<!-- CODE GENERATED BY cmd/harbor-gen-protocol-docs. DO NOT EDIT. -->
Protocol methods
The 83 canonical Harbor Protocol methods, generated from the single-source registry (internal/protocol/methods) joined against the wire transports' route patterns (internal/protocol/transports/{control,stream}). The classification column is computed from the same Is*Method predicates the transports branch on.
Every method is identity-mandatory: the request carries a verified JWT bearer (asymmetric algorithms only — RFC §5.5) and resolves a complete (tenant, user, session) triple, with the session chosen per-request via X-Harbor-Session (see Auth & identity). The Auth column lists what a method demands beyond that baseline. Request/response shapes link into types.md; error envelopes are catalogued in errors.md.
Task control
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
approve | POST /v1/control/approve | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ owner_user (RFC §6.3); cross-tenant steering requires admin |
cancel | POST /v1/control/cancel | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ owner_user (RFC §6.3); cross-tenant steering requires admin |
inject_context | POST /v1/control/inject_context | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ session_user (RFC §6.3); cross-tenant steering requires admin |
pause | POST /v1/control/pause | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ owner_user (RFC §6.3); cross-tenant steering requires admin |
prioritize | POST /v1/control/prioritize | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ admin (RFC §6.3); cross-tenant steering requires admin |
redirect | POST /v1/control/redirect | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ owner_user (RFC §6.3); cross-tenant steering requires admin |
reject | POST /v1/control/reject | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ owner_user (RFC §6.3); cross-tenant steering requires admin |
resume | POST /v1/control/resume | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ owner_user (RFC §6.3); cross-tenant steering requires admin |
start | POST /v1/control/start | task control — spawn | StartRequest | StartResponse | mutating |
user_message | POST /v1/control/user_message | task control — steering | ControlRequest | ControlResponse | mutating; steering scope ≥ session_user (RFC §6.3); cross-tenant steering requires admin |
Streaming events
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
events.aggregate | POST /v1/events/aggregate | streaming events | EventAggregateRequest | EventAggregateResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
events.subscribe | GET /v1/events | streaming events | no JSON body — the filter travels as query/header values (X-Harbor-Run, X-Harbor-Event-Type, ?admin=1, Last-Event-ID) | SSE stream (text/event-stream); see events.md | read-only; cross-tenant fan-in requires admin or console:fleet |
Tasks
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
tasks.get | POST /v1/tasks/get | tasks (read-only) | TaskGetRequest | TaskDetail | read-only |
tasks.list | POST /v1/tasks/list | tasks (read-only) | TaskListRequest | TaskListResponse | read-only; cross-tenant fan-in requires the verified admin scope claim (console:fleet is not consulted) |
Sessions
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
sessions.inspect | POST /v1/sessions/inspect | sessions (read-only) | SessionsInspectRequest | SessionsInspectResponse | read-only |
sessions.list | POST /v1/sessions/list | sessions (read-only) | SessionsListRequest | SessionsListResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
Pause snapshot
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
pause.list | POST /v1/pause/list | pause snapshot (read-only) | PauseListRequest | PauseListResponse | read-only; cross-tenant fan-in requires the verified admin scope claim (console:fleet is not consulted) |
Search
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
search.artifacts | POST /v1/control/search.artifacts | search | SearchRequest | SearchResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
search.events | POST /v1/control/search.events | search | SearchRequest | SearchResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
search.query | POST /v1/control/search.query | search | SearchRequest | SearchResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
search.sessions | POST /v1/control/search.sessions | search | SearchRequest | SearchResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
search.tasks | POST /v1/control/search.tasks | search | SearchRequest | SearchResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
Posture
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
governance.posture | POST /v1/control/governance.posture | posture (read-only) | RuntimeInfoRequest | GovernancePostureResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
