REST API

CortexPrism exposes a full REST API on the same port as the Web UI (default 3000). WebSocket chat at /ws.

Authentication

The webAuth config block controls authentication. When requireAuth is true, endpoints (except /api/auth/*, /api/health, /api/status, /api/system) require a session cookie obtained via login.

First-time password setup: POST /api/auth/change-password skips session auth when no password exists. The Security tab dynamically shows "Set Password" vs "Change Password".

Note: Some endpoints below are marked as 🔜 planned — they may not yet have active route handlers. Verify in the source code before relying on them.

Debug (v0.46+)

Live introspection endpoints for system debugging. These endpoints are available without auth when webAuth.requireAuth is enabled, for health checking purposes.

Method	Path	Description
`GET`	`/api/debug/health`	DB and disk health checks
`GET`	`/api/debug/sessions`	List active sessions with message counts
`GET`	`/api/debug/sessions/:id`	Full transcript and state for a session
`GET`	`/api/debug/metrics`	Prometheus-format metrics
`GET`	`/api/debug/config`	Safe config dump (no secrets)

System Diagnostics (v0.48.4+)

Method	Path	Description
`GET`	`/api/system/diagnostics`	Scheduler aliveness, running job count, DB file sizes, sandbox runtime, Deno memory usage
`POST`	`/api/jobs/recover`	Trigger stale job recovery (optional `timeoutMs`)
`GET`	`/api/jobs?source=`	Filter jobs by source (`ui`, `cli`, `seed`, `tool:<agentId>`)
`DELETE`	`/api/jobs/status/:status`	Delete all jobs of a given status
`DELETE`	`/api/jobs/batch`	Batch-delete jobs by IDs

OS API (v0.48.0+)

OS-layer endpoints for kernel introspection and health monitoring.

Method	Path	Description
`GET`	`/api/os/info`	Kernel metadata (name, version, uptime, role list, process count)
`GET`	`/api/os/processes`	Process tree with nested display and flat list
`GET`	`/api/os/capabilities`	Capability groups, role-to-capability mappings, group members
`GET`	`/api/os/health`	Aggregated health: daemon status, DB connectivity, jobs, memory, version, uptime

Built-in Agents (v0.48.0+)

Method	Path	Description
`GET`	`/api/agents/builtin`	🔜 Raw definitions of the 5 built-in agents

Method	Path	Description
`GET`	`/api/sessions`	List sessions (`?limit=20`)
`GET`	`/api/sessions/search?q=`	Search sessions
`GET`	`/api/sessions/tree`	Session hierarchy (parent + children)
`GET`	`/api/sessions/:id`	Get session details
`GET`	`/api/sessions/:id/messages`	Get session messages
`GET`	`/api/sessions/:id/children`	Get sub-agent sessions
`GET`	`/api/sessions/:id/events`	Get session events
`PATCH`	`/api/sessions/:id`	Update session (title rename)
`POST`	`/api/sessions/:id/resume`	Resume a session
`POST`	`/api/sessions/:id/close`	Close a session
`POST`	`/api/sessions/:id/archive`	Archive a session
`DELETE`	`/api/sessions/:id`	Delete a session
`DELETE`	`/api/sessions/:id/messages/:messageId`	Delete individual message

Agents

Method	Path	Description
`GET`	`/api/agents`	List agents
`GET`	`/api/agents/current`	Get active agent
`GET`	`/api/agents/sub-types`	Get sub-agent type definitions
`GET`	`/api/agents/:id`	Get agent details
`GET`	`/api/agents/:id/identity`	Get agent identity
`POST`	`/api/agents`	Create agent
`PUT`	`/api/agents/:id`	Update agent
`PUT`	`/api/agents/sub-types/:name`	Update sub-agent type config
`POST`	`/api/agents/:id/select`	Set as active agent
`DELETE`	`/api/agents/:id`	Delete agent

