API Documentation
Everything you need to build with the AGENTARC platform
Overview
API overview and base information
AGENTARC API v1
The AGENTARC API gives you programmatic access to discover, deploy, and execute AI agents in a secure sandboxed runtime. Every agent runs in an isolated Docker container with strict resource limits, no network access, and all capabilities dropped.
/api/v1All API requests should be made to the gateway at http://localhost:3000. The gateway automatically routes requests to the appropriate microservice and handles authentication, rate limiting, and request logging.
Getting Started
Quick start guide
Getting Started
Follow these steps to start using the AGENTARC API.
Connect a Wallet
Authenticate with your Ethereum wallet
# Get a nonce
curl http://localhost:3000/api/v1/auth/nonce?wallet=0xYourWalletAddress
# Sign the message with your wallet and login
curl -X POST http://localhost:3000/api/v1/auth/login \
-H 'Content-Type: application/json' \
-d '{"walletAddress": "0x...", "signature": "0x..."}'Get an API Key
Create an API key for server-to-server requests
# Create an API key (requires JWT auth)
curl -X POST http://localhost:3000/api/v1/auth/api-keys \
-H 'Authorization: Bearer <your-jwt>' \
-H 'Content-Type: application/json' \
-d '{"name": "Production Key", "scopes": ["*"]}'Browse & Run Agents
Discover agents and execute them
# List trending agents
curl http://localhost:3000/api/v1/agents/trending
# Run an agent (requires auth)
curl -X POST http://localhost:3000/api/v1/agents/:id/run \
-H 'Authorization: Bearer <your-jwt>' \
-H 'Content-Type: application/json' \
-d '{"input": {"prompt": "Analyze this data"}}'Architecture
System architecture overview
Architecture
AGENTARC is built as a microservices architecture with a central API gateway.
┌─────────────┐ ┌──────────────┐
│ Frontend │────▶│ Gateway │
│ :3010 │ │ :3000 │
└─────────────┘ └──────┬───────┘
│
┌────────────┼──────────────────┐
▼ ▼ ▼ ▼
┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ Auth │ │ Registry │ │Execution │ │ Search │
│ :3001 │ │ :3002 │ │ :3003 │ │ :3006 │
└──────────┘ └──────────┘ └────┬─────┘ └──────────┘
│
▼
┌──────────┐
│ Sandbox │
│ :3004 │
└──────────┘
┌──────────┐ ┌──────────┐ ┌──────────┐
│Payment │ │ Vault │ │Observab. │
│ :3005 │ │ :3007 │ │ :3009 │
└──────────┘ └──────────┘ └──────────┘Gateway
Port 3000
Auth
Port 3001
Registry
Port 3002
Execution
Port 3003
Sandbox
Port 3004
Payment
Port 3005
Search
Port 3006
Vault
Port 3007
Observability
Port 3009
The Gateway handles all incoming requests, applies rate limiting (1000 req/60s), authenticates via JWT or API key, and proxies to the appropriate service. Each service is independently deployable and scalable.
Authentication
Wallet auth, JWT, and API keys
Authentication
AGENTARC uses wallet-based authentication with JWT tokens and API keys.
Wallet Authentication (SIWE)
Authenticate by signing a message with your Ethereum wallet. This uses the Sign-In with Ethereum (EIP-4361) standard.
/auth/nonce?wallet=0x...Get NonceGet a unique nonce to sign
/auth/loginLoginSubmit signed message for JWT tokens
/auth/refreshRefreshRefresh an expired access token
// Using ethers.js v6
import { ethers } from 'ethers';
const provider = new ethers.BrowserProvider(window.ethereum);
const signer = await provider.getSigner();
const address = await signer.getAddress();
// 1. Get nonce + signing message
const { message } = await fetch(
'/api/v1/auth/nonce?wallet=' + address
).then(r => r.json());
// 2. Sign the formatted message (not the bare nonce hex)
const signature = await signer.signMessage(message);
// 3. Login — message is required for backend verification
const { accessToken, refreshToken, user } = await fetch(
'/api/v1/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ walletAddress: address, signature, message }),
}
).then(r => r.json());
// 4. Use token in subsequent requests
const agents = await fetch('/api/v1/agents?creatorId=' + user.id, {
headers: { Authorization: 'Bearer ' + accessToken },
}).then(r => r.json());API Keys
For server-to-server requests, create API keys. Pass them via the X-Api-Key header.
# Using an API key
curl -H 'X-Api-Key: ag_your_api_key_here' \
http://localhost:3000/api/v1/agentsAPI keys are shown once at creation. Store them securely — they cannot be retrieved later.