llm.posture | POST /v1/control/llm.posture | posture (read-only) | RuntimeInfoRequest | LLMPostureResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
metrics.snapshot | POST /v1/control/metrics.snapshot | posture (read-only) | RuntimeInfoRequest | MetricsSnapshot | read-only; cross-tenant fan-in requires admin or console:fleet |
runtime.counters | POST /v1/control/runtime.counters | posture (read-only) | RuntimeInfoRequest | RuntimeCounters | read-only; cross-tenant fan-in requires admin or console:fleet |
runtime.drivers | POST /v1/control/runtime.drivers | posture (read-only) | RuntimeInfoRequest | RuntimeDrivers | read-only; cross-tenant fan-in requires admin or console:fleet |
runtime.health | POST /v1/control/runtime.health | posture (read-only) | RuntimeInfoRequest | RuntimeHealth | read-only; cross-tenant fan-in requires admin or console:fleet |
runtime.info | POST /v1/control/runtime.info | posture (read-only) | RuntimeInfoRequest | RuntimeInfo | read-only; cross-tenant fan-in requires admin or console:fleet |
Topology
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
topology.snapshot | POST /v1/control/topology.snapshot | topology (read-only) | TopologySnapshotRequest | TopologyProjection | read-only; cross-tenant fan-in requires the verified admin scope claim (console:fleet is not consulted) |
Artifacts
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
artifacts.delete | POST /v1/control/artifacts.delete | artifacts | ArtifactsDeleteRequest | ArtifactsDeleteResponse | mutating; requires the verified admin scope claim |
artifacts.get_ref | POST /v1/control/artifacts.get_ref | artifacts | ArtifactsGetRefRequest | ArtifactsGetRefResponse | read-only |
artifacts.list | POST /v1/control/artifacts.list | artifacts | ArtifactsListRequest | ArtifactsListResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
artifacts.put | POST /v1/control/artifacts.put | artifacts | ArtifactsPutRequest | ArtifactsPutResponse | mutating |
Memory
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
memory.delete | POST /v1/memory/delete | memory | MemoryDeleteRequest | MemoryDeleteResponse | mutating; requires the verified admin scope claim |
memory.get | POST /v1/memory/get | memory | MemoryGetRequest | MemoryGetResponse | read-only |
memory.health | POST /v1/memory/health | memory | MemoryHealthRequest | MemoryHealthResponse | read-only |
memory.list | POST /v1/memory/list | memory | MemoryListRequest | MemoryListResponse | read-only; cross-tenant fan-in requires admin or console:fleet |
memory.put | POST /v1/memory/put | memory | MemoryPutRequest | MemoryPutResponse | mutating; requires the verified admin scope claim |
memory.strategy_trace | POST /v1/memory/strategy_trace | memory | MemoryStrategyTraceRequest | MemoryStrategyTraceResponse | read-only |
Tools
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
tools.content_stats | POST /v1/tools/content_stats | tools | ToolContentStatsRequest | ToolContentStats | read-only |
tools.describe | POST /v1/tools/describe | tools | ToolDescribeRequest | ToolManifest | read-only |
tools.get | POST /v1/tools/get | tools | ToolGetRequest | Tool | read-only |
tools.list | POST /v1/tools/list | tools | ToolListRequest | ToolListResponse | read-only |
tools.metrics | POST /v1/tools/metrics | tools | ToolMetricsRequest | ToolMetrics | read-only |
tools.revoke_oauth | POST /v1/tools/revoke_oauth | tools | ToolRevokeOAuthRequest | ToolRevokeOAuthResponse | mutating; requires the verified admin scope claim |
tools.set_approval_policy | POST /v1/tools/set_approval_policy | tools | ToolSetApprovalPolicyRequest | ToolSetApprovalPolicyResponse | mutating; requires the verified admin scope claim |
Flows
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
flows.describe | POST /v1/flows/describe | flows | FlowDescribeRequest | FlowDescription | read-only; tenant-scoped results; the verified admin scope claim widens run visibility across tenants |
flows.list | POST /v1/flows/list | flows | FlowListRequest | FlowListResponse | read-only; cross-tenant fan-in requires the verified admin scope claim (console:fleet is not consulted) |
flows.metrics | POST /v1/flows/metrics | flows | FlowMetricsRequest | FlowMetrics | read-only; tenant-scoped results; the verified admin scope claim widens run visibility across tenants |
flows.run | POST /v1/flows/run | flows | FlowRunRequest | FlowRunResponse | mutating; requires the verified admin scope claim |
flows.runs.describe | POST /v1/flows/runs/describe | flows | FlowRunDescribeRequest | FlowRunDescription | read-only; tenant-scoped results; the verified admin scope claim widens run visibility across tenants |
flows.runs.list | POST /v1/flows/runs/list | flows | FlowRunsListRequest | FlowRunsListResponse | read-only; cross-tenant fan-in requires the verified admin scope claim (console:fleet is not consulted) |