Memory

Method	Path	Description
`GET`	`/api/memory/search?q=&mode=hybrid`	Search memory
`GET`	`/api/memory/stats`	Memory statistics
`GET`	`/api/memory/health`	Per-tier health metrics
`POST`	`/api/memory/add`	Add a memory entry
`GET`	`/api/memory/reflections`	List reflection patterns
`GET`	`/api/memory/graph/entities?q=`	Search graph entities
`GET`	`/api/memory/graph?entity=&depth=`	Graph traversal
`GET`	`/api/memory/privacy`	Privacy configuration
`PUT`	`/api/memory/privacy`	Update privacy config
`GET`	`/api/memory/heuristics`	Heuristics configuration
`PUT`	`/api/memory/heuristics`	Update heuristics + trigger cycle
`GET`	`/api/memory/embeddings`	Embedding configuration
`PUT`	`/api/memory/embeddings`	Update embedding config
`GET`	`/api/memory/vector-store`	Vector store backend (SQLite/Qdrant/ChromaDB/Pinecone)
`PUT`	`/api/memory/vector-store`	Update vector store backend

Skills

Method	Path	Description
`GET`	`/api/skills`	List skills (`?origin=`, `?lifecycle=`)
`GET`	`/api/skills/stats`	Skill statistics
`GET`	`/api/skills/detail?name=`	Full skill details
`POST`	`/api/skills`	Create a skill
`DELETE`	`/api/skills?name=`	Delete a skill
`POST`	`/api/skills/merge`	Merge two skills
`POST`	`/api/skills/deprecate`	Deprecate a skill
`POST`	`/api/skills/promote`	Promote lifecycle state
`POST`	`/api/skills/load-human`	Load from .cortex/skills/
`POST`	`/api/skills/export`	Export to SKILL.md
`GET`	`/api/skills/dependencies?name=`	Dependency tree
`GET`	`/api/skills/health?name=`	Health scores

Codegraph (Code Intelligence)

Method	Path	Description
`GET`	`/api/codegraph/projects`	List indexed projects
`POST`	`/api/codegraph/index`	Start code indexing
`POST`	`/api/codegraph/incremental-sync`	Re-index changed files only (30s polling)
`GET`	`/api/codegraph/search?q=&project=`	Search symbols
`POST`	`/api/codegraph/impact`	Impact (blast radius) analysis
`GET`	`/api/codegraph/architecture?project=`	Architecture extraction
`POST`	`/api/codegraph/trace`	Path tracing between symbols

Workflows

Method	Path	Description
`GET`	`/api/workflows`	List workflows
`POST`	`/api/workflows`	Create workflow
`GET`	`/api/workflows/:id`	Get workflow details
`PUT`	`/api/workflows/:id`	Update workflow
`DELETE`	`/api/workflows/:id`	Delete workflow
`POST`	`/api/workflows/:id/run`	Execute workflow
`GET`	`/api/workflows/runs`	Run history
`GET`	`/api/workflows/approvals`	Pending approvals
`POST`	`/api/workflows/approvals/:id`	Approve/deny

Eval

Method	Path	Description
`GET`	`/api/eval/suites`	List eval suites
`POST`	`/api/eval/suites`	Create suite
`POST`	`/api/eval/run`	Run evaluation
`GET`	`/api/eval/runs`	Run history
`GET`	`/api/eval/runs/:id`	Run results
`GET`	`/api/eval/baselines`	List baselines
`POST`	`/api/eval/baselines/:runId`	Save as baseline
`DELETE`	`/api/eval/baselines/:id`	Delete baseline

Metacognition

Method	Path	Description
`GET`	`/api/metacognition/history`	Assessment history (decisions, reflections, escalations)
`GET`	`/api/metacognition/decisions?sessionId=`	Session-scoped decision history
`GET`	`/api/metacognition/summary`	Decision distribution, escalations, recent critiques

Skill Bus

Method	Path	Description
`GET`	`/api/skills/bindings`	Event bindings, bus status, recent event log

Memory (extended)

Method	Path	Description
`GET`	`/api/memory/duplicates`	Find duplicate graph entities
`POST`	`/api/memory/merge`	Merge two graph entities

