Skip to main content
All REST API endpoints are served on the health server (default port 4102) under the /api prefix. Responses are JSON with Content-Type: application/json. CORS headers are applied at the server level. Base URL: http://<host>:4102/api
When the AGTOS_API_KEY environment variable is set, all /api/* endpoints require a Bearer token. See Authentication below.

Health

Comprehensive health status from all registered service checkers (Redis, STT, TTS, Ollama, Claude, MCP).

Response

200 OK — All services healthy.
503 Service Unavailable — One or more services degraded.
Aggregated metrics summary from the internal metrics collector (request counts, error rates, latency percentiles).

Response

200 OK
Health status for a single registered service. Returns the same shape as the corresponding entry in GET /api/health, but for one service only.

Path Parameters

serviceName
string
required
Service name (e.g., redis, ollama, stt-sherpa-onnx, tts-sherpa-onnx, mcp-server, memory-maintenance, memory-semantic, nli-pipeline, provider-claude, provider-openai, provider-ollama, provider-openrouter).

Response

200 OK — Service is healthy.
503 Service Unavailable — Service is degraded.
404 Not Found — No such service registered.
Prometheus-format metrics endpoint for integration with Prometheus, Grafana, and other monitoring tools. Returns all collected metrics in the standard text exposition format.

Response

200 OK (text/plain; version=0.0.4)
The /metrics endpoint is served at the root path (not under /api). It does not require authentication even when AGTOS_API_KEY is set.

Sessions

List active voice sessions with connection metadata.

Response

200 OK
503 Service Unavailable — Voice pipeline not initialized.

Voice Status

Voice pipeline availability and active session count. Always returns 200, even when the pipeline is unavailable, so the dashboard can degrade gracefully.

Response

200 OK — Pipeline available.
200 OK — Pipeline not wired up.

Memory

Retrieve recent episodic memory entries.

Query Parameters

limit
number
default:"20"
Max results to return (1—100).

Response

200 OK
503 Service Unavailable — Memory system not available.
Semantic and keyword memory search across episodic memory.

Query Parameters

q
string
required
Search query text.
limit
number
default:"10"
Max results to return (1—50).

Response

200 OK
400 Bad Request — Missing query parameter.
503 Service Unavailable — Memory system not available.

Scheduler

List all scheduled tasks.

Response

200 OK
503 Service Unavailable — Scheduler not available (Redis down or not configured).
Create a new scheduled task.

Request Body

name
string
required
Human-readable task name.
scheduleType
string
required
One of: cron, once, interval.
expression
string
Cron expression. Required when scheduleType is cron.
atTimestamp
number
Unix ms timestamp. Required when scheduleType is once.
intervalMs
number
Interval in milliseconds. Required when scheduleType is interval.
eventTopic
string
required
Event bus topic published when the task fires.
payload
object
Optional payload included in the fired event.

Schedule Type Examples

Response

201 Created
400 Bad Request — Validation errors.
503 Service Unavailable — Scheduler not available.
Cancel a scheduled task by ID.

Path Parameters

id
string
required
The task ID to cancel.

Response

200 OK
400 Bad Request — Invalid ID format.
404 Not Found — Task does not exist.
503 Service Unavailable — Scheduler not available.

Workflows

List all registered workflow definitions.

Response

200 OK
503 Service Unavailable — Workflow engine not available.
Trigger execution of a registered workflow.

Path Parameters

id
string
required
The workflow ID to execute.

Request Body (optional)

input
object
Optional input payload for the workflow.

Response

200 OK
400 Bad Request — Invalid workflow ID or execution failure.
404 Not Found — Workflow not registered.
503 Service Unavailable — Workflow engine not available.

System Info

System information including uptime, runtime versions, memory usage, and port configuration.

Response

200 OK

Chat

Text-based chat endpoint. Routes user text through the agent reasoning loop (model router with tool execution) and returns the response.

Request Body

text
string
required
The user’s message text (must be non-empty).
sessionId
string
Session ID for conversation continuity. Omit for stateless.

Response

200 OK
400 Bad Request — Missing or empty text.
500 Internal Server Error — Chat processing failed.
503 Service Unavailable — Voice pipeline not available.

