@archastro/sdk
    Preparing search index...
    Index

    Constructors

    Properties

    Methods

    • Archive a config Soft-deletes a config by marking it as archived. Archived configs are hidden from list and show endpoints but are not permanently removed; use the unarchive endpoint to restore one, or the delete endpoint for permanent removal. The config may be addressed by its ID (cfg_...), virtual_path, or lookup_key. When addressing by lookup_key or virtual_path, you must supply exactly one owner selector (team, user, agent, or system); passing an owner selector when addressing by ID returns 422. Requires app scope. The viewer must have modify rights on the config.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. virtual_path values should be URL-encoded if they contain slashes.

      • input: { agent?: string; org?: string; system?: boolean; team?: string; user?: string }

        Request body.

        • Optionalagent?: string

          Agent ID (agt_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalorg?: string

          Organization ID (org_...) to narrow the lookup to configs belonging to that org. Useful when the viewer has access to multiple orgs.

        • Optionalsystem?: boolean

          Set true to resolve a system-owned config by virtual_path or lookup_key. Requires a privileged viewer (developer or all-powerful) or an org admin.

        • Optionalteam?: string

          Team ID (team_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionaluser?: string

          User ID (usr_...) to use as the owner when resolving by virtual_path or lookup_key.

      Returns Promise<Config>

      The config in its newly archived state.

    • Transfer ownership of a config Transfers a config to a new owner (team, user, agent, or system). Exactly one of the new-owner selectors must be provided. The config must be addressed by its ID (cfg_... or UUID); virtual_path and lookup_key are not accepted to avoid ambiguity — look up the ID first if needed. For non-system targets the new owner's org is derived automatically from the target entity; supplying org in that case returns 422. For system:true targets, org controls the resulting org scope: omit to keep the existing org_id, supply a value to set a specific org, or pass null/blank to make the config app-level (operator viewers only). Operator viewers (developer credentials or all-powerful viewers) may transfer to any owner. All other viewers are restricted to owners they can themselves access (team membership, user identity, agent scope, or system with the appropriate privilege). Requires app scope. The viewer must have modify rights on the config.

      Parameters

      • config: string

        Config ID in id-form: cfg_... or a UUID. lookup_key and virtual_path are not accepted — retrieve the config ID first if you only have a path.

      • input: { agent?: string; org?: string; system?: boolean; team?: string; user?: string }

        Request body.

        • Optionalagent?: string

          New owner: Agent ID (agt_...). Mutually exclusive with team, user, and system.

        • Optionalorg?: string

          Only valid when system:true. Omit to keep the config's existing org_id; supply an org ID (org_...) to set a specific org scope; pass blank or null to make the config app-level (operator viewers only). Setting org for team, user, or agent targets returns 422.

        • Optionalsystem?: boolean

          Set true to transfer to system ownership (app-level or org-scoped). Requires a privileged viewer. Mutually exclusive with team, user, and agent.

        • Optionalteam?: string

          New owner: Team ID (team_...). Mutually exclusive with user, agent, and system.

        • Optionaluser?: string

          New owner: User ID (usr_...). Mutually exclusive with team, agent, and system.

      Returns Promise<Config>

      The config reflecting its new ownership.

    • Retrieve a config's raw content Returns the raw byte content of a config's current version. The response Content-Type header reflects the config's stored MIME type unless a format conversion is requested. Pass format: "yaml" or format: "json" to convert between YAML and JSON on the fly. Conversion is only supported between these two formats; requesting a conversion that is not possible returns 400. By default, virtual_path and other platform-injected protected fields are embedded in the returned content. Set inject_protected_fields: false to return the stored raw bytes exactly as written. The config may be addressed by ID (cfg_...), virtual_path, or lookup_key. When addressing by lookup_key or virtual_path, exactly one owner selector (team, user, agent, or system) is required.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. URL-encode virtual_path values that contain slashes.

      • Optionalparams: {
            agent?: string;
            format?: string;
            injectProtectedFields?: boolean;
            org?: string;
            system?: boolean;
            team?: string;
            user?: string;
        }

        Query parameters.

        • Optionalagent?: string

          Agent ID (agt_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalformat?: string

          Output format for content conversion. One of "yaml" or "json". Omit to return the content in its stored format. Returns 400 if conversion is not possible.

        • OptionalinjectProtectedFields?: boolean

          Whether to inject platform-managed protected fields (such as virtual_path) into the returned content. Defaults to true. Set to false to receive the raw stored bytes.

