploymentTag x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/session method: post operationId: createSession x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/session/{session_id} method: get operationId: getSession x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/session/{session_id} method: delete operationId: deleteSession x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/session/{session_id}/users method: get operationId: listSessionUsers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /tickets method: post operationId: createMatchmakingTicket x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /tickets/{ticket_id} method: get operationId: getMatchmakingTicket x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /tickets/{ticket_id} method: delete operationId: deleteMatchmakingTicket x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/relays/sessions method: get operationId: listRelaySessions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/relays/sessions method: post operationId: createRelaySession x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/relays/sessions/{session_id} method: get operationId: getRelaySession x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v1/relays/sessions/{session_id} method: delete operationId: deleteRelaySession x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/relays/sessions:authorize-user method: post operationId: authorizeRelayUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v1/relays/sessions:revoke-user method: post operationId: revokeRelayUser x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /v1/metrics/deployment/{deployment_id} method: get operationId: getDeploymentMetrics x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /v2/private-fleets/deployments method: post operationId: createPrivateFleetDeployment x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /v2/private-fleets/{fleet_name}/hosts method: get operationId: listPrivateFleetHosts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none