Vault (extended)

Method	Path	Description
`POST`	`/api/vault/content`	Store multi-modal content (files, embeddings, text)

Codegraph (extended)

Method	Path	Description
`GET`	`/api/codegraph/search-all?q=&language=`	Cross-repo FTS search across all projects
`GET`	`/api/codegraph/languages?project=`	Distinct languages per project
`GET`	`/api/codegraph/ownership?file=`	Git blame author attribution
`GET`	`/api/codegraph/history?file=`	Git log commit history
`GET`	`/api/codegraph/qa?q=&project=`	Semantic code Q&A with citations
`GET`	`/api/codegraph/fitness?project=`	Architecture fitness rule checks
`GET`	`/api/codegraph/pilot-config`	Codebase pilot token budget
`PUT`	`/api/codegraph/pilot-config`	Update pilot config

Workflows (extended)

Method	Path	Description
`GET`	`/api/workflows`	Now returns workflows + recent agent plans
`GET`	`/api/workflows/plans`	Filter plans by session
`GET`	`/api/workflows/drift?sessionId=`	Goal drift event log
`GET`	`/api/workflows/tasks`	Sub-agent task board (active + recent)

Security (extended)

Method	Path	Description
`POST`	`/api/security/scan`	🔜 LLM vulnerability scan (prompt injection, data leaks, XSS, SQL injection)
`GET`	`/api/security/hygiene`	🔜 Credential hygiene check (duplicates, namespaces, count)
`GET`	`/api/security/policies/generate-allowlist`	🔜 Zero-trust path/domain allowlist from policies
`POST`	`/api/security/approvals/bulk`	Bulk approve/deny requests

Sandbox (extended)

Method	Path	Description
`GET`	`/api/sandbox/backends`	Available backends (docker, gvisor, e2b, daytona)
`GET`	`/api/sandbox/snapshot`	Environment snapshot (OS, Deno version, env vars)
`POST`	`/api/sandbox/reproduce`	Bug reproduction manifest generator
`GET`	`/api/sandbox/env-as-code`	Environment configuration serialization
`GET`	`/api/sandbox/workspace-snapshot`	File tree, sizes, sessions, git branch

Cross-Agent Context Protocol (CACP)

Method	Path	Description
`GET`	`/api/cacp/context?namespace=`	List shared context entries
`POST`	`/api/cacp/context`	Write to shared context
`GET`	`/api/cacp/conflicts`	List version conflicts
`POST`	`/api/cacp/conflicts/resolve`	Resolve a conflict
`GET`	`/api/cacp/links`	List linked sessions
`POST`	`/api/cacp/links`	Link sessions
`DELETE`	`/api/cacp/links/:id`	Unlink sessions

Glossary

Method	Path	Description
`GET`	`/api/glossary`	List all glossary terms
`GET`	`/api/glossary/:term`	Lookup a specific term
`POST`	`/api/glossary`	Define a new glossary term
`GET`	`/api/glossary/categories`	List term categories

Prompt Engineering Lab

Method	Path	Description
`GET`	`/api/prompts?templateId=`	List templates and runs
`POST`	`/api/prompts`	Create template or record run

Embeddings Pipeline

Method	Path	Description
`GET`	`/api/embeddings/pipeline`	🔜 Pipeline configuration and backends

RAG Evaluation

Method	Path	Description
`POST`	`/api/eval/rag`	🔜 RAG retrieval scoring (hit@1, recall, MRR)

Cost Optimizer

Method	Path	Description
`GET`	`/api/cost/optimizer`	🔜 Provider comparison and routing

Observability

Method	Path	Description
`GET`	`/api/observability/traces`	🔜 OTEL/Langfuse connection status and traces

Benchmarks

Method	Path	Description
`GET`	`/api/benchmarks`	🔜 Eval suites and model comparisons

Eval Harnesses

Method	Path	Description
`GET`	`/api/eval/harnesses`	Pre-built eval harness presets