        • Optionalorg?: string

          Organization ID (org_...) to narrow the lookup to configs belonging to that org.

        • Optionalsystem?: boolean

          Set true to resolve a system-owned config by virtual_path or lookup_key. Requires a privileged viewer (developer or all-powerful) or an org admin.

        • Optionalteam?: string

          Team ID (team_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionaluser?: string

          User ID (usr_...) to use as the owner when resolving by virtual_path or lookup_key.

      Returns Promise<{ content: ArrayBuffer; mimeType: string }>

      Raw config content in the stored or requested format.

    • Create a config Creates a new config and its first version. Returns 201 on success. A config is uniquely identified within an app + org scope by its virtual_path or lookup_key. Creating a config at a path that already exists (including archived configs) returns 409. To adopt an existing config at that path and re-own it instead, pass take_ownership: true — this requires modify rights on the existing row (developer or all-powerful viewer). The owner is resolved from the explicit selector params (team, user, agent, or system). Developer and all-powerful viewers default to system ownership when no explicit selector is provided. Exactly one owner selector may be set; conflicting selectors return 422. Requires app scope.

      Parameters

      • input: {
            agent?: string;
            change_description?: string;
            data?: Record<string, unknown>;
            data_encoding?: string;
            kind: string;
            lookup_key?: string;
            mime_type: string;
            org?: string;
            parent?: string;
            parent_solution?: string;
            raw_content: string;
            relative_path?: string;
            system?: boolean;
            take_ownership?: boolean;
            team?: string;
            user?: string;
            virtual_path?: string;
        }

        Request body.

        • Optionalagent?: string

          Agent ID (agt_...) to assign as the config owner. Mutually exclusive with team, user, and system.

        • Optionalchange_description?: string

          Human-readable description of this initial version, stored on the version record.

        • Optionaldata?: Record<string, unknown>

          Arbitrary key-value metadata stored on the version alongside the content.

        • Optionaldata_encoding?: string

          Encoding of raw_content. Omit or set "raw" for literal content; set "base64" when sending binary content such as images or PDFs in JSON.

        • kind: string

          Config kind that determines the schema and behavior of the config, e.g. "Agent" or "APITool".

        • Optionallookup_key?: string

          Optional stable key for looking up this config independent of its virtual_path. Must be unique within the app + org scope across all owners.

        • mime_type: string

          MIME type of raw_content, e.g. "application/x-yaml" or "application/json".

        • Optionalorg?: string

          Organization ID (org_...) to scope the config to a specific org.

        • Optionalparent?: string

          Parent config ID (cfg_...) for bundle children, e.g. files belonging to a Skill. Required together with relative_path when creating a child config.

        • Optionalparent_solution?: string

          Solution config ID (cfg_...) that this config was imported with. Records provenance for configs that arrive as part of a solution bundle.

        • raw_content: string

          Raw content bytes for the first version. Accepted formats depend on mime_type; typical values are YAML or JSON text.

        • Optionalrelative_path?: string

          Path of this config within its parent bundle, e.g. "prompts/system.md". Required when parent is set.

        • Optionalsystem?: boolean

          Set true to create a system-owned config (no team, user, or agent owner). Requires a developer, all-powerful, or app system-user viewer, or an org admin creating an org-scoped system config. Mutually exclusive with team, user, and agent.

        • Optionaltake_ownership?: boolean

          When true and a config already exists at the specified virtual_path or lookup_key under a different owner, adopt that config rather than returning 409: the existing row is re-owned to the requested owner, unarchived if necessary, and this content is saved as its next version. Requires modify rights on the existing row (developer or all-powerful viewer).

        • Optionalteam?: string

          Team ID (team_...) to assign as the config owner. Mutually exclusive with user, agent, and system.

        • Optionaluser?: string

          User ID (usr_...) to assign as the config owner. Mutually exclusive with team, agent, and system.

        • Optionalvirtual_path?: string

          Human-readable path that uniquely identifies the config within its owner scope, e.g. "my-agent/v1". Must be unique within the app + org + owner combination.

      Returns Promise<Config>

      The newly created config, including its first version.

    • Delete a config Permanently deletes a config and all its associated versions. This action is irreversible. To soft-delete a config while retaining its history, use the archive endpoint instead. The config may be addressed by its ID (cfg_...), virtual_path, or lookup_key. When addressing by lookup_key or virtual_path, you must supply exactly one owner selector (team, user, agent, or system); passing an owner selector when addressing by ID returns 422. Returns 204 No Content on success. Requires app scope. The viewer must have modify rights on the config.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. URL-encode virtual_path values that contain slashes.

