API Reference
The Praetor API is built on Hono (a lightweight TypeScript web framework) and follows REST conventions. All endpoints return JSON and use Zod for request/response validation.
API Reference
Table of Contents
- Overview
- Authentication
- Project Management
- Flow Orchestration
- Agent Execution
- Task Management
- Specification Export
- Permissions & Policy API
- Document Templates API
- BPMN Workflows API
- Integrations API
- Gaps Analysis API
- Standards Registry API
- Export API (Enhanced)
- Kit System API
- Error Handling
Overview
The Praetor API is built on Hono (a lightweight TypeScript web framework) and follows REST conventions. All endpoints return JSON and use Zod for request/response validation.
Base URL
Development: http://localhost:4112/api
Production: https://api.praetor.app/apiResponse Format
All responses follow a consistent structure:
interface ApiResponse<T> {
success: boolean;
data: T;
metadata: {
timestamp: string; // ISO 8601
requestId?: string; // For tracing
};
error?: {
code: string;
message: string;
details?: any;
};
}Request Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer <session_token> |
Content-Type | Yes | application/json |
X-Request-ID | No | Client-provided request ID for tracing |
X-Tenant-ID | No | Explicit tenant ID (admin only) |
Authentication
Authentication is handled via Stytch. The API expects a valid session token in the Authorization header.
Session Token Flow
1. User logs in via Stytch (/login page)
2. Stytch returns session JWT
3. Frontend stores in cookie (stytch_session_jwt)
4. API requests include: Authorization: Bearer <jwt>
5. Backend validates token with Stytch SDKE2E Test Mode
For testing, authentication can be bypassed:
# Environment variable
NEXT_PUBLIC_E2E_TEST_MODE=true
# Or header
X-E2E-Test-Mode: trueProject Management
List Projects
GET /api/projectsReturns all projects for the current tenant with progress metrics.
Query Parameters:
| Param | Type | Default | Description |
|---|---|---|---|
status | string | all | Filter by status (active, completed, archived) |
limit | number | 50 | Max results |
offset | number | 0 | Pagination offset |
Response:
{
success: true,
data: {
projects: [
{
id: "uuid",
name: "Project Name",
status: "active",
phase: "DISCOVERY",
progress: {
overall: 0.45,
discovery: 1.0,
featureSelection: 0.8,
planGeneration: 0.2,
planning: 0,
visualDiscovery: 0,
specification: 0
},
createdAt: "2024-01-15T10:30:00Z",
updatedAt: "2024-01-16T14:22:00Z"
}
],
total: 12,
limit: 50,
offset: 0
}
}Create Project
POST /api/projectsCreates a new project. Does NOT auto-start the flow.
Request Body:
{
name: string; // Required
description?: string;
template?: string; // e.g., "e-commerce", "saas", "marketplace"
metadata?: Record<string, any>;
}Response:
{
success: true,
data: {
id: "uuid",
name: "My Project",
status: "active",
phase: "CREATED", // Not DISCOVERY until flow/start called
createdAt: "2024-01-15T10:30:00Z"
}
}Get Project
GET /api/projects/:projectIdReturns detailed project information including all phase data.
Response:
{
success: true,
data: {
id: "uuid",
name: "Project Name",
status: "active",
phase: "PLAN_GENERATION",
// Phase timing
discoveryStartedAt: "2024-01-15T10:30:00Z",
discoveryCompletedAt: "2024-01-15T11:45:00Z",
featureSelectionStartedAt: "2024-01-15T11:45:00Z",
featureSelectionCompletedAt: "2024-01-15T12:00:00Z",
planGenerationStartedAt: "2024-01-15T12:00:00Z",
// Progress metrics
progress: {
overall: 0.55,
byPhase: { ... }
},
// Discovery data
discoveryOutput: { ... },
// Selected features
selectedFeatures: [ ... ],
// Ontology coverage
ontologyCoverage: 0.82
}
}Update Project
PATCH /api/projects/:projectIdUpdates project metadata. Cannot change phase directly (use flow endpoints).
Request Body:
{
name?: string;
description?: string;
metadata?: Record<string, any>;
status?: "active" | "archived";
}Delete Project
DELETE /api/projects/:projectIdDeletes project and all associated data. Uses enhanced deletion with transaction handling.
Response:
{
success: true,
data: {
deletedTables: [
"graph_nodes",
"plan_questions",
"answers",
"tasks",
"feature_selections",
// ... all related tables
],
rowsDeleted: 1247
}
}Flow Orchestration
Start Flow
POST /api/flow/startStarts the discovery flow for a project. This is the critical entry point.
Request Body:
{
projectId: string;
}Response:
{
success: true,
data: {
projectId: "uuid",
phase: "DISCOVERY",
firstQuestion: {
id: "uuid",
text: "What type of application are you building?",
variants: [
{ type: "original", text: "What type of application..." },
{ type: "simplified", text: "What kind of app do you want?" }
],
answerType: "select",
options: [
{ value: "web", label: "Web Application" },
{ value: "mobile", label: "Mobile App" },
{ value: "both", label: "Both Web and Mobile" }
]
},
totalQuestions: 15
}
}Get Next Question
POST /api/flow/get-next-questionRetrieves the next question in the flow.
