SWIRLS_
Reference

API

Reference for the Swirls API: authentication, transport, namespaces, pagination, and error handling.

The Swirls API provides programmatic access to every capability available in the Portal. Use it to manage projects, execute workflows, configure triggers, work with forms, webhooks, schedules, and more.

Base URL

For Swirls Cloud, the base URL is https://swirls.ai/api. For self-hosted deployments, use the URL where your API server is running.

Authentication

Most API endpoints require authentication. Include your API key in the Authorization header:

Authorization: Bearer <apiKey>

Get an API key from the Portal under project settings. The CLI authenticates via a session created by swirls auth login.

Requests with a missing or invalid token receive a 401 Unauthorized response.

Protocol

The Swirls API uses oRPC for its authenticated endpoints. All RPC calls are routed through {baseUrl}/rpc.

The API is not a REST API. There are no separate REST routes for resource management. Use the SDK for typed TypeScript clients. Raw HTTP calls to /rpc are supported but verbose.

Making a raw RPC call

const response = await fetch('https://swirls.ai/api/rpc/projects.listProjects', {
  method: 'GET',
  headers: {
    Authorization: 'Bearer <apiKey>',
  },
})
const projects = await response.json()

For POST procedures, send a JSON body:

const response = await fetch('https://swirls.ai/api/rpc/projects.createProject', {
  method: 'POST',
  headers: {
    Authorization: 'Bearer <apiKey>',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ name: 'my-project' }),
})
const project = await response.json()

RPC namespaces

The contract is generated from packages/contract/src/contract.ts. The following namespaces are available.

agents

Agent chat sessions back persistent, multi-turn hosted conversations when agent chat is enabled for a project. Sessions store the full transcript.

MethodDescription
createSessionCreate a platform agent chat session. Returns { sessionId }.
listSessionsList agent chat sessions for a project. Filter by agentName.
getSessionLoad an agent chat session by ID, including its messages.
deleteSessionDelete an agent chat session by ID.
listAgentsList agents in the active deployment for a project.

projects

MethodDescription
listProjectsList all projects accessible to the authenticated user.
createProjectCreate a new project.
getProjectGet a project by ID.
updateProjectRename a project.
deleteProjectDelete a project and its data.
setActiveDeploymentPin a deployment as active, or pass null to use the latest.
listExecutionsList executions for a project. Filterable by status, workflowId, deploymentId, triggerType, and scope.
getKeySetInfoGet Anvil KMS keyset info for a project.
provisionKeySetProvision an Anvil KMS keyset for a project.
revokeGrantRevoke the platform client grant on a project keyset.
restoreGrantRestore the platform client grant on a project keyset.

workflows

MethodDescription
getWorkflowSnapshotGet a workflow snapshot with all its nodes and edges. Call this before executeWorkflow to learn the input schema.
listWorkflowsList workflows for a project with snapshot, version count, and active-deployment flag.
executeWorkflowExecute a workflow with optional input. Returns { executionId }.
getExecutionGet the status and results of a workflow execution, including all node executions.
listRunnableWorkflowsList workflows in a deployment with each workflow's entry-node input schema and last execution.

deployments

MethodDescription
deployDeploy a compiled project definition. Returns { deployment, missingVendorKeys[] }. Non-empty missingVendorKeys means affected nodes will pause with secrets_hold.
getDeploymentGet a deployment by ID.
getMissingVendorKeysGet vendor keys missing from the project vault for a deployment. Empty for Enterprise.
listDeploymentsList deployments for a project. Filterable by environment and source.
listExecutionsList executions for a deployment.

forms

MethodDescription
getFormGet stable form identity and preferred snapshot. Snapshot includes visibility, authName, allowedOrigins, successContent, csrfKeyGeneration.
listFormsList forms for a project with preferred snapshot and version count.
listFormSubmissionsList form submissions. Filter by formId or formSnapshotId.

webhooks

MethodDescription
getWebhookGet stable webhook identity and preferred snapshot. Snapshot includes headerName, secretRefBlock, secretRefVar.
listWebhooksList webhooks for a project with preferred snapshot.

schedules

MethodDescription
getScheduleGet stable schedule identity and preferred snapshot. Snapshot includes cron, timezone, nextRunAt, running.
listSchedulesList schedules for a project with preferred snapshot.

reviews

Reviews pause workflow execution at any node configured with review: { enabled: true }.