PKM Assistant

Method	Path	Description
`GET`	`/api/pkm`	List PKM connections
`POST`	`/api/pkm/connect`	Connect PKM tool
`POST`	`/api/pkm/sync`	Sync PKM connection

Tools (extended)

Method	Path	Description
`POST`	`/api/tools/csv-parse`	🔜 Parse CSV data
`GET`	`/api/tools/discover`	🔜 List all registered tools
`POST`	`/api/tools/scaffold-plugin`	🔜 Generate plugin manifest scaffold
`GET`	`/api/tools/infrastructure-drift`	🔜 Check Terraform/Pulumi drift
`GET`	`/api/tools/certificates`	🔜 SSL/TLS monitoring
`GET`	`/api/tools/blueprints`	🔜 Project scaffold templates
`POST`	`/api/pal/cli`	🔜 Multi-model CLI orchestrator

Plugins

Method	Path	Description
`GET`	`/api/plugins/:name/verification`	Get stored supply-chain verification report
`POST`	`/api/plugins/:name/verification`	Re-run verification and persist report

Settings

Method	Path	Description
`GET`	`/api/settings/compressor`	🔜 Context compressor config
`PUT`	`/api/settings/compressor`	🔜 Update compressor settings
`GET`	`/api/agent/preferences`	🔜 Learned user preferences

Eval (extended)

Method	Path	Description
`GET`	`/api/eval/harnesses`	Eval harness presets

Analytics

Method	Path	Description
`GET`	`/api/analytics/roi`	🔜 Token, cost, session, tool call aggregation
`GET`	`/api/analytics/channels-memory`	🔜 Message counts per channel

MCP Gateway

Method	Path	Description
`POST`	`/api/mcp-gateway/health-retry`	🔜 Re-check MCP server health
`POST`	`/api/mcp-gateway/approvals`	Create approval request
`GET`	`/api/mcp-gateway/approvals`	List pending approvals
`POST`	`/api/mcp-gateway/approvals/:id/approve`	Approve request
`POST`	`/api/mcp-gateway/approvals/:id/deny`	Deny request

Sessions

Method	Path	Description
`GET`	`/api/sessions/links`	🔜 Cross-session context links

Memori

Method	Path	Description
`GET`	`/api/memori/preview?sessionId=`	🔜 Session checkpoint browser

MCP Discovery

Method	Path	Description
`GET`	`/api/mcp/discover`	🔜 Auto-discover MCP servers from env/config

Alcove

Method	Path	Description
`GET`	`/api/alcove/search?q=`	Semantic search over private .cortex/data/docs/

MCP Server

Method	Path	Description
`GET`	`/api/mcp/connections`	List MCP connections
`POST`	`/api/mcp/connections`	Add connection
`DELETE`	`/api/mcp/connections/:id`	Remove connection
`POST`	`/api/mcp/connections/:id/connect`	Connect to server
`POST`	`/api/mcp/connections/:id/disconnect`	Disconnect
`GET`	`/api/mcp/connections/:id/tools`	List server tools
`GET`	`/api/mcp/server`	Server status
`POST`	`/api/mcp/server/start`	Start server
`POST`	`/api/mcp/server/stop`	Stop server

Vault

Method	Path	Description
`GET`	`/api/vault/list`	List vault entries
`POST`	`/api/vault/store`	Store credential
`GET`	`/api/vault/get/:key`	Retrieve credential
`DELETE`	`/api/vault/delete/:key`	Delete credential
`GET`	`/api/vault/audit`	Access audit log
`POST`	`/api/vault/export`	Export vault
`POST`	`/api/vault/import`	Import vault

Computer Use

Method	Path	Description
`GET`	`/api/computer/screenshots`	Screenshot gallery
`GET`	`/api/computer/actions`	Action history
`GET`	`/api/computer/config`	Computer config
`PUT`	`/api/computer/config`	Update computer config

