API Documentation

Everything you need to build with the AGENTARC platform

Overview

API overview and base information

AGENTARC API v1

The AGENTARC API gives you programmatic access to discover, deploy, and execute AI agents in a secure sandboxed runtime. Every agent runs in an isolated Docker container with strict resource limits, no network access, and all capabilities dropped.

Base URL
/api/v1
Format
JSON request/response, UTF-8 encoded
Auth
JWT Bearer tokens or X-Api-Key headers

All API requests should be made to the gateway at http://localhost:3000. The gateway automatically routes requests to the appropriate microservice and handles authentication, rate limiting, and request logging.

Getting Started

Quick start guide

Getting Started

Follow these steps to start using the AGENTARC API.

1

Connect a Wallet

Authenticate with your Ethereum wallet

bash
# Get a nonce
curl http://localhost:3000/api/v1/auth/nonce?wallet=0xYourWalletAddress

# Sign the message with your wallet and login
curl -X POST http://localhost:3000/api/v1/auth/login \
  -H 'Content-Type: application/json' \
  -d '{"walletAddress": "0x...", "signature": "0x..."}'
2

Get an API Key

Create an API key for server-to-server requests

bash
# Create an API key (requires JWT auth)
curl -X POST http://localhost:3000/api/v1/auth/api-keys \
  -H 'Authorization: Bearer <your-jwt>' \
  -H 'Content-Type: application/json' \
  -d '{"name": "Production Key", "scopes": ["*"]}'
3

Browse & Run Agents

Discover agents and execute them

bash
# List trending agents
curl http://localhost:3000/api/v1/agents/trending

# Run an agent (requires auth)
curl -X POST http://localhost:3000/api/v1/agents/:id/run \
  -H 'Authorization: Bearer <your-jwt>' \
  -H 'Content-Type: application/json' \
  -d '{"input": {"prompt": "Analyze this data"}}'

Architecture

System architecture overview

Architecture

AGENTARC is built as a microservices architecture with a central API gateway.

┌─────────────┐     ┌──────────────┐
│   Frontend  │────▶│   Gateway    │
│   :3010     │     │   :3000      │
└─────────────┘     └──────┬───────┘
                           │
              ┌────────────┼──────────────────┐
              ▼            ▼            ▼      ▼
        ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
        │   Auth   │ │ Registry │ │Execution │ │  Search  │
        │  :3001   │ │  :3002   │ │  :3003   │ │  :3006   │
        └──────────┘ └──────────┘ └────┬─────┘ └──────────┘
                                        │
                                        ▼
                                  ┌──────────┐
                                  │ Sandbox  │
                                  │  :3004   │
                                  └──────────┘
        ┌──────────┐ ┌──────────┐ ┌──────────┐
        │Payment   │ │  Vault   │ │Observab. │
        │  :3005   │ │  :3007   │ │  :3009   │
        └──────────┘ └──────────┘ └──────────┘
3000

Gateway

Port 3000

3001

Auth

Port 3001

3002

Registry

Port 3002

3003

Execution

Port 3003

3004

Sandbox

Port 3004

3005

Payment

Port 3005

3006

Search

Port 3006

3007

Vault

Port 3007

3009

Observability

Port 3009

The Gateway handles all incoming requests, applies rate limiting (1000 req/60s), authenticates via JWT or API key, and proxies to the appropriate service. Each service is independently deployable and scalable.

Authentication

Wallet auth, JWT, and API keys

Authentication

AGENTARC uses wallet-based authentication with JWT tokens and API keys.

Wallet Authentication (SIWE)

Authenticate by signing a message with your Ethereum wallet. This uses the Sign-In with Ethereum (EIP-4361) standard.

GET
/auth/nonce?wallet=0x...Get Nonce

Get a unique nonce to sign

None
POST
/auth/loginLogin

Submit signed message for JWT tokens

None
POST
/auth/refreshRefresh

Refresh an expired access token

None
javascript
// Using ethers.js v6
import { ethers } from 'ethers';

const provider = new ethers.BrowserProvider(window.ethereum);
const signer = await provider.getSigner();
const address = await signer.getAddress();

// 1. Get nonce + signing message
const { message } = await fetch(
  '/api/v1/auth/nonce?wallet=' + address
).then(r => r.json());

// 2. Sign the formatted message (not the bare nonce hex)
const signature = await signer.signMessage(message);

// 3. Login — message is required for backend verification
const { accessToken, refreshToken, user } = await fetch(
  '/api/v1/auth/login', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ walletAddress: address, signature, message }),
  }
).then(r => r.json());

// 4. Use token in subsequent requests
const agents = await fetch('/api/v1/agents?creatorId=' + user.id, {
  headers: { Authorization: 'Bearer ' + accessToken },
}).then(r => r.json());

API Keys

For server-to-server requests, create API keys. Pass them via the X-Api-Key header.

bash
# Using an API key
curl -H 'X-Api-Key: ag_your_api_key_here' \
  http://localhost:3000/api/v1/agents

API keys are shown once at creation. Store them securely — they cannot be retrieved later.