      Returns Promise<void>

      Empty body. HTTP 204 indicates the config and all its versions were permanently deleted.

    • Encrypt a secret for use in a config Encrypts a plaintext secret and returns a ciphertext string safe for embedding directly in config content using the secret_value! interpolation syntax. The ciphertext is bound to the app's (or org's) key-encryption key (KEK) so it can only be decrypted at runtime within the same scope. When org is provided, the KEK for that org is used; otherwise the viewer's own org KEK is used, falling back to the app-level KEK for viewers with no org context. The plaintext is never stored. Requires app scope.

      Parameters

      • input: { org?: string; plaintext: string }

        Request body.

        • Optionalorg?: string

          Organization ID (org_...) whose KEK to use for encryption. Overrides the viewer's own org. Omit to use the viewer's org KEK, or the app-level KEK when the viewer has no org context.

        • plaintext: string

          The secret value to encrypt. Never stored; only the resulting ciphertext is returned.

      Returns Promise<{ encrypted_value: string }>

      Successful response

    • List config facets Returns the distinct config kinds and leading virtual_path prefixes available to the viewer, each with a count of matching configs. Use this to populate filter UI dropdowns without making a full list request. The counts reflect every config the viewer can see in the requested scope, independent of any kind, path-prefix, or lookup-key filters that might be applied on a concurrent list request. This means the UI always shows every option the viewer could pick, not just the values on the current filtered page. Scoping follows the same rules as the list endpoint: developer and all-powerful viewers see facets across all owners in the app; org-scoped viewers receive their own configs' facets merged with system-owned facets; all other viewers see only their resolved owner's configs.

      Parameters

      • Optionalparams: { app?: string; org?: string; team?: string; user?: string }

        Query parameters.

        • Optionalapp?: string

          App ID (app_...). Present when mounted under the developer scope; injected automatically.

        • Optionalorg?: string

          Organization ID (org_...) to narrow facets to configs belonging to that org.

        • Optionalteam?: string

          Team ID (team_...) to scope facets to that team's configs. Mutually exclusive with user.

        • Optionaluser?: string

          User ID (usr_...) to scope facets to that user's configs. Defaults to the current user when the viewer is a user and no selector is provided. Mutually exclusive with team.

      Returns Promise<ConfigFacets>

      Distinct config kinds and virtual_path prefixes with per-value counts.

    • Retrieve a config Returns a single config identified by its ID, virtual_path, or lookup_key. The config object includes its current version metadata but not the raw content bytes; use the content endpoint to fetch the raw content. When addressing by lookup_key or virtual_path, you must supply exactly one owner selector (team, user, agent, or system). Passing an owner selector when addressing by ID (cfg_...) returns 422. Both not_found and forbidden outcomes are surfaced as 404 to avoid leaking config existence. Requires app scope.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. URL-encode virtual_path values that contain slashes.

      • Optionalparams: { agent?: string; org?: string; system?: boolean; team?: string; user?: string }

        Query parameters.

        • Optionalagent?: string

          Agent ID (agt_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalorg?: string

          Organization ID (org_...) to narrow the lookup to configs belonging to that org.

        • Optionalsystem?: boolean

          Set true to resolve a system-owned config by virtual_path or lookup_key. Requires a privileged viewer (developer or all-powerful) or an org admin.

        • Optionalteam?: string

          Team ID (team_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionaluser?: string

          User ID (usr_...) to use as the owner when resolving by virtual_path or lookup_key.

      Returns Promise<Config>

      The requested config object.

    • List configs Returns all configs owned by the specified owner. Exactly one owner selector (team, user, or agent) must be provided. Passing an unknown or inaccessible owner returns an empty data array rather than an error, to avoid leaking information about which teams, users, or agents exist. Use the kind, lookup_key, path_prefix, parents, and parent_solutions params to narrow results. Private config kinds are always excluded from the response regardless of the viewer's permissions. Results are not paginated; all matching configs are returned in a single response.

      Parameters

      • Optionalparams: {
            agent?: string;
            kind?: string;
            lookupKey?: string;
            parents?: string[];
            parentSolutions?: string[];
            pathPrefix?: string;
            team?: string;
            user?: string;
        }

        Query parameters.

        • Optionalagent?: string

          Agent ID (agt_...) whose configs to list. Mutually exclusive with team and user.

        • Optionalkind?: string

          Filter results to configs of this kind, e.g. "Agent" or "APITool". Omit to return configs of all non-private kinds.