Remote / Nodes

Method	Path	Description
`GET`	`/api/remote/agents`	Connected remote agents
`GET`	`/api/remote/directives`	Directive history
`POST`	`/api/remote/deploy`	Deploy agent to node
`GET`	`/api/nodes`	List nodes (`?tier=`, `?status=`, `?group=`)
`GET`	`/api/nodes/groups`	List node groups
`POST`	`/api/nodes`	Register a node
`GET`	`/api/nodes/:id`	Get node details
`DELETE`	`/api/nodes/:id`	Remove a node
`POST`	`/api/nodes/:id/rekey`	Rotate node key
`GET`	`/api/nodes/:id/metrics`	Node metrics
`GET`	`/api/nodes/:id/directives`	Node directives

Swarm

Method	Path	Description
`GET`	`/api/swarm/topology`	Swarm node topology graph
`GET`	`/api/swarm/report`	Swarm health and resource report
`GET`	`/api/swarm/directives`	Directive history across swarm
`GET`	`/api/swarm/nodes/metrics`	Aggregated swarm node metrics
`GET`	`/api/swarm/nodes/:id/snapshots`	Node state snapshots

Daemons

Method	Path	Description
`GET`	`/api/daemons/health`	Daemon health pings
`GET`	`/api/daemons/:name/logs`	Daemon log tails
`POST`	`/api/daemons/:name/restart`	Restart daemon
`GET`	`/api/daemons/sockets`	IPC socket status

Security Supervisor

Method	Path	Description
`GET`	`/api/security/supervisor`	Supervisor config
`PUT`	`/api/security/supervisor`	Update supervisor config
`GET`	`/api/security/supervisor/cache`	🔜 Inspect decision cache
`DELETE`	`/api/security/supervisor/cache`	Clear decision cache
`GET`	`/api/security/supervisor/history`	Decision history
`GET`	`/api/security/classification`	🔜 Classification config
`PUT`	`/api/security/classification`	🔜 Update classification
`POST`	`/api/security/classification/test`	🔜 Test content classification

Policies

Method	Path	Description
`GET`	`/api/policies`	List policy rules
`POST`	`/api/policies`	Create policy rule
`PATCH`	`/api/policies/:id`	Update policy rule
`DELETE`	`/api/policies/:id`	Delete policy rule
`PUT`	`/api/policies/:id/toggle`	Enable/disable toggle

Config & Providers

Method	Path	Description
`GET`	`/api/config`	Get full config
`PUT`	`/api/config`	Update config (persists all sections)
`PUT`	`/api/config/provider`	Update provider settings (supports all provider-specific fields)
`GET`	`/api/providers/configured`	List configured providers (only those with API keys)
`GET`	`/api/providers/:kind/models`	Fetch available models from provider API
`GET`	`/api/providers/comparison`	Provider comparison data

Plugins

Method	Path	Description
`GET`	`/api/plugins`	List installed plugins
`GET`	`/api/plugins/panels`	List active plugin UI panels
`GET`	`/api/plugins/check-updates`	Check for plugin updates
`POST`	`/api/plugins/update-all`	Apply all plugin updates
`POST`	`/api/plugins/install`	Install a plugin
`GET`	`/api/plugins/:name`	Get plugin details
`POST`	`/api/plugins/:name/enable`	Enable a plugin
`POST`	`/api/plugins/:name/disable`	Disable a plugin
`DELETE`	`/api/plugins/:name`	Remove a plugin
`GET`	`/api/plugins/:name/config`	Get plugin config
`PUT`	`/api/plugins/:name/config`	Update plugin config
`GET`	`/api/plugins/:name/settings`	Get plugin settings schema
`GET`	`/api/plugins/:name/panel`	Serve plugin UI panel
`GET`	`/api/plugins/:name/panel.js`	Serve plugin UI JS

Services & Jobs

Method	Path	Description
`GET`	`/api/services`	List services
`GET`	`/api/services/:id`	Get service details
`POST`	`/api/services`	Create service
`PUT`	`/api/services/:id`	Update service
`POST`	`/api/services/:id/start`	Start service
`POST`	`/api/services/:id/stop`	Stop service
`GET`	`/api/jobs?status=pending`	List jobs
`POST`	`/api/jobs`	Create job
`POST`	`/api/jobs/:id/cancel`	Cancel job
`POST`	`/api/jobs/:id/trigger`	Trigger now
`DELETE`	`/api/jobs/:id`	Delete job