Chat Streaming

SSE streaming chat endpoint. Returns a text/event-stream response with real-time content tokens, thinking/reasoning blocks, tool call events, and a final metadata event. Used by the dashboard Chat page.

Request Body

text
string
required
The user’s message (must be non-empty, max 10,000 characters).
sessionId
string
Session ID for conversation continuity.
platform
string
Client platform identifier (defaults to web).
files
array
Images to include. Each entry: { content: string, mimeType: string, encoding: "base64" }.

SSE Events

The response is a stream of data: lines, each containing a JSON object with a type field:
400 Bad Request — Missing or empty text.429 Too Many Requests — Rate limit exceeded.500 Internal Server Error — Chat processing failed.
Use fetch() with ReadableStream to consume this endpoint — native EventSource does not support POST requests. The thinking event type carries provider-agnostic reasoning output (Claude thinking, OpenAI reasoning, Ollama think tags, OpenRouter reasoning).

Conversation History

Retrieve conversation messages for a session. Returns an empty array when the session has expired or doesn’t exist.

Path Parameters

sessionId
string
required
The session ID to retrieve history for.

Response

200 OK
200 OK — Session expired or not found.

Tasks

Submit a background agent task. Accepts a topic string, routes it through the agent reasoning loop, and returns the result with a generated task ID.

Request Body

topic
string
required
The task topic/prompt (must be non-empty).

Response

200 OK
400 Bad Request — Missing or empty topic.
500 Internal Server Error — Task processing failed.
503 Service Unavailable — Voice pipeline not available.

Voice Stats

Audio quality metrics including STT/TTS latency percentiles, audio chunk counts, and active session count. Returns zeroed stats when no data has been collected yet.

Response

200 OK

Memory Profile

Retrieve the user profile built from conversation history (name, communication style, patterns, preferences).

Response

200 OK
503 Service Unavailable — Memory coordinator not available.
Update user profile fields.

Request Body

Response

200 OK
400 Bad Request — Validation failure.503 Service Unavailable — Memory coordinator not available.

Memory Conclusions

Retrieve conclusions drawn from conversation history by the Dialectic reasoning engine.

Query Parameters

type
string
Filter by conclusion type: explicit, inferred, corrected.
minConfidence
number
Minimum confidence threshold (0.0—1.0).

Response

200 OK
503 Service Unavailable — Memory coordinator not available.
Delete a specific conclusion by ID.

Path Parameters

id
string
required
The conclusion ID to delete.

Response

200 OK
503 Service Unavailable — Memory coordinator not available.

Memory Ask (Dialectic)

Ask a question about the user via the Dialectic reasoning engine. Gathers profile, conclusions, and episodes to synthesize an answer.

Request Body

question
string
required
The question to ask about the user (max 2,000 characters).
userId
string
Optional user ID scope.

Response

200 OK
400 Bad Request — Missing or invalid question.503 Service Unavailable — Memory coordinator not available.

Memory Maintenance

Trigger an on-demand memory maintenance sweep (memory lint). Runs the Dreamer’s six-step sweep (stale detection, confidence decay, redundancy merge, orphan flagging, contradiction detection, low-confidence pruning) and returns a MaintenanceReport. Gated by ResourceGuard — busy systems defer the run. See ADR-021.

Request Body

The body is validated with .strict() — unknown fields are rejected. The userId is resolved server-side from the profile manager and must not be passed in the request body (per ADR-025 Rule 3).

Response

200 OK — Sweep completed. Returns the full MaintenanceReport.
400 Bad Request — Validation failed (e.g., unknown fields in the body).503 Service Unavailable — errorCode: PROFILE_DISCONNECTED — Memory profile manager is not connected (Redis down, manager disconnected). Persistent — operator action required.
503 Service Unavailable — errorCode: RESOURCES_BUSY — ResourceGuard deferred this run (active sessions, high CPU load, Ollama VRAM contention). Transient — retry later. The reason field carries the guard’s diagnosis.
500 Internal Server ErrorDreamer.maintain() threw (genuine internal error, not a defer).
The CLI (agtos memory maintain) reads errorCode to decide between exit code 2 (transient, retry later) and exit code 3 (operator action required).
List recent MaintenanceReport entries. Backs the dashboard’s maintenance history widget. Reports are stored with a 30-day TTL under a sorted-set index capped at 200 entries.