        • OptionallookupKey?: string

          Filter to the config with exactly this lookup_key. Returns at most one result.

        • Optionalparents?: string[]

          Filter to configs that are children of any of the listed parent config IDs (cfg_...). Pass a single ID to retrieve all children of one bundle.

        • OptionalparentSolutions?: string[]

          Filter to configs that were imported as part of any of the listed solution config IDs (cfg_...). Useful for identifying all files that arrived with a given solution.

        • OptionalpathPrefix?: string

          Filter to configs whose virtual_path starts with this prefix, e.g. "my-agent/". Useful for listing files within a folder.

        • Optionalteam?: string

          Team ID (team_...) whose configs to list. Mutually exclusive with user and agent.

        • Optionaluser?: string

          User ID (usr_...) whose configs to list. Defaults to the current user when the viewer is a user and no owner selector is provided. Mutually exclusive with team and agent.

      Returns Promise<
          {
              data: {
                  agent?: string;
                  created_at?: string;
                  current_version?: {
                      change_description?: string;
                      content_hash?: string;
                      created_at?: string;
                      data?: Record<string, unknown>;
                      id: string;
                      org?: string;
                      sandbox?: string;
                      version_number: number;
                  };
                  id: string;
                  is_archived?: boolean;
                  kind: string;
                  lookup_key?: string;
                  mime_type?: string;
                  org?: string;
                  parent?: string;
                  parent_solution?: string;
                  raw_content?: string;
                  relative_path?: string;
                  sandbox?: string;
                  team?: string;
                  updated_at?: string;
                  user?: string;
                  virtual_path?: string;
              }[];
          },
      >

      Successful response

    • Unarchive a config Restores a previously archived config, making it visible again in list and show responses. The config's content and version history are unchanged. The config may be addressed by its ID (cfg_...), virtual_path, or lookup_key. When addressing by lookup_key or virtual_path, you must supply exactly one owner selector (team, user, agent, or system); passing an owner selector when addressing by ID returns 422. Requires app scope. The viewer must have modify rights on the config.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. URL-encode virtual_path values that contain slashes.

      • input: { agent?: string; org?: string; system?: boolean; team?: string; user?: string }

        Request body.

        • Optionalagent?: string

          Agent ID (agt_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalorg?: string

          Organization ID (org_...) to narrow the lookup to configs belonging to that org.

        • Optionalsystem?: boolean

          Set true to resolve a system-owned config by virtual_path or lookup_key. Requires a privileged viewer (developer or all-powerful) or an org admin.

        • Optionalteam?: string

          Team ID (team_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionaluser?: string

          User ID (usr_...) to use as the owner when resolving by virtual_path or lookup_key.

      Returns Promise<Config>

      The config in its newly restored (active) state.

    • Update a config Updates an existing config. When raw_content is provided, a new version is created and becomes the current version. When raw_content is omitted, only metadata fields (virtual_path, lookup_key, relative_path, parent_solution) are updated without creating a new version. Use expected_version for optimistic concurrency control: if the config's current version number does not match the supplied value the request returns 409. This prevents overwriting concurrent edits. The config may be addressed by its ID (cfg_...), virtual_path, or lookup_key. When addressing by lookup_key or virtual_path, you must supply exactly one owner selector (team, user, agent, or system). Both not_found and forbidden outcomes are surfaced as 404. Requires app scope. The viewer must have modify rights on the config.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. URL-encode virtual_path values that contain slashes.

      • input: {
            agent?: string;
            change_description?: string;
            data?: Record<string, unknown>;
            data_encoding?: string;
            expected_version?: number;
            lookup_key?: string;
            mime_type?: string;
            org?: string;
            parent_solution?: string;
            raw_content?: string;
            relative_path?: string;
            system?: boolean;
            team?: string;
            user?: string;
            virtual_path?: string;
        }

        Request body.

        • Optionalagent?: string

          Agent ID (agt_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalchange_description?: string

          Human-readable description of this update, stored on the new version record.

        • Optionaldata?: Record<string, unknown>

          Arbitrary key-value metadata to store on the new version alongside the content.

        • Optionaldata_encoding?: string

          Encoding of raw_content. Omit or set "raw" for literal content; set "base64" when sending binary content such as images or PDFs in JSON.

        • Optionalexpected_version?: number

          Version number the caller expects to be current. If the config's actual current version does not match, the request returns 409 to signal a concurrent modification. Omit to skip optimistic locking.

        • Optionallookup_key?: string

          New lookup_key for the config. Updates the key without creating a new version when raw_content is omitted.