Voice

Method	Path	Description
`POST`	`/api/voice/transcribe`	Speech-to-text
`POST`	`/api/voice/synthesize`	Text-to-speech
`GET`	`/api/voice/synthesize/:text`	TTS via GET
`GET`	`/api/voice/providers`	List TTS providers
`GET`	`/api/voice/tts`	🔜 TTS config
`PUT`	`/api/voice/tts`	🔜 Update TTS config
`GET`	`/api/voice/stt`	🔜 STT config
`PUT`	`/api/voice/stt`	🔜 Update STT config
`PUT`	`/api/voice/vad`	🔜 Update VAD config

Soul

Method	Path	Description
`GET`	`/api/soul/templates`	List personality templates
`GET`	`/api/soul/:file`	Get soul file (soul/user/memory)
`PUT`	`/api/soul/:file`	Update soul file
`POST`	`/api/soul/memory/append`	Append to MEMORY.md

Workspace & Git

Method	Path	Description
`GET`	`/api/workspace/files`	List files
`GET`	`/api/workspace/history`	Edit history
`GET`	`/api/workspace/git/status`	Git status
`GET`	`/api/workspace/git/log`	Commit log
`GET`	`/api/workspace/git/diff`	Working tree diff
`GET`	`/api/workspace/git/branches`	List branches
`POST`	`/api/workspace/git/commit`	Commit changes
`POST`	`/api/workspace/git/push`	Push to remote
`POST`	`/api/workspace/git/pull`	Pull from remote
`POST`	`/api/workspace/undo`	Undo last file change
`POST`	`/api/workspace/redo`	Redo undone change

Projects

Method	Path	Description
`POST`	`/api/projects/import-github`	Clone a GitHub repo into workspace and create a project

GitHub

Method	Path	Description
`GET`	`/api/github/token`	Check token status
`GET`	`/api/github/repos`	List user repos
`GET`	`/api/github/repos/:owner/:name`	Get repo details
`GET`	`/api/github/repos/:owner/:name/pulls`	List PRs
`GET`	`/api/github/repos/:owner/:name/issues`	List issues
`GET`	`/api/github/repos/:owner/:name/branches`	List branches

Sandbox & Code Execution

Method	Path	Description
`POST`	`/api/code/exec`	Execute code in sandbox
`GET`	`/api/sandbox/config`	Sandbox configuration (runtime, Docker/gVisor availability, timeout/memory limits, supported languages)
`PUT`	`/api/sandbox/config`	Update sandbox config
`GET`	`/api/sandbox/images`	Docker image list
`POST`	`/api/sandbox/images/pull`	Pull Docker image
`DELETE`	`/api/sandbox/images/:id`	Remove Docker image
`GET`	`/api/sandbox/backends`	Available backends (docker, gvisor, e2b, daytona)
`POST`	`/api/sandbox/snapshots`	Capture environment snapshot
`GET`	`/api/sandbox/snapshots`	List environment snapshots
`GET`	`/api/sandbox/snapshots/:id`	Get snapshot detail
`POST`	`/api/sandbox/snapshots/:id/replicate`	Replicate snapshot to workspace
`GET`	`/api/sandbox/snapshots/compare?id1=&id2=`	Diff two snapshots
`DELETE`	`/api/sandbox/snapshots/:id`	Delete snapshot
`POST`	`/api/workspace/snapshots`	Capture workspace snapshot
`GET`	`/api/workspace/snapshots`	List workspace snapshots
`GET`	`/api/workspace/snapshots/:id`	Get workspace snapshot
`POST`	`/api/workspace/snapshots/:id/restore`	Restore workspace snapshot
`GET`	`/api/workspace/snapshots/diff?id1=&id2=`	Diff workspace snapshots
`DELETE`	`/api/workspace/snapshots/:id`	Delete workspace snapshot
`POST`	`/api/sandbox/dev-env/generate`	Generate dev environment manifest
`GET`	`/api/sandbox/dev-env/manifest?workspacePath=`	Load dev env manifest
`PUT`	`/api/sandbox/dev-env/manifest`	Save/update dev env manifest
`GET`	`/api/sandbox/dev-env/list`	List all dev env manifests
`GET`	`/api/sandbox/bug-repro`	List bug reproduction runs
`POST`	`/api/sandbox/bug-repro`	Create bug repro run
`GET`	`/api/sandbox/bug-repro/:id`	Get bug repro detail
`POST`	`/api/sandbox/bug-repro/:id/run`	Execute bug repro in sandbox
`DELETE`	`/api/sandbox/bug-repro/:id`	Delete bug repro run