Query Parameters

Response

200 OK
500 Internal Server Error — Failed to list maintenance reports.503 Service Unavailable — Memory coordinator or profile manager not connected.
Fetch a single MaintenanceReport by its timestamp (Unix milliseconds).

Path Parameters

timestamp
number
required
Unix milliseconds timestamp of the report to fetch.

Response

200 OK — Returns the full MaintenanceReport (same shape as POST /api/memory/maintain).400 Bad Request — Invalid timestamp.404 Not Found — Report not found or expired (past the 30-day TTL).503 Service Unavailable — Memory coordinator or profile manager not connected.

Memory Import

Scan for available external AI tool memory sources (Claude, ChatGPT, etc.) that can be imported into agtOS.

Response

200 OK
503 Service Unavailable — Memory coordinator not available.
Import memories from external AI tool sources into the agtOS memory system.

Request Body

sources
string[]
Optional list of source names to import from. If omitted, imports from all available sources.

Response

200 OK
503 Service Unavailable — Memory coordinator not available.

Entities

List or search entities from the entity-centric memory system.

Query Parameters

q
string
Search entities by name (partial match).
type
string
Filter by entity type: person, place, organization, event, thing.
limit
number
default:"20"
Max results (1—100).

Response

200 OK
503 Service Unavailable — Entity manager not available (Redis down).
Entity counts grouped by type.

Response

200 OK
Get a single entity by ID with full details.

Path Parameters

id
string
required
The entity ID.

Response

200 OK
404 Not Found — Entity does not exist.
Update an entity’s name, aliases, or confidence.

Path Parameters

id
string
required
The entity ID.

Request Body

name
string
Updated entity name.
aliases
string[]
Updated alias list.
confidence
number
Updated confidence score (0.0—1.0).

Response

200 OK — Returns the updated entity.404 Not Found — Entity does not exist.
Soft-delete an entity.

Path Parameters

id
string
required
The entity ID.

Response

200 OK
404 Not Found — Entity does not exist.
Merge a duplicate entity into this entity. The target entity’s episodes, conclusions, and relationships are transferred to the primary entity.

Path Parameters

id
string
required
The primary entity ID (merge target).

Request Body

targetId
string
required
The duplicate entity ID to merge into the primary.

Response

200 OK — Returns the merged primary entity.404 Not Found — Entity does not exist.
Episodes that mention this entity.

Path Parameters

id
string
required
The entity ID.

Query Parameters

limit
number
default:"20"
Max results (1—100).

Response

200 OK
Conclusions that reference this entity.

Path Parameters

id
string
required
The entity ID.

Response

200 OK
Relationships involving this entity (as subject or object).

Path Parameters

id
string
required
The entity ID.

Response

200 OK

Devices

Register a new device (ESP32, browser, CLI, MCP client, or custom).

Request Body

name
string
required
Device display name (max 200 chars).
deviceType
string
required
One of: esp32, browser, cli, mcp-client, custom.
platform
string
required
Platform identifier (max 100 chars).
capabilities
object
required
Device capability flags: audio, microphone, speaker, display, buttons, sensors (all boolean).
secret
string
Optional shared secret for device authentication (8—256 chars). Hashed with SHA-256.
firmwareVersion
string
Firmware version string (max 50 chars).
metadata
object
Arbitrary key-value metadata.

Response

201 Created
409 Conflict — Device already registered.503 Service Unavailable — Device registry not available (Redis down).
List registered devices with optional filters.

Query Parameters

status
string
Filter by status: pending, active, suspended, revoked.
deviceType
string
Filter by device type: esp32, browser, cli, mcp-client, custom.
limit
number
Max results.
offset
number
Pagination offset.

Response

200 OK
503 Service Unavailable — Device registry not available.
Get a single device by ID.

Path Parameters

id
string
required
The device ID.