Request Body:
{
projectId: string;
sessionId?: string; // For session continuity
}Response:
{
success: true,
data: {
question: {
id: "uuid",
text: "Who is your target audience?",
description: "Understanding your users helps us tailor the specification.",
variants: [ ... ],
answerType: "text",
prefill: {
value: "Small business owners",
confidence: 0.72,
source: "persona",
explanation: "Based on your e-commerce focus..."
}
},
progress: {
answered: 5,
total: 15,
percent: 33
},
isLastQuestion: false
}
}Answer Question
POST /api/flow/answer-questionSubmits an answer to a question.
Request Body:
{
projectId: string;
questionId: string;
answer: {
value: string | string[] | boolean | number;
selectedVariant?: string; // Which question variant was shown
confidence?: number; // User confidence in their answer
notes?: string; // Additional context
};
}Response:
{
success: true,
data: {
answerId: "uuid",
processed: true,
// Post-answer effects
effects: {
ontologyUpdates: [
{ type: "user", name: "Small Business Owner", confidence: 0.85 }
],
suggestions: [
"Consider adding inventory management"
],
prefillCascades: [
{ questionId: "uuid", newConfidence: 0.88 }
],
tasksCreated: []
},
// Next question (convenience)
nextQuestion: { ... }
}
}Check Phase Readiness
GET /api/flow/readiness/:projectIdChecks if project is ready for phase transition.
Response:
{
success: true,
data: {
currentPhase: "DISCOVERY",
readinessScore: 0.93,
threshold: 0.95,
isReady: false,
blockers: [
{
type: "unanswered_question",
questionId: "uuid",
message: "1 required question unanswered"
}
],
warnings: [
{
type: "low_confidence_prefill",
count: 3,
message: "3 prefilled answers have low confidence"
}
]
}
}Transition Phase
POST /api/flow/transitionTriggers a phase transition (if ready).
Request Body:
{
projectId: string;
targetPhase: "FEATURE_SELECTION" | "PLAN_GENERATION" | "PLANNING" |
"VISUAL_DISCOVERY" | "SPECIFICATION";
force?: boolean; // Admin only: bypass readiness checks
}Response:
{
success: true,
data: {
previousPhase: "DISCOVERY",
currentPhase: "FEATURE_SELECTION",
transitionedAt: "2024-01-15T12:00:00Z",
// Entry action results
entryActions: {
featureCandidatesGenerated: 24,
patternsMatched: 7,
questionsSupressed: 12
}
}
}Agent Execution
Execute Multi-Agent Spec Generation
POST /api/agents/generate-specTriggers multi-agent specification generation.
Request Body:
{
projectId: string;
options?: {
strategy?: "sequential" | "parallel" | "hierarchical" | "debate";
agents?: string[]; // Specific agents to use
budget?: {
maxTokens?: number;
maxCostUSD?: number;
};
};
}Response:
{
success: true,
data: {
executionId: "uuid",
status: "running",
agents: ["requirements-compiler", "architecture-compiler", ...],
startedAt: "2024-01-15T14:00:00Z",
// Polling URL
statusUrl: "/api/agents/execution/uuid/status"
}
}Get Execution Status
GET /api/agents/execution/:executionId/statusReturns current execution status (for polling).
Response:
{
success: true,
data: {
executionId: "uuid",
status: "running" | "completed" | "failed" | "paused",
progress: {
completedSteps: 4,
totalSteps: 7,
currentStep: "architecture-compilation"
},
budget: {
tokensUsed: 45000,
tokensLimit: 100000,
costIncurred: 2.34,
costLimit: 5.00
},
// If completed
result?: {
spec: SpecV1,
validationPassed: true
},
// If failed
error?: {
code: "budget_exceeded",
message: "Token budget exceeded",
checkpoint: "uuid" // Resume point
}
}
}Agent Coordination
POST /api/agents/coordinateExecute custom agent coordination.
Request Body:
{
projectId: string;
strategy: "sequential" | "parallel" | "hierarchical" | "debate";
agents: [
{ name: "requirements-compiler", role: "worker" },
{ name: "architecture-compiler", role: "worker" },
{ name: "completion-audit", role: "supervisor" }
];
input: { ... };
options?: {
timeout?: number;
checkpointInterval?: number;
};
}Get Agent Memory
GET /api/agents/memoryReturns agent memory statistics for current session.
Query Parameters:
| Param | Type | Description |
|---|---|---|
sessionId | string | Filter by session |
agentName | string | Filter by agent |
Response:
{
success: true,
data: {
sessions: [
{
sessionId: "uuid",
agentName: "conversation-agent",
messageCount: 45,
tokensUsed: 12500,
lastActivity: "2024-01-15T14:22:00Z"
}
],
totals: {
totalSessions: 5,
totalMessages: 234,
totalTokens: 67000
}
}
}Task Management
List Tasks
GET /api/tasksReturns tasks for a project.