MethodDescription
listReviewsList reviews for a project. Filter by status (pending, approved, rejected).
getReviewGet a review with its associated node execution, node, and workflow execution.
approveReviewApprove a review. Optionally pass formData for validation against the node's review schema. Resumes execution.
rejectReviewReject a review. Optionally pass reason. Resumes execution with a failure state.

secrets

MethodDescription
listSecretBlocksList secret blocks from the active deployment with per-var value presence.
listAuthBlocksList auth blocks from the active deployment with authType, secretBlockName, and config.
getSecretValuesList secret value keys, presence, and kind (block_var or vendor).
setSecretValueUpsert a secret value. Set kind to vendor for platform API keys.
deleteSecretValueRemove a stored secret value.

streams

MethodDescription
listStreamsList stream definitions for a project.
queryStreamOutputsQuery persisted rows for a stream name and version. filter is Record<string, Record<string, unknown>>. Operators: eq, ne, gt, gte, lt, lte, like, in.

billing

MethodDescription
getUsageGet feature usage for the authenticated org. Returns { features: [{ featureId, allowed, balance, usage, limit, nextResetAt }] }.
getBillingHoldCountGet the number of executions held due to billing limits. Returns { count }.
getExecutionCreditsUsageGet credit usage by project. Input: { projectId?, range? }. Range options: 24h, 7d, 30d, 90d, last_cycle, 1bc, 3bc. Returns { range, byProject: [{ projectId, name, credits }] }.

audit

Audit procedures use cursor-based pagination with limit (1–500, default 100) and optional cursor.

MethodDescription
listByOrgList audit events for an organization.
listByActorList audit events for a specific actor.

Audit event fields: id, occurredAt, ingestedAt, subject, actorId, actorType (user, service, or agent), orgId, projectId, resourceType, resourceId, action, workflowId, executionId, traceId, outcome (success, failure, or denied), errorCode, metadata.

traces

Execution and agent-session observability. Every procedure is scoped to a project; access is enforced per tenant.

MethodDescription
listExecutionsList recent executions and agent sessions for a project. Input: { projectId, limit?, beforeTimestamp? }.
getTraceFetch every span in a trace, scoped to the project. Input: { projectId, traceId }.
getExecutionSpansFetch the spans for one execution id. Input: { projectId, executionId }.

integrations.github

MethodDescription
getInstallUrlGet the GitHub App installation URL for a project.
createRepoLinkLink a GitHub repository to a project for git push deploys.
updateRepoLinkUpdate repository link settings.
deleteRepoLinkRemove the repository link.
triggerManualDeployTrigger a deploy from the linked repository.
listUserInstallationsList GitHub App installations for the authenticated user.
listInstallationReposList repositories for a GitHub App installation.
getRepoLinkGet the current repository link for a project.

integrations.connections

MethodDescription
listProvidersList available third-party identity providers.
listConnectionsList authorized accounts for the authenticated user or workspace.
revokeConnectionRevoke a third-party connection.
promoteToWorkspacePromote a user-scoped connection to workspace scope. Admin or owner only.
listProjectSlotsList the connection slots declared by a project's active deployment, with binding status.
bindConnectionBind an authorized account to a named project connection slot.
unbindConnectionClear the account bound to a project connection slot.

cli

MethodDescription
revokeSessionRevoke a CLI session by ID. Called by swirls auth logout.

Public endpoints

The Triggers service (apps/triggers) exposes these endpoints without API key authentication.

Form submission

GET  /triggers/forms/:projectId/:formName
POST /triggers/forms/:projectId/:formName

GET renders the HTML form. Forms with visibility: internal return 404. Forms with basic auth return 401 when credentials are missing.

POST validates the CSRF token, validates the submission against the form schema, and enqueues a workflow execution. Returns 503 if the 5-second hot-path budget is exceeded.

Webhook ingestion

POST /triggers/webhooks/:projectId/:webhookName

Verifies the optional shared secret (header name and value from the webhook's secret block), then enqueues a workflow execution.

Pagination

Standard list operations return:

{
  "pagination": {
    "hasNextPage": true,
    "hasPreviousPage": false,
    "startCursor": "...",
    "endCursor": "..."
  },
  "results": [],
  "totalCount": 42
}

Pass before, after, first, or last to navigate pages. Maximum page size is 500.

Audit procedures use a separate cursor pagination shape:

{
  "data": [],
  "nextCursor": "..."
}

Error handling

The API returns errors in a consistent format:

{
  "error": {
    "code": "NOT_FOUND",
    "message": "Workflow not found"
  }
}
CodeHTTP StatusDescription
UNAUTHORIZED401Authentication is missing or invalid.
FORBIDDEN403The authenticated user does not have access to this resource.
BAD_REQUEST400The request is malformed or contains invalid parameters.
NOT_FOUND404The requested resource does not exist.
INTERNAL_SERVER_ERROR500An unexpected error occurred on the server.

Next steps

On this page