JWT Tokens
Access tokens expire after 15 minutes. Refresh tokens are valid for 7 days.
| Field | Type | Required | Description |
|---|---|---|---|
| Authorization | Header | Required | Bearer <access_token> |
| X-Api-Key | Header | Optional | Alternative to JWT for server-to-server |
| x-wallet-address | Header | Optional | Wallet address for wallet-specific operations |
| X-Idempotency-Key | Header | Optional | Idempotency key for safe retries |
Agents API
Create, manage, and execute agents
Agents API
Create, manage, discover, and execute AI agents.
Endpoints
/agentsList AgentsPaginated list with filtering by category, status, price, rating
/agents/trendingTrendingAgents sorted by trending score (uses, recency, rating)
/agents/search?q=SearchFull-text search across name, description, tags
/agents/categoriesCategoriesAll categories with agent count
/agents/suggestions?q=SuggestionsAutocomplete suggestions
/agents/:idGet AgentFull agent details with creator and latest version
/agentsCreate AgentPublish a new agent to the marketplace
/agents/:idUpdate AgentUpdate agent metadata
/agents/:idDelete AgentSoft-delete (archives the agent)
/agents/:id/versionsGet VersionsList all versions of an agent
/agents/:id/versionsCreate VersionUpload a new version
/agents/:id/runRun AgentExecute an agent with input
Query Parameters (GET /agents)
| Field | Type | Required | Description |
|---|---|---|---|
| page | number | Optional | Page number (default: 1) |
| limit | number | Optional | Items per page (default: 20, max: 100) |
| category | string | Optional | Filter by category slug |
| status | string | Optional | Filter by status (ACTIVE, SUSPENDED, etc.) |
| creatorId | string | Optional | Filter by creator user ID |
| isVerified | boolean | Optional | Verified agents only |
| isFeatured | boolean | Optional | Featured agents only |
| sortBy | string | Optional | trendingScore, popularityScore, ratingAvg, createdAt, priceUsdc |
| sortOrder | asc|desc | Optional | Sort direction |
Create Agent Schema
{
"name": "My Agent",
"description": "A detailed description of what this agent does...",
"shortDescription": "Short one-liner",
"category": "defi",
"tags": [
"analytics",
"defi"
],
"priceType": "PAY_PER_RUN",
"priceUsdc": "0.01",
"codeUrl": "https://storage.example.com/agent-v1.js",
"sandboxConfig": {},
"permissionsManifest": {},
"runtimeLimits": {
"maxExecutionTime": 30000,
"maxMemory": "512m",
"maxCpu": "1"
},
"allowedDomains": [],
"requiredSecrets": []
}Executions API
Track and manage executions
Executions API
Track and manage agent executions in real-time.
Endpoints
/executionsListPaginated list of your executions
/executions/:idGetFull execution details
/executions/:id/statusStatusCurrent status, logs, and output
/executions/:id/cancelCancelCancel a queued or running execution
Execution Flow
Execution is created and added to the BullMQ queue with idempotency check
Sandbox container is being created with agent code and runtime config
Agent code executes in the isolated Docker container with resource limits
Execution completes, logs captured, output returned, container cleaned up
Execution Status Values
| Field | Type | Required | Description |
|---|---|---|---|
| QUEUED | string | Required | Waiting in BullMQ queue for a worker |
| PROVISIONING | string | Required | Sandbox container being provisioned |
| RUNNING | string | Required | Agent code is executing |
| SUCCESS | string | Required | Execution completed successfully |
| FAILED | string | Required | Runtime error during execution |
| TIMEOUT | string | Required | Execution exceeded time limit (default 30s) |
| CANCELLED | string | Required | User cancelled the execution |
| SANDBOX_ERROR | string | Required | Infrastructure error in sandbox |
WebSocket Events
Subscribe to real-time updates via Socket.IO at namespace /executions.
import { io } from 'socket.io-client';
const socket = io('http://localhost:3003/executions');
// Subscribe to execution updates
socket.emit('subscribe', { executionId: 'uuid-here' });
// Listen for status changes
socket.on('execution:update', (payload) => {
console.log('Status:', payload.data.status);
console.log('Output:', payload.data.output);
});
// Listen for real-time logs
socket.on('execution:log', (log) => {
console.log('[LOG]', log.level, log.message);
});
// Unsubscribe when done
socket.emit('unsubscribe', { executionId: 'uuid-here' });Payments API
On-chain USDC payments
Payments API
Handle on-chain payments via USDC on Arbitrum.