Response

200 OK
404 Not Found — Device does not exist.503 Service Unavailable — Device registry not available.
Update a device’s properties.

Path Parameters

id
string
required
The device ID.

Request Body

All fields are optional. Only provided fields are updated.
name
string
Updated device name.
status
string
New status: pending, active, suspended, revoked.
capabilities
object
Updated capability flags.
secret
string
New shared secret (8—256 chars).
firmwareVersion
string
Updated firmware version.

Response

200 OK — Returns the updated device.404 Not Found — Device does not exist.503 Service Unavailable — Device registry not available.
Remove a device from the registry.

Path Parameters

id
string
required
The device ID to remove.

Response

200 OK
404 Not Found — Device does not exist.503 Service Unavailable — Device registry not available.
Authenticate a device by verifying its shared secret.

Path Parameters

id
string
required
The device ID.

Request Body

secret
string
required
The device’s shared secret.

Response

200 OK
401 Unauthorized — Invalid secret.
503 Service Unavailable — Device registry not available.
Link a device to a user account for personalized preferences.

Path Parameters

id
string
required
The device ID.

Request Body

userId
string
required
The user ID to link (max 200 chars).

Response

200 OK
503 Service Unavailable — User preferences not available.

User Preferences

Get user preferences (TTS voice, language, wake word, privacy settings).

Path Parameters

userId
string
required
The user ID.

Response

200 OK
503 Service Unavailable — User preferences not available (Redis down).
Update user preferences.

Path Parameters

userId
string
required
The user ID.

Request Body

All fields are optional.
ttsVoice
string
Preferred TTS voice (max 100 chars).
ttsSpeed
number
Speech speed (0.5—2.0).
language
string
Preferred language code (max 10 chars).
wakeWord
string
Custom wake word (max 50 chars).
privacySettings
object
Privacy flags: storeTranscripts (boolean), storeAudio (boolean).

Response

200 OK — Returns the updated preferences.400 Bad Request — Validation failure.503 Service Unavailable — User preferences not available.

Setup Token

Retrieve the onboarding setup token. This token is generated at server startup and has a 30-minute TTL. It is used by the onboarding wizard to authenticate credential storage requests without requiring an API key.
This endpoint is localhost-only — requests from non-loopback addresses return 403 Forbidden.

Response

200 OK
403 Forbidden — Request not from localhost.
404 Not Found — No setup token available (server started with AGTOS_API_KEY set, or token has expired).
The setup token is only generated when AGTOS_API_KEY is not set (onboarding mode). Once the user configures an API key, the setup token is no longer needed.
Auto-configure the slot registry from a mode preset. Used by the setup wizard to configure slots based on the user’s chosen mode and available providers.

Request Body

mode
string
required
Configuration mode: cloud, local, or hybrid.
cloudProvider
string
Cloud provider for cloud/hybrid modes: claude, openai, or openrouter.
ollamaModel
string
Ollama model for local/hybrid modes.
fallbackStrategy
string
Fallback strategy: cloud-backup, ollama-local, or none.

Response

200 OK
400 Bad Request — Invalid mode or missing required fields.
Reset the slot configuration to built-in defaults. Removes all custom slots and restores the default provider/model assignments.

Response

200 OK

Credentials

Store encrypted credentials for a provider. Credentials are encrypted with AES-256-GCM before storage. Must provide either apiKey or setupToken.
This endpoint is localhost-only — requests from non-loopback addresses return 403 Forbidden. It is designed for the setup wizard and Settings UI running on the same machine.

Request Body

provider
string
required
Provider identifier: provider-anthropic, provider-openai, or provider-openrouter.
apiKey
string
API key (e.g., sk-ant-api03-... for Anthropic, sk-... for OpenAI, sk-or-v1-... for OpenRouter). Max 256 chars.

Response

200 OK
400 Bad Request — Validation failure.403 Forbidden — Request not from localhost.
503 Service Unavailable — Credential manager not available.
Validate credentials against the actual provider API without storing them. Useful for the setup wizard and Settings UI. Supports all four providers.