Agents
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
agents.deregister | POST /v1/agents/deregister | agents — fleet control | AgentControlRequest | AgentControlResponse | mutating; requires the verified admin scope claim |
agents.drain | POST /v1/agents/drain | agents — fleet control | AgentControlRequest | AgentControlResponse | mutating; requires the verified admin scope claim |
agents.force_stop | POST /v1/agents/force_stop | agents — fleet control | AgentControlRequest | AgentControlResponse | mutating; requires the verified admin scope claim |
agents.get | POST /v1/agents/get | agents (read-only) | AgentGetRequest | AgentGetResponse | read-only |
agents.governance | POST /v1/agents/governance | agents (read-only) | AgentGovernanceRequest | AgentGovernanceResponse | read-only |
agents.list | POST /v1/agents/list | agents (read-only) | AgentListRequest | AgentListResponse | read-only |
agents.memory | POST /v1/agents/memory | agents (read-only) | AgentMemoryRequest | AgentMemoryResponse | read-only |
agents.metrics | POST /v1/agents/metrics | agents (read-only) | AgentMetricsRequest | AgentMetricsResponse | read-only |
agents.pause | POST /v1/agents/pause | agents — fleet control | AgentControlRequest | AgentControlResponse | mutating; requires the verified admin scope claim |
agents.permissions | POST /v1/agents/permissions | agents (read-only) | AgentPermissionsRequest | AgentPermissionsResponse | read-only |
agents.restart | POST /v1/agents/restart | agents — fleet control | AgentControlRequest | AgentControlResponse | mutating; requires the verified admin scope claim |
agents.skills | POST /v1/agents/skills | agents (read-only) | AgentSkillsRequest | AgentSkillsResponse | read-only |
agents.tools | POST /v1/agents/tools | agents (read-only) | AgentToolsRequest | AgentToolsResponse | read-only |
MCP servers
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
mcp.servers.bindings.list | POST /v1/control/mcp.servers.bindings.list | mcp servers | MCPServerBindingsListRequest | MCPServerBindingsListResponse | read-only |
mcp.servers.get | POST /v1/control/mcp.servers.get | mcp servers | MCPServerGetRequest | MCPServerGetResponse | read-only |
mcp.servers.health | POST /v1/control/mcp.servers.health | mcp servers | MCPServerHealthRequest | MCPServerHealthResponse | read-only |
mcp.servers.list | POST /v1/control/mcp.servers.list | mcp servers | MCPServersListRequest | MCPServersListResponse | read-only |
mcp.servers.policy | POST /v1/control/mcp.servers.policy | mcp servers | MCPServerPolicyRequest | MCPServerPolicyResponse | read-only |
mcp.servers.probe | POST /v1/control/mcp.servers.probe | mcp servers | MCPServerProbeRequest | MCPServerProbeResponse | mutating |
mcp.servers.prompts | POST /v1/control/mcp.servers.prompts | mcp servers | MCPServerPromptsRequest | MCPServerPromptsResponse | read-only |
mcp.servers.refresh_binding | POST /v1/control/mcp.servers.refresh_binding | mcp servers | MCPServerRefreshBindingRequest | MCPServerRefreshBindingResponse | mutating; requires the verified admin scope claim |
mcp.servers.refresh_discovery | POST /v1/control/mcp.servers.refresh_discovery | mcp servers | MCPServerRefreshDiscoveryRequest | MCPServerRefreshDiscoveryResponse | mutating |
mcp.servers.resources | POST /v1/control/mcp.servers.resources | mcp servers | MCPServerResourcesRequest | MCPServerResourcesResponse | read-only |
mcp.servers.revoke_binding | POST /v1/control/mcp.servers.revoke_binding | mcp servers | MCPServerRevokeBindingRequest | MCPServerRevokeBindingResponse | mutating; requires the verified admin scope claim |
mcp.servers.set_raw_html_trust | POST /v1/control/mcp.servers.set_raw_html_trust | mcp servers | MCPServerSetRawHTMLTrustRequest | MCPServerSetRawHTMLTrustResponse | mutating; requires the verified admin scope claim |
MCP apps
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
mcp.apps.call_tool | POST /v1/control/mcp.apps.call_tool | mcp apps | MCPAppCallToolRequest | MCPAppCallToolResponse | mutating |
mcp.apps.tool_context | POST /v1/control/mcp.apps.tool_context | mcp apps | ToolContextRequest | ToolContextResponse | read-only |
mcp.servers.read_resource | POST /v1/control/mcp.servers.read_resource | mcp apps | ReadMCPResourceRequest | ReadMCPResourceResponse | read-only |
Runs
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
runs.set_overrides | POST /v1/runs/set_overrides | runs | RunSetOverridesRequest | RunSetOverridesResponse | mutating |
Auth
| Method | Route | Classification | Request | Response | Auth (beyond identity) |
|---|---|---|---|---|---|
auth.rotate_token | POST /v1/auth/rotate_token | auth | AuthRotateTokenRequest | AuthRotateTokenResponse | mutating; requires the verified admin scope claim |