QM & MQM

Method	Path	Description
`GET`	`/api/qm/summary`	🔜 Quartermaster summary
`GET`	`/api/qm/accuracy`	🔜 QM accuracy stats
`GET`	`/api/qm/recent`	Recent QM decisions
`GET`	`/api/qm/patterns`	QM learned patterns
`GET`	`/api/qm/health`	QM health status
`GET`	`/api/qm/config`	QM configuration
`POST`	`/api/qm/config`	Update QM config
`POST`	`/api/qm/reset`	Reset QM state
`GET`	`/api/mqm/summary`	MQM summary
`GET`	`/api/mqm/accuracy`	MQM accuracy
`GET`	`/api/mqm/stats`	MQM statistics
`GET`	`/api/mqm/decisions`	MQM decisions
`GET`	`/api/mqm/weights`	MQM signal weights

Observability

Method	Path	Description
`GET`	`/metrics`	Prometheus metrics endpoint
`GET`	`/api/lens/recent`	Recent audit events
`GET`	`/api/hooks`	🔜 List pipeline hooks
`POST`	`/api/hooks/:name/disable`	🔜 Disable a hook
`GET`	`/api/logs`	🔜 Server logs
`GET`	`/api/analytics`	🔜 Analytics data
`POST`	`/api/observability/test-otlp`	🔜 Test OTLP endpoint ping
`POST`	`/api/observability/test-langfuse`	🔜 Test Langfuse connection

Router & Metacognition

Method	Path	Description
`GET`	`/api/router/history`	🔜 Router history
`GET`	`/api/router/decisions`	🔜 Router decision log
`GET`	`/api/metacognition/history`	Metacognition history
`GET`	`/api/metacognition/decisions`	Metacognition decisions

Tools

Method	Path	Description
`GET`	`/api/tools/config`	Tool API key configs
`PUT`	`/api/tools/config`	Update tool API keys
`DELETE`	`/api/tools/config`	Remove tool API key
`GET`	`/api/tools/registry`	Tool catalog with schemas
`POST`	`/api/tools/:name/toggle`	Enable/disable tool
`GET`	`/api/tools/:name/stats`	Tool usage statistics

Sub-Agent Processes

Method	Path	Description
`GET`	`/api/processes/sub-agents`	List running sub-agent processes (live PIDs)

Dashboard

Method	Path	Description
`GET`	`/api/dashboard/config`	Get dashboard layout
`PUT`	`/api/dashboard/config`	Update dashboard layout

Marketplace

Method	Path	Description
`GET`	`/api/marketplace/plugins`	List marketplace plugins
`GET`	`/api/marketplace/agents`	List marketplace agents
`GET`	`/api/marketplace/categories`	List categories
`GET`	`/api/marketplace/stats`	Marketplace stats
`POST`	`/api/marketplace/plugins/:slug/install`	Install marketplace plugin
`POST`	`/api/marketplace/agents/:slug/import`	Import marketplace agent