Endpoints
/paymentsListList authenticated user's payment history
/payments/createCreateCreate a payment intent for an agent run
/payments/verifyVerifyVerify an on-chain transaction
/payments/:id/statusStatusGet payment status with confirmations
/payments/verifyCheck AccessCheck if user has paid for an agent
/payments/price/:agentIdPriceGet the price for an agent
Revenue Split
Platform fee is 2.5% of each paid execution. The remaining 97.5% goes to the agent developer.
Amount: 0.01 USDC
Platform Fee: 0.00025 USDC (2.5%)
Developer: 0.00975 USDC (97.5%)Vault API
Secure secrets management
Vault API
Securely store and manage secrets for your agents.
Endpoints
/vault/secretsListList all stored secrets (values masked)
/vault/secretsCreateStore a new encrypted secret
/vault/secrets/:idGetRetrieve a secret value (decrypted)
/vault/secrets/:idDeleteSoft-delete a secret
Encryption
Secrets are encrypted at rest using AES-256-GCM with automatic key rotation every 7 days.
Algorithm
AES-256-GCM
Key Rotation
Every 7 days
Scopes
AGENT, USER, GLOBAL
Sandbox
Secure execution environment
Sandbox
Every agent executes in an isolated, secure sandbox environment.
Security Features
Docker Isolation
Each agent runs in its own Docker container with no access to the host system.
Read-Only Filesystem
Container root filesystem is read-only. Only /tmp is writable.
Resource Limits
Strict CPU, memory (512mb), and execution time (30s) limits.
Capability Dropped
All Linux capabilities are dropped. No new privileges allowed.
Seccomp Filtering
System calls are filtered based on the agent's permission manifest.
Network Policy
All private IP ranges blocked. Outbound to public internet only if permitted.
Default Runtime Limits
| Field | Type | Required | Description |
|---|---|---|---|
| maxExecutionTime | number | Optional | Maximum execution time in ms (default: 30000) |
| maxMemory | string | Optional | Maximum memory (default: 512m) |
| maxCpu | string | Optional | CPU limit (default: 1) |
| maxOutputSize | number | Optional | Max output size in bytes (default: 1048576) |
Agent Manifest
Runtime configuration format
Agent Manifest
The manifest tells the platform how to build and execute your agent. It follows the same philosophy as Docker, Vercel, and Railway — a declarative configuration file that describes your agent's runtime, dependencies, entrypoint, permissions, and input schema.
Structure
Each agent version stores a manifest JSON that defines the execution environment. Below is the full schema:
| Field | Type | Required | Description |
|---|---|---|---|
| runtime | enum | Required | Runtime environment. One of: node, python, python3, custom |
| runtimeVersion | string | Optional | Runtime version (e.g. 18, 3.11) |
| entrypoint | string | Required | File to execute (e.g. index.js, main.py, run.sh) |
| install | string[] | Optional | Shell commands to run before execution, in order (e.g. ["npm install", "pip install -r requirements.txt"]) |
| buildCommand | string | Optional | Build command run before execution (e.g. npm run build) |
| startCommand | string | Optional | Override the default run command entirely |
| inputs | array | Optional | Input parameter schema. Each input has: name, type (string|number|boolean|file|json), description, required, default |
| permissions.internet | boolean | Optional | Allow outbound internet access (default: false) |
| permissions.filesystem | enum | Optional | Filesystem access: read, write, or none (default: none) |
| permissions.env | string[] | Optional | Environment variable names the agent requires |
| timeout | number | Optional | Execution timeout in seconds (default: 30, max: 300) |
Example — Node.js Agent
{
"runtime": "node",
"runtimeVersion": "18",
"entrypoint": "index.js",
"install": ["npm install"],
"inputs": [
{ "name": "prompt", "type": "string", "required": true, "description": "Input text to process" },
{ "name": "temperature", "type": "number", "required": false, "default": 0.7 }
],
"permissions": {
"internet": true,
"filesystem": "none"
},
"timeout": 60
}Example — Python Agent
{
"runtime": "python",
"runtimeVersion": "3.11",
"entrypoint": "main.py",
"install": ["pip install -r requirements.txt"],
"inputs": [
{ "name": "pdf", "type": "file", "required": true, "description": "PDF file to analyze" },
{ "name": "format", "type": "string", "required": false, "default": "markdown" }
],
"permissions": {
"internet": false,
"filesystem": "read"
},
"timeout": 120
}How the Sandbox Uses It
- 1
Fetch Code
Sandbox downloads the code archive from
codeUrl - 2
Select Runtime Image
Chooses the base Docker image based on
runtime(node:18-slim, python:3.11-slim, etc.) - 3
Install Dependencies
Runs each command in
installarray in order - 4
Execute Entrypoint
Runs the
entrypointfile with the appropriate runtime. The agent receivesINPUT_JSONenv var and should output JSON on stdout - 5
Return Output
Sandbox reads stdout, parses the last JSON line, and returns it as the execution result
Example Agent — Python PDF Analyzer
A complete agent directory looks like:
my-agent/
├── manifest.yaml # Optional — inline JSON used in API
├── main.py # Entrypoint
├── requirements.txt # Dependencies
└── utils/
└── parser.py# main.py — receives INPUT_JSON env var
import os, json
input_data = json.loads(os.environ['INPUT_JSON'])
prompt = input_data.get('prompt', '')
result = { "response": f"Processed: {prompt}", "tokens": len(prompt.split()) }
print(json.dumps(result)) # Last JSON line = outputClient SDK
TypeScript client library
Client SDK
Use the @agentarc/common package for easy integration.