JWT Tokens

Access tokens expire after 15 minutes. Refresh tokens are valid for 7 days.

FieldTypeRequiredDescription
AuthorizationHeader
Required
Bearer <access_token>
X-Api-KeyHeaderOptionalAlternative to JWT for server-to-server
x-wallet-addressHeaderOptionalWallet address for wallet-specific operations
X-Idempotency-KeyHeaderOptionalIdempotency key for safe retries

Agents API

Create, manage, and execute agents

Agents API

Create, manage, discover, and execute AI agents.

Endpoints

GET
/agentsList Agents

Paginated list with filtering by category, status, price, rating

None
GET
/agents/trendingTrending

Agents sorted by trending score (uses, recency, rating)

None
GET
/agents/search?q=Search

Full-text search across name, description, tags

None
GET
/agents/categoriesCategories

All categories with agent count

None
GET
/agents/suggestions?q=Suggestions

Autocomplete suggestions

None
GET
/agents/:idGet Agent

Full agent details with creator and latest version

None
POST
/agentsCreate Agent

Publish a new agent to the marketplace

JWT
PUT
/agents/:idUpdate Agent

Update agent metadata

JWT
DELETE
/agents/:idDelete Agent

Soft-delete (archives the agent)

JWT
GET
/agents/:id/versionsGet Versions

List all versions of an agent

None
POST
/agents/:id/versionsCreate Version

Upload a new version

JWT
POST
/agents/:id/runRun Agent

Execute an agent with input

JWT

Query Parameters (GET /agents)

FieldTypeRequiredDescription
pagenumberOptionalPage number (default: 1)
limitnumberOptionalItems per page (default: 20, max: 100)
categorystringOptionalFilter by category slug
statusstringOptionalFilter by status (ACTIVE, SUSPENDED, etc.)
creatorIdstringOptionalFilter by creator user ID
isVerifiedbooleanOptionalVerified agents only
isFeaturedbooleanOptionalFeatured agents only
sortBystringOptionaltrendingScore, popularityScore, ratingAvg, createdAt, priceUsdc
sortOrderasc|descOptionalSort direction

Create Agent Schema

json
{
  "name": "My Agent",
  "description": "A detailed description of what this agent does...",
  "shortDescription": "Short one-liner",
  "category": "defi",
  "tags": [
    "analytics",
    "defi"
  ],
  "priceType": "PAY_PER_RUN",
  "priceUsdc": "0.01",
  "codeUrl": "https://storage.example.com/agent-v1.js",
  "sandboxConfig": {},
  "permissionsManifest": {},
  "runtimeLimits": {
    "maxExecutionTime": 30000,
    "maxMemory": "512m",
    "maxCpu": "1"
  },
  "allowedDomains": [],
  "requiredSecrets": []
}

Executions API

Track and manage executions

Executions API

Track and manage agent executions in real-time.

Endpoints

GET
/executionsList

Paginated list of your executions

JWT
GET
/executions/:idGet

Full execution details

None
GET
/executions/:id/statusStatus

Current status, logs, and output

None
POST
/executions/:id/cancelCancel

Cancel a queued or running execution

JWT

Execution Flow

QUEUED

Execution is created and added to the BullMQ queue with idempotency check

PROVISIONING

Sandbox container is being created with agent code and runtime config

RUNNING

Agent code executes in the isolated Docker container with resource limits

SUCCESS/FAILED

Execution completes, logs captured, output returned, container cleaned up

Execution Status Values

FieldTypeRequiredDescription
QUEUEDstring
Required
Waiting in BullMQ queue for a worker
PROVISIONINGstring
Required
Sandbox container being provisioned
RUNNINGstring
Required
Agent code is executing
SUCCESSstring
Required
Execution completed successfully
FAILEDstring
Required
Runtime error during execution
TIMEOUTstring
Required
Execution exceeded time limit (default 30s)
CANCELLEDstring
Required
User cancelled the execution
SANDBOX_ERRORstring
Required
Infrastructure error in sandbox

WebSocket Events

Subscribe to real-time updates via Socket.IO at namespace /executions.

javascript
import { io } from 'socket.io-client';

const socket = io('http://localhost:3003/executions');

// Subscribe to execution updates
socket.emit('subscribe', { executionId: 'uuid-here' });

// Listen for status changes
socket.on('execution:update', (payload) => {
  console.log('Status:', payload.data.status);
  console.log('Output:', payload.data.output);
});

// Listen for real-time logs
socket.on('execution:log', (log) => {
  console.log('[LOG]', log.level, log.message);
});

// Unsubscribe when done
socket.emit('unsubscribe', { executionId: 'uuid-here' });

Payments API

On-chain USDC payments

Payments API

Handle on-chain payments via USDC on Arbitrum.

