Api
The `Api` entity.
Definition
TypeScript
interface Api {
id: string;
workspaceId: string;
handle: string;
name: string;
description: string | null;
auth:
| { kind: "public"; rateLimitPerMinute?: number | undefined }
| { kind: "workspace_api_key" }
| { kind: "oauth"; scope: string }
| { kind: "event_signature"; secretSource: "secret_ref"; secretId: string };
cors: {
allowOrigins: Array<string>;
allowCredentials?: boolean | undefined;
} | null;
rateLimit: { perMinute: number } | null;
enabled: boolean;
createdBy: string;
createdAt: string;
updatedAt: string;
}Fields
| Field | Type | Notes |
|---|---|---|
id | string | readonly required |
workspaceId | string | required — Workspace that owns this api. |
handle | string | required — Per-workspace handle that becomes the URL segment, e.g. 'orders'. |
name | string | required — Human-readable name. |
description | string | null | required — Optional longer-form description of the api's purpose. |
auth | { kind: "public"; rateLimitPerMinute?: number | undefined; } | { kind: "workspace_api_key"; } | { kind: "oauth"; scope: string; } | { kind: "event_signature"; secretSource: "secret_ref"; secretId: string; } | required — Default auth policy for endpoints under this api. |
cors | { allowOrigins: Array<string>; allowCredentials?: boolean | undefined; } | null | required — Default CORS policy for endpoints under this api; null means CORS isn't applied. |
rateLimit | { perMinute: number; } | null | required — Optional global rate limit applied across the whole api. |
enabled | boolean | required — Whether the api accepts traffic; false rejects requests. |
createdBy | string | required — User who created the api. Used as the run.userId fallback for public endpoints with no caller identity. |
createdAt | string | readonly required — ISO-8601 timestamp of creation. |
updatedAt | string | readonly required — ISO-8601 timestamp of the last update. |