Which Routes Support Which Auth
This page is generated from the canonical public auth inventory.
| Route or family | Status | Auth mode | User permission | API-key scope |
|---|---|---|---|---|
GET /api/agents/:id | stable | api_key_or_access_token | ai.use | agents:read |
POST /api/agents/:id/run | stable | access_token_only | ai.use | not supported |
GET /api/agent-runs/:id | stable | api_key_or_access_token | ai.use | runs:read |
POST /api/agent-runs/:id/load-inputs | stable | api_key_or_access_token | ai.use | runs:read |
POST /api/agent-runs/:id/rerun-from-step | stable | access_token_only | ai.use | not supported |
POST /api/setup/verify | stable | api_key_or_access_token | ai.use | runs:read |
GET /api/models | stable | api_key_or_access_token | ai.use | models:read |
GET /api/agents | public beta | api_key_or_access_token | ai.use | agents:read |
POST /api/agents | public beta | api_key_or_access_token | ai.use | agents:write |
PATCH /api/agents/:id | public beta | api_key_or_access_token | ai.use | agents:write |
POST /api/agents/:id/versions | public beta | api_key_or_access_token | ai.use | agents:write |
POST /api/agents/:id/publish | public beta | api_key_or_access_token | ai.use | agents:write |
PUT /api/agent-versions/:id/workflow | public beta | api_key_or_access_token | ai.use | agents:write |
POST /api/agent-versions/:id/workflow/validate | public beta | api_key_or_access_token | ai.use | agents:write |
GET /api/agent-runs/compare | public beta | api_key_or_access_token | ai.use | runs:read |
GET /api/agents/:id/versions/:versionId/diff | public beta | api_key_or_access_token | ai.use | agents:read |
POST /api/agents/:id/versions/:versionId/rollback | public beta | api_key_or_access_token | ai.use | agents:write |
GET /api/skills | public beta | api_key_or_access_token | ai.use | skills:read |
POST /api/skills | public beta | api_key_or_access_token | ai.use | skills:write |
GET /api/skills/:id | public beta | api_key_or_access_token | ai.use | skills:read |
PATCH /api/skills/:id | public beta | api_key_or_access_token | ai.use | skills:write |
POST /api/skills/:id/versions | public beta | api_key_or_access_token | ai.use | skills:write |
POST /api/skills/:id/publish | public beta | api_key_or_access_token | ai.use | skills:write |
POST /api/skills/:id/preview | public beta | api_key_or_access_token | ai.use | skills:read |
GET /api/skills/:id/versions/:versionId/diff | public beta | api_key_or_access_token | ai.use | skills:read |
POST /api/skills/:id/run | public beta | access_token_only | ai.use | not supported |
POST /api/skill-versions/:id/prompts | public beta | api_key_or_access_token | ai.use | skills:write |
POST /api/skill-versions/:id/tools | public beta | api_key_or_access_token | ai.use | skills:write |
GET /api/skill-runs/:id | public beta | api_key_or_access_token | ai.use | runs:read |
GET /api/tools | public beta | api_key_or_access_token | ai.use | tools:read |
POST /api/tools | public beta | api_key_or_access_token | ai.use | tools:write |
GET /api/tools/:id | public beta | api_key_or_access_token | ai.use | tools:read |
PATCH /api/tools/:id | public beta | api_key_or_access_token | ai.use | tools:write |
POST /api/tools/:id/versions | public beta | api_key_or_access_token | ai.use | tools:write |
GET /api/tools/:id/versions/:versionId/diff | public beta | api_key_or_access_token | ai.use | tools:read |
GET /api/skills/:id/evaluation-cases | public beta | api_key_or_access_token | ai.use | evaluations:read |
POST /api/skills/:id/evaluation-cases | public beta | api_key_or_access_token | ai.use | evaluations:write |
POST /api/skills/:id/evaluations/run | public beta | api_key_or_access_token | ai.use | evaluations:write |
GET /api/skills/:id/evaluations/:evaluationRunId | public beta | api_key_or_access_token | ai.use | evaluations:read |
Anything not listed above should be treated as non-public or legacy unless the boundary page says otherwise.