Query Parameters:
| Param | Type | Description |
|---|---|---|
projectId | string | Required: Project filter |
status | string | Filter by status |
assigneeType | string | Filter by user/agent |
type | string | Filter by task type |
Response:
{
success: true,
data: {
tasks: [
{
id: "uuid",
type: "REVIEW",
title: "Review prefilled answer",
description: "The system suggested 'PostgreSQL' for database...",
status: "pending",
priority: "medium",
assigneeType: "user",
actions: [
{
id: "uuid",
type: "APPROVE_REJECT",
label: "Accept or Modify",
config: { ... }
}
],
targets: [
{ type: "question", id: "uuid" }
],
createdAt: "2024-01-15T12:00:00Z"
}
],
total: 8
}
}Create Task
POST /api/tasksCreates a new task.
Request Body:
{
projectId: string;
type: "PROVIDE" | "DECIDE" | "REVIEW" | "CONNECT";
title: string;
description: string;
priority?: "low" | "medium" | "high" | "urgent";
assigneeType?: "user" | "agent";
assigneeId?: string;
actions: [
{
type: "FORM_SUBMIT" | "SINGLE_SELECT" | "APPROVE_REJECT" | ...;
label: string;
config: { ... };
}
];
targets?: [
{ type: string; id: string; }
];
dependencies?: string[]; // Task IDs that must complete first
}Submit Task Action
POST /api/tasks/:taskId/actions/:actionIdSubmits an action for a task. Idempotent via idempotency key.
Request Body:
{
data: any; // Action-specific data
idempotencyKey?: string; // Auto-generated if not provided
}Response:
{
success: true,
data: {
submissionId: "uuid",
taskId: "uuid",
actionId: "uuid",
result: { ... },
// Side effects
effects: {
taskCompleted: true,
outputBindings: [
{ field: "project.database", value: "PostgreSQL" }
],
workflowsTriggered: []
}
}
}Get User Tasks
GET /api/user-tasksReturns tasks assigned to the current user across all projects.
Response:
{
success: true,
data: {
tasks: [
{
id: "uuid",
projectId: "uuid",
projectName: "My E-commerce App",
type: "REVIEW",
title: "Review database choice",
status: "pending",
priority: "high",
dueDate: "2024-01-16T17:00:00Z"
}
],
counts: {
pending: 5,
inProgress: 2,
completed: 12
}
}
}Specification Export
Compile Specification
POST /api/specification/compileTriggers specification compilation.
Request Body:
{
projectId: string;
options?: {
format?: "v1" | "v2";
includeTestPlan?: boolean;
includeTaskGraph?: boolean;
includeRunbook?: boolean;
};
}Response:
{
success: true,
data: {
specId: "uuid",
status: "compiling",
estimatedTime: 45, // seconds
statusUrl: "/api/specification/uuid/status"
}
}Get Specification
GET /api/specification/:specIdRetrieves compiled specification.
Response:
{
success: true,
data: {
id: "uuid",
projectId: "uuid",
version: "1.0.0",
compiledAt: "2024-01-15T15:00:00Z",
spec: {
metadata: { ... },
overview: { ... },
entities: [ ... ],
endpoints: [ ... ],
workflows: [ ... ],
requirements: [ ... ],
testCases: [ ... ],
architecture: { ... },
designSystem: { ... }
},
validation: {
passed: true,
warnings: []
}
}
}Export Pack
POST /api/exports/downloadGenerates export pack for external agents.
Request Body:
{
projectId: string;
format: "json" | "markdown" | "mcp";
include: {
spec: boolean;
dod: boolean;
testPlan: boolean;
taskGraph: boolean;
runbook: boolean;
mcpConfig: boolean;
};
}Response:
{
success: true,
data: {
downloadUrl: "https://...",
expiresAt: "2024-01-16T15:00:00Z",
size: 245678, // bytes
contents: [
"spec.json",
"dod.md",
"test-plan.md",
"task-graph.json",
"runbook.md",
"mcp-config.json"
]
}
}Permissions & Policy API
List Roles
GET /api/permissions/rolesReturns all roles for the current tenant.
Response:
{
success: true,
data: {
roles: [
{
id: "uuid",
name: "Project Admin",
description: "Full access to project resources",
capabilities: [
"project:read",
"project:write",
"user:invite",
"task:assign"
],
isSystemRole: false,
createdAt: "2024-01-15T10:30:00Z"
}
]
}
}Create Role
POST /api/permissions/rolesCreates a new role with capabilities.
Request Body:
{
name: string;
description?: string;
capabilities: string[];
}Get Role
GET /api/permissions/roles/:roleIdReturns role details including assigned users.
Update Role
PATCH /api/permissions/roles/:roleIdUpdates role capabilities or metadata.
Delete Role
DELETE /api/permissions/roles/:roleIdDeletes a role (system roles cannot be deleted).
List Policies
GET /api/permissions/policiesReturns ABAC policies for the tenant.