        • Optionalmime_type?: string

          MIME type of raw_content, e.g. "application/x-yaml" or "application/json". Defaults to the existing MIME type when raw_content is provided without this field.

        • Optionalorg?: string

          Organization ID (org_...) to narrow the lookup to configs belonging to that org.

        • Optionalparent_solution?: string

          Solution config ID (cfg_...) to set as the config's parent solution provenance. Clears the value when set to an empty string.

        • Optionalraw_content?: string

          New raw content bytes for the config. When provided, a new version is created. Omit to perform a metadata-only update without incrementing the version.

        • Optionalrelative_path?: string

          Updated path of this config within its parent bundle. Only meaningful when the config has a parent.

        • Optionalsystem?: boolean

          Set true to resolve a system-owned config by virtual_path or lookup_key. Requires a privileged viewer (developer or all-powerful) or an org admin.

        • Optionalteam?: string

          Team ID (team_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionaluser?: string

          User ID (usr_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalvirtual_path?: string

          New virtual_path for the config. Updates the path without creating a new version when raw_content is omitted.

      Returns Promise<Config>

      The config reflecting the applied update.

    • Validate config content Validates raw config content against the schema for a given config kind without saving anything. Returns a structured result indicating whether the content is valid and, if not, a list of error messages. Use this endpoint to give users early feedback before calling create or update. The owner context is used for any kind-specific validation rules that are owner-aware; provide the same owner you intend to use on the write call. Requires app scope.

      Parameters

      • input: {
            agent?: string;
            data?: Record<string, unknown>;
            data_encoding?: string;
            kind: string;
            mime_type: string;
            raw_content: string;
            team?: string;
            user?: string;
        }

        Request body.

        • Optionalagent?: string

          Agent ID (agt_...) that would own the config. Used for owner-aware validation rules. Mutually exclusive with team and user.

        • Optionaldata?: Record<string, unknown>

          Optional metadata used by kind-specific validation. File and Image configs require data.name when validating direct binary content.

        • Optionaldata_encoding?: string

          Encoding of raw_content. Omit or set "raw" for literal content; set "base64" when sending binary content such as images or PDFs in JSON.

        • kind: string

          Config kind whose schema the content is validated against, e.g. "Agent" or "APITool".

        • mime_type: string

          MIME type of raw_content, e.g. "application/x-yaml" or "application/json". Used to parse the content before validation.

        • raw_content: string

          Raw content bytes to validate. Parsed according to mime_type before schema validation.

        • Optionalteam?: string

          Team ID (team_...) that would own the config. Used for owner-aware validation rules. Mutually exclusive with user and agent.

        • Optionaluser?: string

          User ID (usr_...) that would own the config. Used for owner-aware validation rules. Mutually exclusive with team and agent.

      Returns Promise<ValidationResult>

      Validation outcome. Always HTTP 200; check the valid field to determine success. Includes errors when valid is false.

    • List a config's version history Returns all versions of a config in the order they were created, most recent first. Each version includes its version number, content metadata, and change description. The raw content bytes for a specific version are not included; use the content endpoint to fetch them. The config may be addressed by its ID (cfg_...), virtual_path, or lookup_key. When addressing by lookup_key or virtual_path, you must supply exactly one owner selector (team, user, agent, or system). Both not_found and forbidden outcomes are surfaced as 404. Requires app scope.

      Parameters

      • config: string

        Config identifier. Accepts a config ID (cfg_...), a virtual_path, or a lookup_key. URL-encode virtual_path values that contain slashes.

      • Optionalparams: { agent?: string; org?: string; system?: boolean; team?: string; user?: string }

        Query parameters.

        • Optionalagent?: string

          Agent ID (agt_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionalorg?: string

          Organization ID (org_...) to narrow the lookup to configs belonging to that org.

        • Optionalsystem?: boolean

          Set true to resolve a system-owned config by virtual_path or lookup_key. Requires a privileged viewer (developer or all-powerful) or an org admin.

        • Optionalteam?: string

          Team ID (team_...) to use as the owner when resolving by virtual_path or lookup_key.

        • Optionaluser?: string

          User ID (usr_...) to use as the owner when resolving by virtual_path or lookup_key.

      Returns Promise<
          {
              versions: {
                  change_description?: string;
                  content_hash?: string;
                  created_at?: string;
                  data?: Record<string, unknown>;
                  id: string;
                  org?: string;
                  sandbox?: string;
                  version_number: number;
              }[];
          },
      >

      Successful response