Request Body

provider
string
required
Provider to validate: provider-anthropic, provider-openai, provider-ollama, or provider-openrouter.
apiKey
string
API key to validate. Max 256 chars.

Response

200 OK
400 Bad Request — Missing or invalid fields.
Delete stored credentials for a specific provider.
This endpoint is localhost-only and requires either a valid API key or setup token.

Path Parameters

providerId
string
required
The provider scope to delete (e.g., provider-anthropic, provider-openai, provider-openrouter). Must start with provider-.

Response

200 OK
403 Forbidden — Request not from localhost.404 Not Found — No credentials stored for this provider.
Delete all stored credentials.
This endpoint is localhost-only and requires either a valid API key or setup token. This action is irreversible.

Response

200 OK
403 Forbidden — Request not from localhost.

Dependencies

Check all optional system dependencies (Node.js, Docker, Ollama, Redis, sherpa-onnx models).

Response

200 OK
Install and start Redis via Docker. Creates a redis/redis-stack:latest container with port 6379 exposed and unless-stopped restart policy.

Response

200 OK — Redis installed, started, or already running.
Possible status values: installed (new container created), started (existing container started), already_running (no action needed).400 Bad Request — Docker is not running.
500 Internal Server Error — Installation failed.

Config (Legacy)

List the configuration keys that can be updated at runtime via the legacy config endpoint.

Response

200 OK
Update a single runtime config value. The value is applied immediately to the environment variable and persisted to the config file.

Request Body

key
string
required
Config key name (must be in the writable whitelist).
value
string | number | boolean
required
New value for the key.

Response

200 OK
403 Forbidden — Key is not writable.

Settings

Retrieve all writable config keys with current values, descriptions, reload types, and categories. Used by the Settings UI for dynamic form generation.

Response

200 OK
Update multiple configuration values at once. All values are validated with Zod schemas, applied to environment variables, persisted to the config file, and announced via config:changed event.

Request Body

Pass a flat object with config keys and their new values:
See Configuration > Environment Variables for the full list of writable keys.

Response

200 OK
400 Bad Request — Validation failure with field-level details.
Return the Zod schema as a JSON description for dynamic form generation in the Settings UI. Includes type, description, reload behavior, category, and constraints for each key.

Response

200 OK

Slots

Get the live Model Slot Registry with current configuration, runtime stats, and slot names.

Response

200 OK
Update the Model Slot Registry configuration. Each slot maps a named capability (e.g., chat, reasoning) to a provider and model. The chat slot is required and cannot be removed.Before writing, the server validates each slot’s model against the ProviderCatalog:
  • Unknown models (not in any catalog): warning returned, write allowed — the model may be private or unlisted.
  • Future-deprecated models: warning returned, write allowed.
  • Past-deprecated models: write blocked with HTTP 400.
  • Catalog fetch failure: warning returned, write allowed — transient upstream issue.

Request Body

Response

200 OK
The warnings array is only present when at least one warning was generated.400 Bad Request — Deprecated model(s) detected.

Provider Catalog

Aggregate model catalog from all configured providers. Returns models with capabilities, pricing, context length, and deprecation status.

Query Parameters

refresh
string
Set to 1 to bypass the 1-hour cache TTL and force a network fetch.
capability
string
Comma-separated list of required capabilities (AND semantics). E.g., tool-use,vision.

Response

200 OK
Credit balance and usage snapshot for a single provider. Not all providers support account info.

Path Parameters

providerId
string
required
Provider identifier: claude, openai, openrouter, ollama.

Response

200 OK
404 Not Found — Provider not configured or does not support account info.

Models

List all models from the model registry with download status.

Response

200 OK
Start downloading a model. Returns an SSE stream with progress events.

Request Body

modelId
string
required
The model ID to download.

Response

200 OK (text/event-stream)
400 Bad Request — Unknown model ID.
Check download status of a single model.

Path Parameters

modelId
string
required
The model ID.

Response

200 OK
404 Not Found — Unknown model ID.
Delete a downloaded model.

Path Parameters

modelId
string
required
The model ID to delete.

Response

200 OK
404 Not Found — Model not found or not downloaded.
Remove all downloaded models.

Response

200 OK

Ollama

Check Ollama installation and running status.