Response:
{
success: true,
data: {
policies: [
{
id: "uuid",
name: "Department Access Policy",
effect: "allow",
actions: ["user:read", "user:write"],
resources: ["user:*"],
conditions: {
"user.department": {"$eq": "engineering"}
},
priority: 10,
enabled: true
}
]
}
}Create Policy
POST /api/permissions/policiesCreates a new ABAC policy.
Request Body:
{
name: string;
description?: string;
effect: "allow" | "deny";
actions: string[];
resources: string[];
conditions?: {
[key: string]: {
$eq?: any;
$ne?: any;
$in?: any[];
$gt?: number;
$lt?: number;
};
};
priority?: number;
}Evaluate Permission
POST /api/permissions/evaluateEvaluates whether a user has permission for an action.
Request Body:
{
userId: string;
action: string; // e.g., "project:delete"
resourceType: string; // e.g., "project"
resourceId?: string;
context?: Record<string, any>;
}Response:
{
success: true,
data: {
allowed: boolean;
matchedPolicies: string[];
evaluationTimeMs: number;
}
}Get Permission Matrix
GET /api/permissions/matrix/:projectIdReturns permission matrix for a project.
Document Templates API
List Templates
GET /api/templatesReturns document templates for a project.
Query Parameters:
| Param | Type | Description |
|---|---|---|
projectId | string | Required: Project filter |
templateType | string | Filter by type (contract, invoice, report) |
status | string | Filter by status (draft, active) |
Upload Template
POST /api/templatesUploads a new document template.
Request Body (multipart/form-data):
{
file: File; // DOCX, PDF, HTML, or Markdown
name: string;
description?: string;
templateType: string; // 'contract', 'invoice', 'report', etc.
projectId: string;
}Response:
{
success: true,
data: {
templateId: "uuid",
variablesExtracted: number,
extractionUrl: "/api/templates/uuid/extract-variables"
}
}Extract Variables
POST /api/templates/:templateId/extract-variablesTriggers automatic variable extraction from template.
Response:
{
success: true,
data: {
variables: [
{
id: "uuid",
name: "customer_name",
type: "text",
description: "Customer full name",
isRequired: true
},
{
id: "uuid",
name: "invoice_date",
type: "date",
description: "Invoice generation date",
isRequired: true
}
]
}
}Get Template Variables
GET /api/templates/:templateId/variablesReturns extracted variables for a template.
Create Variable Mapping
POST /api/templates/:templateId/mappingsMaps template variables to data sources.
Request Body:
{
variableId: string;
sourceType: "entity_field" | "api_response" | "workflow_output" | "constant" | "computed";
sourcePath: string; // JSONPath or dot notation
transformExpression?: string;
}Render Template
POST /api/templates/:templateId/renderRenders template with provided data.
Request Body:
{
outputFormat: "pdf" | "html" | "docx" | "email";
variables: Record<string, any>;
projectId: string;
}Response:
{
success: true,
data: {
renderId: "uuid",
outputUrl: "https://...",
format: "pdf"
}
}BPMN Workflows API
List Workflows
GET /api/workflowsReturns BPMN workflows for a project.
Upload Workflow
POST /api/workflowsUploads a BPMN 2.0 XML file.
Request Body (multipart/form-data):
{
file: File; // BPMN XML file
name: string;
description?: string;
projectId: string;
}Response:
{
success: true,
data: {
workflowId: "uuid",
validationUrl: "/api/workflows/uuid/validate",
normalizedUrl: "/api/workflows/uuid/normalized"
}
}Validate Workflow
POST /api/workflows/:workflowId/validateTriggers workflow validation (structural, semantic, platform).
Response:
{
success: true,
data: {
validationId: "uuid",
levels: {
structural: { passed: true, errors: [], warnings: [] },
semantic: { passed: true, errors: [], warnings: [] },
platform: { passed: false, errors: [
{
code: "MISSING_BINDING",
message: "UserTask 'Review_Contract' has no template binding",
elementId: "UserTask_1",
severity: "error"
}
]}
}
}
}Get Normalized Model
GET /api/workflows/:workflowId/normalizedReturns normalized JSON workflow model.
Response:
{
success: true,
data: {
model: {
nodes: [
{ id: "StartEvent_1", type: "StartEvent", name: "Start", properties: {} },
{ id: "UserTask_1", type: "UserTask", name: "Review Contract", properties: {} }
],
edges: [
{ id: "Flow_1", source: "StartEvent_1", target: "UserTask_1" }
],
metadata: {
totalElements: 15,
userTasks: 5,
serviceTasks: 3
}
}
}
}Get Element Bindings
GET /api/workflows/:workflowId/bindingsReturns element bindings for the workflow.
Update Bindings
POST /api/workflows/:workflowId/bindingsUpdates element bindings to templates, integrations, permissions.
Request Body:
{
bindings: [
{
elementId: "UserTask_1",
elementType: "UserTask",
bindingType: "template",
bindingTargetId: "template-uuid",
config: { ... }
}
]
}Integrations API
Create Integration
POST /api/integrationsCreates a curated or contract-first integration.