Endpoints

GET
/paymentsList

List authenticated user's payment history

JWT
POST
/payments/createCreate

Create a payment intent for an agent run

JWT
POST
/payments/verifyVerify

Verify an on-chain transaction

JWT
GET
/payments/:id/statusStatus

Get payment status with confirmations

None
GET
/payments/verifyCheck Access

Check if user has paid for an agent

None
GET
/payments/price/:agentIdPrice

Get the price for an agent

None

Revenue Split

Platform fee is 2.5% of each paid execution. The remaining 97.5% goes to the agent developer.

text
Amount:       0.01 USDC
Platform Fee:  0.00025 USDC (2.5%)
Developer:     0.00975 USDC (97.5%)

Vault API

Secure secrets management

Vault API

Securely store and manage secrets for your agents.

Endpoints

GET
/vault/secretsList

List all stored secrets (values masked)

JWT
POST
/vault/secretsCreate

Store a new encrypted secret

JWT
GET
/vault/secrets/:idGet

Retrieve a secret value (decrypted)

JWT
DELETE
/vault/secrets/:idDelete

Soft-delete a secret

JWT

Encryption

Secrets are encrypted at rest using AES-256-GCM with automatic key rotation every 7 days.

Algorithm

AES-256-GCM

Key Rotation

Every 7 days

Scopes

AGENT, USER, GLOBAL

Sandbox

Secure execution environment

Sandbox

Every agent executes in an isolated, secure sandbox environment.

Security Features

Docker Isolation

Each agent runs in its own Docker container with no access to the host system.

Read-Only Filesystem

Container root filesystem is read-only. Only /tmp is writable.

Resource Limits

Strict CPU, memory (512mb), and execution time (30s) limits.

Capability Dropped

All Linux capabilities are dropped. No new privileges allowed.

Seccomp Filtering

System calls are filtered based on the agent's permission manifest.

Network Policy

All private IP ranges blocked. Outbound to public internet only if permitted.

Default Runtime Limits

FieldTypeRequiredDescription
maxExecutionTimenumberOptionalMaximum execution time in ms (default: 30000)
maxMemorystringOptionalMaximum memory (default: 512m)
maxCpustringOptionalCPU limit (default: 1)
maxOutputSizenumberOptionalMax output size in bytes (default: 1048576)

Agent Manifest

Runtime configuration format

Agent Manifest

The manifest tells the platform how to build and execute your agent. It follows the same philosophy as Docker, Vercel, and Railway — a declarative configuration file that describes your agent's runtime, dependencies, entrypoint, permissions, and input schema.

Structure

Each agent version stores a manifest JSON that defines the execution environment. Below is the full schema:

FieldTypeRequiredDescription
runtimeenum
Required
Runtime environment. One of: node, python, python3, custom
runtimeVersionstringOptionalRuntime version (e.g. 18, 3.11)
entrypointstring
Required
File to execute (e.g. index.js, main.py, run.sh)
installstring[]OptionalShell commands to run before execution, in order (e.g. ["npm install", "pip install -r requirements.txt"])
buildCommandstringOptionalBuild command run before execution (e.g. npm run build)
startCommandstringOptionalOverride the default run command entirely
inputsarrayOptionalInput parameter schema. Each input has: name, type (string|number|boolean|file|json), description, required, default
permissions.internetbooleanOptionalAllow outbound internet access (default: false)
permissions.filesystemenumOptionalFilesystem access: read, write, or none (default: none)
permissions.envstring[]OptionalEnvironment variable names the agent requires
timeoutnumberOptionalExecution timeout in seconds (default: 30, max: 300)

Example — Node.js Agent

json
{
  "runtime": "node",
  "runtimeVersion": "18",
  "entrypoint": "index.js",
  "install": ["npm install"],
  "inputs": [
    { "name": "prompt", "type": "string", "required": true, "description": "Input text to process" },
    { "name": "temperature", "type": "number", "required": false, "default": 0.7 }
  ],
  "permissions": {
    "internet": true,
    "filesystem": "none"
  },
  "timeout": 60
}

Example — Python Agent

json
{
  "runtime": "python",
  "runtimeVersion": "3.11",
  "entrypoint": "main.py",
  "install": ["pip install -r requirements.txt"],
  "inputs": [
    { "name": "pdf", "type": "file", "required": true, "description": "PDF file to analyze" },
    { "name": "format", "type": "string", "required": false, "default": "markdown" }
  ],
  "permissions": {
    "internet": false,
    "filesystem": "read"
  },
  "timeout": 120
}

How the Sandbox Uses It

  1. 1

    Fetch Code

    Sandbox downloads the code archive from codeUrl

  2. 2

    Select Runtime Image

    Chooses the base Docker image based on runtime (node:18-slim, python:3.11-slim, etc.)