Auth & Onboarding

Method	Path	Description
`POST`	`/api/auth/login`	Login (returns session cookie)
`POST`	`/api/auth/logout`	Logout
`POST`	`/api/auth/setup-password`	Set initial password
`POST`	`/api/auth/change-password`	Change password
`POST`	`/api/onboarding/provider`	Test + save provider
`POST`	`/api/onboarding/profile/answer`	Personalization Q&A
`POST`	`/api/onboarding/profile/skip`	Skip personalization
`POST`	`/api/onboarding/personality`	Set personality
`POST`	`/api/onboarding/telemetry`	Opt in/out
`POST`	`/api/onboarding/complete`	Finalize setup
`GET`	`/api/onboarding/status`	Check onboarding state

System

Method	Path	Description
`GET`	`/api/health`	Health check (public)
`GET`	`/api/status`	System status (public)
`GET`	`/api/system`	System info
`POST`	`/api/import`	🔜 Import data
`POST`	`/api/export`	🔜 Export data
`GET`	`/api/import/history`	🔜 Import history
`GET`	`/api/update/status`	Update status
`POST`	`/api/update/check`	Check for updates
`POST`	`/api/update/install`	Install update
`POST`	`/api/update/rollback`	Rollback update
`GET`	`/api/update/changelog`	Update changelog
`POST`	`/api/upload`	Upload file (base64)
`POST`	`/api/webhooks/:name`	Trigger webhook
`GET`	`/mcp`	MCP HTTP endpoint
`POST`	`/mcp`	MCP JSON-RPC
`GET`	`/ws`	WebSocket upgrade
`GET`	`/ws/node`	Node WebSocket endpoint

WebSocket Protocol

Connect to ws://127.0.0.1:3000/ws.

Client → Server:

{ "type": "chat", "message": "...", "sessionId": "sess_...", "files": [...] }
{ "type": "ping" }
{ "type": "new_session" }
{ "type": "select_agent", "agentId": "..." }
{ "type": "audio_chunk", "data": "..." }
{ "type": "audio_end" }
{ "type": "speak", "text": "..." }

Server → Client:

{ "type": "connected" }
{ "type": "session", "sessionId": "sess_..." }
{ "type": "start" }
{ "type": "chunk", "delta": "..." }
{ "type": "reasoning", "content": "..." }
{ "type": "tool_call", "tool": "...", "args": {...} }
{ "type": "tool_result", "tool": "...", "result": "..." }
{ "type": "done", "tokensIn": 100, "tokensOut": 50, "costUsd": 0.001, "durationMs": 800 }
{ "type": "error", "error": "..." }
{ "type": "pong" }
{ "type": "audio", "data": "...", "format": "mp3" }
{ "type": "voice_state", "listening": true }
{ "type": "file_change", "path": "..." }

Session resume: include an existing sessionId in a chat message to continue across WebSocket reconnects and page reloads.

CortexPrism — Open-source AI agent operating system · Discord · Apache 2.0 License · Built with Deno 2.x + TypeScript

Uh oh!

Uh oh!

REST API

REST API

Authentication

Debug (v0.46+)

System Diagnostics (v0.48.4+)

OS API (v0.48.0+)

Built-in Agents (v0.48.0+)

Agents

Memory

Skills

Codegraph (Code Intelligence)

Workflows

Eval

Metacognition

Skill Bus

Memory (extended)

Vault (extended)

Codegraph (extended)

Workflows (extended)

Security (extended)

Sandbox (extended)

Cross-Agent Context Protocol (CACP)

Glossary

Prompt Engineering Lab

Embeddings Pipeline

RAG Evaluation

Cost Optimizer

Observability

Benchmarks

Eval Harnesses

PKM Assistant

Tools (extended)

Plugins

Settings

Eval (extended)

Analytics

MCP Gateway

Sessions

Memori

MCP Discovery

Alcove

MCP Server

Vault

Computer Use

Remote / Nodes

Swarm

Daemons

Security Supervisor

Policies

Config & Providers

Plugins

Services & Jobs

Voice

Soul

Workspace & Git

Projects

GitHub

Sandbox & Code Execution

QM & MQM

Observability

Router & Metacognition

Tools

Sub-Agent Processes

Dashboard

Marketplace

Auth & Onboarding

System

WebSocket Protocol

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!