Request Body:
{
projectId: string;
integrationType: "curated" | "contract";
provider: string; // 'stripe', 'gmail', 'custom', etc.
// For curated integrations
config?: {
apiKey?: string;
baseUrl?: string;
};
// For contract-first integrations
contractStandardId?: string; // References standards_artifacts
}Import Contract
POST /api/integrations/import-contractImports OpenAPI or AsyncAPI contract.
Request Body (multipart/form-data):
{
file: File; // OpenAPI/AsyncAPI JSON or YAML
projectId: string;
provider: string;
}Response:
{
success: true,
data: {
standardId: "uuid",
integrationId: "uuid",
operations: [
{ operationId: "createUser", method: "POST", path: "/users" }
]
}
}Validate Integration
POST /api/integrations/:integrationId/validateTests integration connectivity and schema compatibility.
Get Schema Mappings
GET /api/integrations/:integrationId/mappingsReturns schema mappings for an integration.
Create Mapping
POST /api/integrations/:integrationId/mappingsCreates schema mapping for an operation.
Request Body:
{
operationId: string;
sourceSchemaId: string;
targetSchemaId: string;
mappingRules: [
{
sourcePath: "user.email",
targetPath: "email",
transform?: "toLowerCase()"
}
];
}Gaps Analysis API
Trigger Gaps Analysis
POST /api/gaps/runTriggers gaps analysis run.
Request Body:
{
projectId: string;
runType: "full" | "incremental";
detectors?: string[]; // Optional: specific detectors to run
}Response:
{
success: true,
data: {
runId: "uuid",
statusUrl: "/api/gaps/results/uuid",
estimatedTimeSeconds: 30
}
}Get Run Results
GET /api/gaps/results/:runIdReturns gaps analysis results.
Response:
{
success: true,
data: {
runId: "uuid",
status: "completed",
findingsCount: 12,
tasksGenerated: 8,
findings: [
{
id: "uuid",
findingType: "permission_gap",
severity: "blocker",
title: "Missing permission policy for workflow execution",
description: "Workflow 'Contract Review' requires execute permission",
resolutionTaskId: "task-uuid"
}
],
exportReadiness: {
status: "blocked",
blockersCount: 3,
warningsCount: 5
}
}
}Update Task Status
PATCH /api/gaps/tasks/:taskIdUpdates task status after gap resolution.
Standards Registry API
List Standards
GET /api/standardsReturns standards artifacts.
Query Parameters:
| Param | Type | Description |
|---|---|---|
kind | string | Filter by kind (json-schema, openapi, asyncapi, c4) |
namespace | string | Filter by namespace (core, domain, project:id) |
status | string | Filter by status (draft, active, deprecated) |
Import Standard
POST /api/standards/importImports a standards artifact.
Request Body:
{
kind: "json-schema" | "openapi" | "asyncapi" | "c4";
namespace: string;
content: object; // The actual schema/spec
name: string;
description?: string;
version?: string;
}Get Standard Detail
GET /api/standards/:artifactIdReturns standard with versions and references.
Export API (Enhanced)
Compile Specification
POST /api/exports/compileTriggers multi-phase export compilation with gating.
Request Body:
{
projectId: string;
options?: {
format?: "v1" | "v2";
includePermissions?: boolean;
includeWorkflows?: boolean;
includeTemplates?: boolean;
includeIntegrations?: boolean;
includeStandards?: boolean;
runGapsAnalysis?: boolean;
};
}Response:
{
success: true,
data: {
exportId: "uuid",
status: "compiling",
phases: [
{ name: "discover", status: "completed" },
{ name: "validate", status: "running" },
{ name: "resolve", status: "pending" },
{ name: "assemble", status: "pending" },
{ name: "gate", status: "pending" },
{ name: "package", status: "pending" }
],
statusUrl: "/api/exports/uuid"
}
}Get Export Status
GET /api/exports/:exportIdReturns enhanced export status with gating results.
Response:
{
success: true,
data: {
exportId: "uuid",
status: "blocked" | "ready" | "completed",
gatingResults: {
blockers: [
{ type: "permission_gap", message: "Missing workflow permissions" }
],
warnings: [
{ type: "template_unmapped", message: "3 template variables unmapped" }
]
},
bundleMetadata: {
artifactCount: 47,
size: 245678,
checksum: "sha256:abc123..."
},
downloadUrl: "/api/exports/uuid/download"
}
}Download Bundle
GET /api/exports/:exportId/downloadDownloads the export bundle.
Response:
{
success: true,
data: {
downloadUrl: "https://...",
expiresAt: "2024-01-16T15:00:00Z",
size: 245678,
contents: [
"manifest.json",
"spec.json",
"permissions/",
"workflows/",
"templates/",
"integrations/",
"standards/",
"README.md"
]
}
}Kit System API
The Kit System enables extensible code generation and platform integration through self-contained packages. Each Kit includes templates, knowledge, validation rules, and discovery questions to generate platform-specific configuration and code.