Response

200 OK
200 OK — Ollama not installed.
List models installed in Ollama.

Response

200 OK
503 Service Unavailable — Ollama not reachable.
Pull (download) a model from Ollama. Returns an SSE stream with progress events.

Request Body

model
string
required
The model name to pull (e.g., qwen3:7b, llama3.1:8b).

Response

200 OK (text/event-stream)
503 Service Unavailable — Ollama not reachable.
Attempt to start the Ollama service.

Response

200 OK
500 Internal Server Error — Failed to start Ollama.

Billing

Aggregate billing status across all cloud providers. Shows exhaustion state, balance, and active fallback strategy.

Response

200 OK
Reset billing exhaustion state for a provider. Use after adding credits to retry the provider.

Path Parameters

providerId
string
required
The provider to retry (e.g., openai, claude, openrouter).

Response

200 OK — Exhaustion state cleared, affected slots re-marked healthy.404 Not Found — Provider not configured.

Capture Protocol (PACT)

Start a new multimodal capture stream. Validates consent before beginning capture.

Request Body

deviceId
string
required
The device ID initiating capture.
modalities
string[]
required
Capture modalities: audio, video, neural.
captureMode
string
Capture mode: active-participant (default), passive-observation, or ambient.

Response

201 Created
400 Bad Request — Missing consent or invalid modality.503 Service Unavailable — Capture protocol not available.
Stop an active capture stream.

Request Body

streamId
string
required
The stream ID to stop.

Response

200 OK404 Not Found — Stream not found or already stopped.
List active capture streams for the current user.

Response

200 OK

System (Extended)

Redis connection status and diagnostics.

Response

200 OK
Force Redis reconnection and hot-create Redis-dependent services (memory, scheduling, devices) without a server restart. Requires API key when AGTOS_API_KEY is set.

Response

200 OK
503 Service Unavailable — Redis connection failed.
Hardware and software capability detection for the current host.

Response

200 OK
Reset the onboarding state so the setup wizard runs again on next app load.

Response

200 OK

Common Error Responses

All endpoints may return the following error shapes:

400 Bad Request

Returned when the request is malformed or missing required fields. The error field contains a human-readable description.

404 Not Found

Returned when a requested resource (task, workflow) does not exist.

500 Internal Server Error

Returned when an unexpected exception occurs during request processing.

503 Service Unavailable

Returned when a required dependency (Redis, voice pipeline, memory system, scheduler, workflow engine) is not initialized or has failed.

Notes

Body size limit: Request bodies are capped at 1 MB. Requests exceeding this limit receive no response (connection closed).
  • ID validation: Path parameter IDs (task IDs, workflow IDs) must match ^[a-zA-Z0-9\-_]+$ and be 1—128 characters. Invalid IDs return 400.
  • CORS: Configurable via CORS_ORIGIN environment variable (default: http://localhost:5173). Tauri desktop origins are auto-added. Preflight OPTIONS requests return 204.
  • Metrics: All API requests are tracked in the internal metrics system. Latency is recorded per route.
  • Authentication: See Authentication below for opt-in API key auth.
  • Rate Limiting: See Rate Limiting below for per-endpoint limits.

Authentication

API key authentication is opt-in. When the AGTOS_API_KEY environment variable is set, all /api/* endpoints require a valid Bearer token.

Headers

Response (401 Unauthorized)

Exempt Paths

These paths do not require authentication:
  • GET /health (and sub-paths like /health/metrics, /health/:serviceName)
  • GET /metrics (Prometheus endpoint)
  • POST /api/credentials/validate (read-only key validation)
  • GET /api/setup-token (localhost-only, onboarding token retrieval)
POST /api/credentials is not auth-exempt. It requires either a valid Authorization: Bearer <key> header (when AGTOS_API_KEY is set) or a valid X-Setup-Token header (30-minute TTL token from GET /api/setup-token, used during onboarding).

Rate Limiting

All API endpoints are rate-limited using a token bucket algorithm.

Default Limits

Rate Limit Headers

Included on all API responses: Included on 429 Too Many Requests responses:

429 Response Body