  3. 3

    Install Dependencies

    Runs each command in install array in order

  4. 4

    Execute Entrypoint

    Runs the entrypoint file with the appropriate runtime. The agent receives INPUT_JSON env var and should output JSON on stdout

  5. 5

    Return Output

    Sandbox reads stdout, parses the last JSON line, and returns it as the execution result

Example Agent — Python PDF Analyzer

A complete agent directory looks like:

bash
my-agent/
  ├── manifest.yaml          # Optional — inline JSON used in API
  ├── main.py                # Entrypoint
  ├── requirements.txt       # Dependencies
  └── utils/
      └── parser.py
python
# main.py — receives INPUT_JSON env var
import os, json

input_data = json.loads(os.environ['INPUT_JSON'])
prompt = input_data.get('prompt', '')

result = { "response": f"Processed: {prompt}", "tokens": len(prompt.split()) }
print(json.dumps(result))  # Last JSON line = output

Client SDK

TypeScript client library

Client SDK

Use the @agentarc/common package for easy integration.

Installation

bash
npm install @agentarc/common

Client Usage

javascript
import { apiRequest } from '@agentarc/common';

// All requests go through the gateway
const API_BASE = '/api/v1';

// List trending agents (no auth needed)
const trending = await apiRequest('/agents/trending');

// Get agent details
const agent = await apiRequest('/agents/' + agentId);

// Run an agent (requires auth)
const execution = await apiRequest('/agents/' + agentId + '/run', {
  method: 'POST',
  body: JSON.stringify({ input: { prompt: 'Hello' } }),
});

// Check execution status
const status = await apiRequest('/executions/' + execution.id + '/status');

TypeScript Types

typescript
interface Agent {
  id: string;
  name: string;
  slug: string;
  description: string;
  category: string;
  tags: string[];
  priceType: 'FREE' | 'PAY_PER_RUN' | 'SUBSCRIPTION_MONTHLY' | 'SUBSCRIPTION_YEARLY' | 'CREDITS';
  priceUsdc?: string;
  status: 'ACTIVE' | 'SUSPENDED' | 'FLAGGED' | 'ARCHIVED' | 'PENDING_REVIEW';
  ratingAvg: number;
  executionCount: number;
  isVerified: boolean;
  createdAt: string;
}

interface Execution {
  id: string;
  agentId: string;
  status: 'QUEUED' | 'PROVISIONING' | 'RUNNING' | 'SUCCESS' | 'FAILED' | 'TIMEOUT' | 'CANCELLED' | 'SANDBOX_ERROR';
  inputPayload: Record<string, unknown>;
  outputPayload?: Record<string, unknown>;
  logs?: Array<{ level: string; message: string; timestamp: string }>;
  errorMessage?: string;
  costUsdc?: string;
  durationMs?: number;
  createdAt: string;
}

interface PaginatedResponse<T> {
  data: T[];
  pagination: {
    page: number;
    limit: number;
    total: number;
    totalPages: number;
    hasNext: boolean;
    hasPrev: boolean;
  };
}

Errors

Status codes and error handling

Errors & Status Codes

Standard HTTP status codes and error response format.

HTTP Status Codes

FieldTypeRequiredDescription
200OK
Required
Request succeeded
201Created
Required
Resource created successfully
204No Content
Required
Request succeeded, no response body
400Bad Request
Required
Invalid request body or parameters
401Unauthorized
Required
Missing or invalid authentication
403Forbidden
Required
Authenticated but not authorized
404Not Found
Required
Resource not found
409Conflict
Required
Duplicate or conflicting state
422Unprocessable
Required
Validation failed
429Too Many Requests
Required
Rate limit exceeded (1000 req/60s)
502Bad Gateway
Required
Upstream service unavailable
504Gateway Timeout
Required
Upstream service timed out (30s)

Error Response Format

json
{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Name must be between 1 and 100 characters",
    "statusCode": 422
  },
  "timestamp": "2026-05-13T12:00:00.000Z"
}

Error Codes

FieldTypeRequiredDescription
VALIDATION_ERRORstring
Required
Request body failed validation
UNAUTHORIZEDstring
Required
Missing or invalid auth credentials
NOT_FOUNDstring
Required
Resource does not exist
RATE_LIMITEDstring
Required
Too many requests, slow down
INSUFFICIENT_FUNDSstring
Required
Not enough balance for payment
SANDBOX_ERRORstring
Required
Sandbox infrastructure error
TIMEOUTstring
Required
Execution exceeded time limit

API Playground

Test endpoints interactively

Need help? Check the system health page or explore the marketplace.