See also: 16-kit-system.md for complete Kit System documentation
Feature Flag
All Kit endpoints require the kits_enabled feature flag to be enabled for the tenant.
Kit Catalog
GET /:orgId/kits
List available kits with optional filtering.
Query Parameters:
type- Filter by kit type:file,platform,api,hybrid,compositestatus- Filter by status:active,deprecated,draftlimit- Number of kits to return (default: 50)offset- Pagination offset (default: 0)
Response:
{
"success": true,
"data": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"kitId": "hubspot-crm",
"displayName": "HubSpot CRM Integration",
"description": "Generate HubSpot CRM configuration including pipelines, properties, and workflows",
"version": "1.0.0",
"kitType": "platform",
"status": "active",
"platformName": "HubSpot",
"platformCategory": "CRM",
"supportedPhases": ["SPEC", "CHECK", "DISCOVER", "PLAN", "VALIDATE", "APPLY", "VERIFY"],
"outputCount": 3,
"createdAt": "2026-02-23T10:00:00Z"
}
],
"total": 15
}GET /:orgId/kits/:kitId
Get detailed kit information including full manifest.
Response:
{
"success": true,
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"kitId": "hubspot-crm",
"displayName": "HubSpot CRM Integration",
"manifest": {
"metadata": {
"id": "hubspot-crm",
"displayName": "HubSpot CRM Integration",
"version": "1.0.0",
"description": "Generate HubSpot CRM configuration",
"author": "praetor",
"kitType": "platform"
},
"platform": {
"name": "HubSpot",
"category": "CRM"
},
"phases": ["SPEC", "CHECK", "DISCOVER", "PLAN", "VALIDATE", "APPLY", "VERIFY"],
"outputs": [
{
"id": "pipeline-config",
"filename": "hubspot-pipelines.json",
"template": "prompts/pipeline-config.liquid",
"outputType": "json",
"schema": "validation/pipeline.schema.json"
}
],
"discovery": {
"pools": ["discovery/crm-questions.yaml"]
}
}
}
}Kit Execution
POST /:orgId/kits/:kitId/execute
Trigger kit execution for a project. This creates an asynchronous execution tracked via Inngest.
Request Body:
{
"projectId": "proj_abc123",
"businessProfile": {
"company": {
"name": "Acme Corp",
"industry": "Technology"
}
},
"discoveryAnswers": {
"salesPipeline": "Lead → Qualified → Demo → Proposal → Closed",
"customFields": ["deal_size", "competitor", "close_probability"]
},
"options": {
"dryRun": false,
"skipApply": false
}
}Response:
{
"success": true,
"data": {
"executionId": "exec_xyz789",
"status": "pending",
"inngestRunId": "01HFMZ9...",
"createdAt": "2026-02-23T12:00:00Z"
}
}GET /:orgId/kits/executions
List all kit executions for an organization.
Query Parameters:
projectId- Filter by projectkitId- Filter by kitstatus- Filter by status:pending,running,completed,failed,partiallimit- Number of executions (default: 50)offset- Pagination offset (default: 0)
Response:
{
"success": true,
"data": [
{
"id": "exec_xyz789",
"kitId": "hubspot-crm",
"kitVersion": "1.0.0",
"projectId": "proj_abc123",
"status": "completed",
"startedAt": "2026-02-23T12:00:00Z",
"completedAt": "2026-02-23T12:02:30Z",
"executionTimeMs": 150000,
"outputCount": 3,
"outputsValid": 3,
"outputsWarnings": 0,
"outputsFailed": 0,
"tokenUsageTotal": 15000,
"estimatedCostUsd": "0.045"
}
],
"total": 42
}GET /:orgId/kits/executions/:executionId
Get detailed execution status and results.
Response:
{
"success": true,
"data": {
"id": "exec_xyz789",
"kitId": "hubspot-crm",
"status": "completed",
"startedAt": "2026-02-23T12:00:00Z",
"completedAt": "2026-02-23T12:02:30Z",
"executionTimeMs": 150000,
"outputs": [
{
"id": "out_001",
"outputId": "pipeline-config",
"filename": "hubspot-pipelines.json",
"status": "valid",
"contentSizeBytes": 4567,
"validationErrors": 0,
"validationWarnings": 0
}
],
"tokenUsage": {
"prompt": 8000,
"completion": 7000,
"total": 15000
},
"estimatedCostUsd": "0.045",
"bundlePath": "/bundles/exec_xyz789.zip",
"bundleSizeBytes": 12345
}
}GET /:orgId/kits/executions/:executionId/outputs/:outputId
Retrieve the content of a specific output file.
Response:
{
"success": true,
"data": {
"outputId": "pipeline-config",
"filename": "hubspot-pipelines.json",
"contentType": "application/json",
"content": "{ \"pipelines\": [...] }",
"contentSizeBytes": 4567,
"status": "valid",
"createdAt": "2026-02-23T12:02:00Z"
}
}GET /:orgId/kits/executions/:executionId/bundle
Download a ZIP bundle containing all execution outputs.