Installation
npm install @agentarc/commonClient Usage
import { apiRequest } from '@agentarc/common';
// All requests go through the gateway
const API_BASE = '/api/v1';
// List trending agents (no auth needed)
const trending = await apiRequest('/agents/trending');
// Get agent details
const agent = await apiRequest('/agents/' + agentId);
// Run an agent (requires auth)
const execution = await apiRequest('/agents/' + agentId + '/run', {
method: 'POST',
body: JSON.stringify({ input: { prompt: 'Hello' } }),
});
// Check execution status
const status = await apiRequest('/executions/' + execution.id + '/status');TypeScript Types
interface Agent {
id: string;
name: string;
slug: string;
description: string;
category: string;
tags: string[];
priceType: 'FREE' | 'PAY_PER_RUN' | 'SUBSCRIPTION_MONTHLY' | 'SUBSCRIPTION_YEARLY' | 'CREDITS';
priceUsdc?: string;
status: 'ACTIVE' | 'SUSPENDED' | 'FLAGGED' | 'ARCHIVED' | 'PENDING_REVIEW';
ratingAvg: number;
executionCount: number;
isVerified: boolean;
createdAt: string;
}
interface Execution {
id: string;
agentId: string;
status: 'QUEUED' | 'PROVISIONING' | 'RUNNING' | 'SUCCESS' | 'FAILED' | 'TIMEOUT' | 'CANCELLED' | 'SANDBOX_ERROR';
inputPayload: Record<string, unknown>;
outputPayload?: Record<string, unknown>;
logs?: Array<{ level: string; message: string; timestamp: string }>;
errorMessage?: string;
costUsdc?: string;
durationMs?: number;
createdAt: string;
}
interface PaginatedResponse<T> {
data: T[];
pagination: {
page: number;
limit: number;
total: number;
totalPages: number;
hasNext: boolean;
hasPrev: boolean;
};
}Errors
Status codes and error handling
Errors & Status Codes
Standard HTTP status codes and error response format.
HTTP Status Codes
| Field | Type | Required | Description |
|---|---|---|---|
| 200 | OK | Required | Request succeeded |
| 201 | Created | Required | Resource created successfully |
| 204 | No Content | Required | Request succeeded, no response body |
| 400 | Bad Request | Required | Invalid request body or parameters |
| 401 | Unauthorized | Required | Missing or invalid authentication |
| 403 | Forbidden | Required | Authenticated but not authorized |
| 404 | Not Found | Required | Resource not found |
| 409 | Conflict | Required | Duplicate or conflicting state |
| 422 | Unprocessable | Required | Validation failed |
| 429 | Too Many Requests | Required | Rate limit exceeded (1000 req/60s) |
| 502 | Bad Gateway | Required | Upstream service unavailable |
| 504 | Gateway Timeout | Required | Upstream service timed out (30s) |
Error Response Format
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Name must be between 1 and 100 characters",
"statusCode": 422
},
"timestamp": "2026-05-13T12:00:00.000Z"
}Error Codes
| Field | Type | Required | Description |
|---|---|---|---|
| VALIDATION_ERROR | string | Required | Request body failed validation |
| UNAUTHORIZED | string | Required | Missing or invalid auth credentials |
| NOT_FOUND | string | Required | Resource does not exist |
| RATE_LIMITED | string | Required | Too many requests, slow down |
| INSUFFICIENT_FUNDS | string | Required | Not enough balance for payment |
| SANDBOX_ERROR | string | Required | Sandbox infrastructure error |
| TIMEOUT | string | Required | Execution exceeded time limit |
API Playground
Test endpoints interactively
Need help? Check the system health page or explore the marketplace.