Response:
{
"success": true,
"data": {
"downloadUrl": "https://storage.../exec_xyz789.zip",
"expiresAt": "2026-02-23T18:00:00Z",
"sizeBytes": 12345,
"contents": [
"hubspot-pipelines.json",
"hubspot-properties.json",
"setup-guide.md",
"manifest.json"
]
}
}Credentials Management
POST /:orgId/kits/credentials
Store encrypted credentials for platform integrations.
Request Body:
{
"projectId": "proj_abc123",
"kitId": "hubspot-crm",
"credentialType": "api_key",
"credentials": {
"apiKey": "hsk_live_abc123...",
"accountId": "12345"
}
}Response:
{
"success": true,
"data": {
"credentialId": "cred_456",
"status": "active",
"createdAt": "2026-02-23T11:00:00Z"
}
}GET /:orgId/kits/credentials
List stored credentials (encrypted data not returned).
Query Parameters:
projectId- Filter by projectkitId- Filter by kit
Response:
{
"success": true,
"data": [
{
"id": "cred_456",
"kitId": "hubspot-crm",
"projectId": "proj_abc123",
"credentialType": "api_key",
"status": "active",
"lastCheckedAt": "2026-02-23T10:00:00Z",
"lastCheckStatus": "succeeded",
"createdAt": "2026-02-23T09:00:00Z"
}
]
}DELETE /:orgId/kits/credentials/:credentialId
Remove stored credentials.
Response:
{
"success": true,
"data": {
"deleted": true
}
}Kit Factory
POST /:orgId/kits/factory/generate
Generate a new Kit package using AI based on requirements.
Request Body:
{
"requirements": {
"platform": "Salesforce",
"category": "CRM",
"capabilities": [
"Lead management",
"Opportunity tracking",
"Custom fields"
],
"integrationStyle": "REST API",
"outputFormats": ["json", "yaml"]
},
"options": {
"includeTests": true,
"includeDocumentation": true
}
}Response:
{
"success": true,
"data": {
"jobId": "factory_abc",
"status": "queued",
"estimatedTimeMinutes": 5
}
}Error Handling
Error Response Format
{
success: false,
error: {
code: "VALIDATION_ERROR",
message: "Request validation failed",
details: {
field: "projectId",
issue: "Invalid UUID format"
}
},
metadata: {
timestamp: "2024-01-15T15:00:00Z",
requestId: "req_abc123"
}
}Error Codes
| Code | HTTP Status | Description |
|---|---|---|
VALIDATION_ERROR | 400 | Request validation failed |
UNAUTHORIZED | 401 | Missing or invalid auth |
FORBIDDEN | 403 | Insufficient permissions |
NOT_FOUND | 404 | Resource not found |
CONFLICT | 409 | Resource conflict (e.g., duplicate) |
RATE_LIMITED | 429 | Too many requests |
BUDGET_EXCEEDED | 402 | Token/cost budget exceeded |
PHASE_INVALID | 400 | Invalid phase transition |
READINESS_FAILED | 400 | Phase readiness check failed |
AGENT_ERROR | 500 | Agent execution error |
PERMISSION_DENIED | 403 | Permission policy evaluation failed |
TEMPLATE_INVALID | 400 | Template validation failed |
WORKFLOW_INVALID | 400 | BPMN workflow validation failed |
INTEGRATION_FAILED | 500 | Integration connectivity failed |
GAPS_BLOCKED | 402 | Export blocked by gaps analysis |
INTERNAL_ERROR | 500 | Unexpected server error |
Rate Limiting
- General endpoints: 100 requests/minute
- Agent endpoints: 10 requests/minute
- Compilation endpoints: 5 requests/minute
Headers returned:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1705330800Phase 2 API Endpoints (February 2026)
Organizations
Create Organization
POST /api/organizationsRequest Body:
{
"name": "Acme Digital Agency",
"slug": "acme-digital",
"displayName": "Acme Digital",
"settings": {
"theme": "dark",
"branding": { "logo": "https://..." }
}
}Response:
{
"success": true,
"data": {
"id": "org-uuid",
"tenantId": "tenant-uuid",
"name": "Acme Digital Agency",
"slug": "acme-digital",
"ownerId": "user-uuid",
"createdAt": "2026-02-21T10:00:00Z"
}
}List Organizations
GET /api/organizationsReturns all organizations where current user is a member.
Get Organization
GET /api/organizations/:idRequires organization membership.
Update Organization
PUT /api/organizations/:idRequires owner or admin role.
Check Slug Availability
GET /api/organizations/slug-check?slug=acme-digitalResponse:
{
"success": true,
"data": { "available": true }
}Organization Members
List Members
GET /api/organizations/:id/membersResponse:
{
"success": true,
"data": [
{
"id": "member-uuid",
"userId": "user-uuid",
"role": "owner",
"joinedAt": "2026-02-21T10:00:00Z",
"user": {
"name": "John Doe",
"email": "john@acme.com"
}
}
]
}Add Member
POST /api/organizations/:id/membersRequest:
{
"userId": "user-uuid",
"role": "admin"
}Requires admin or owner role.
Update Member Role
PUT /api/organizations/:id/members/:userIdRequest:
{
"role": "member"
}Remove Member
DELETE /api/organizations/:id/members/:userIdCustomer Invitations
Create Invitation
POST /api/customer-invitationsRequest:
{
"organizationId": "org-uuid",
"email": "customer@example.com",
"roleId": "role-uuid",
"message": "Welcome! Looking forward to working with you."
}Response:
{
"success": true,
"data": {
"id": "invite-uuid",
"token": "unique-token-uuid",
"email": "customer@example.com",
"status": "pending",
"expiresAt": "2026-02-28T10:00:00Z"
}
}Get Invitation
GET /api/customer-invitations/:tokenPublic endpoint (no auth required).
Response:
{
"success": true,
"data": {
"id": "invite-uuid",
"organization": {
"name": "Acme Digital Agency",
"displayName": "Acme Digital"
},
"invitedBy": {
"name": "John Agency Owner"
},
"message": "Welcome!",
"status": "pending",
"expiresAt": "2026-02-28T10:00:00Z"
}
}Accept Invitation
POST /api/customer-invitations/:token/acceptRequest (new user):
{
"name": "Jane Customer",
"password": "secure-password"
}Request (existing user):
{
"userId": "existing-user-uuid"
}Revoke Invitation
POST /api/customer-invitations/:token/revokeRequires organization admin/owner.
List Invitations
GET /api/customer-invitations?organizationId=org-uuid&status=pendingQuery Parameters:
organizationId(required) — Filter by organizationstatus(optional) — Filter by status (pending, accepted, expired, revoked)
Agency Projects
List Agency Projects
GET /api/agency-projects?organizationId=org-uuidAssign Project
POST /api/agency-projectsRequest:
{
"organizationId": "org-uuid",
"projectId": "project-uuid",
"customerUserId": "customer-user-uuid"
}Unassign Project
DELETE /api/agency-projects/:idDiscovery Chat
Send Message
POST /api/discovery-chatRequest:
{
"sessionId": "session-uuid",
"contextType": "business_profile",
"message": "My target market is small businesses",
"userId": "user-uuid",
"tenantId": "tenant-uuid"
}Response (SSE Stream):
data: {"type":"message","content":"I understand your target market..."}
data: {"type":"obligation","key":"target_market","status":"satisfied","confidence":0.9}
data: {"type":"completeness","score":0.75}
data: {"type":"phase","phase":"validation"}
data: {"type":"research","taskId":"task-uuid","taskType":"market_research","status":"pending"}
data: {"type":"done"}Event Types:
message— Agent response messageobligation— Obligation status updatecompleteness— Session completeness scorephase— Session phase changeresearch— Research task triggereddone— Stream complete
Error Handling
(Updated for Phase 2)
Error Response Format
{
success: false,
error: {
code: "VALIDATION_ERROR",
message: "Request validation failed",
details: {
field: "projectId",
issue: "Invalid UUID format"
}
},
metadata: {
timestamp: "2024-01-15T15:00:00Z",
requestId: "req_abc123"
}
}Error Codes
| Code | HTTP Status | Description |
|---|---|---|
VALIDATION_ERROR | 400 | Request validation failed |
UNAUTHORIZED | 401 | Missing or invalid auth |
FORBIDDEN | 403 | Insufficient permissions |
NOT_FOUND | 404 | Resource not found |
CONFLICT | 409 | Resource conflict (e.g., duplicate) |
RATE_LIMITED | 429 | Too many requests |
BUDGET_EXCEEDED | 402 | Token/cost budget exceeded |
PHASE_INVALID | 400 | Invalid phase transition |
READINESS_FAILED | 400 | Phase readiness check failed |
AGENT_ERROR | 500 | Agent execution error |
PERMISSION_DENIED | 403 | Permission policy evaluation failed |
TEMPLATE_INVALID | 400 | Template validation failed |
WORKFLOW_INVALID | 400 | BPMN workflow validation failed |
INTEGRATION_FAILED | 500 | Integration connectivity failed |
GAPS_BLOCKED | 402 | Export blocked by gaps analysis |
ORG_NOT_MEMBER | 403 | Not a member of organization |
INVITE_EXPIRED | 400 | Customer invitation expired |
SLUG_TAKEN | 409 | Organization slug already exists |
SESSION_INCOMPLETE | 400 | Discovery session not complete |
OBLIGATION_UNRESOLVED | 400 | Required obligations not satisfied |
INTERNAL_ERROR | 500 | Unexpected server error |
Rate Limiting
- General endpoints: 100 requests/minute
- Agent endpoints: 10 requests/minute
- Compilation endpoints: 5 requests/minute
- Discovery chat: 30 requests/minute
Headers returned:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1705330800See also: 11-database-schema.md for data structures, 13-multi-tenant-organizations.md for organization architecture, 14-discovery-engine.md for discovery system, 15-realtime-infrastructure.md for realtime events
Last Updated: February 2026