Skip to content

Use API Reference

Use this section when you need wire-level behavior. For task workflows, start in Guides. For service ownership and operations, use Understand Services and Operations.

SurfaceBasePurpose
Use Management APIAPI service /v1Zones, applications, providers, resources, policies, policy sets, grants, sessions, audit, step-up, and templates.
Use Coordinator APICoordinator serviceAgent sessions, agent services, invocations, delegation edges, and SDK lifecycle endpoints.
Use STS EndpointSTS serviceOAuth token exchange, JWKS, step-up status, and internal policy operations.
Proxy Through GatewayGateway serviceProtected reverse-proxy behavior rather than CRUD endpoints.
Use Event TopicsRedis StreamsAudit, invalidation, revocation, agent, invocation, and delegation topics.
ServiceLocal port
API3000
Coordinator4000
STS8080
Gateway8081
Audit9090
ControlAPI 3000 when enabled

Caracal service errors use the shared OAuth-compatible shape:

{
"error": "access_denied",
"error_description": "policy denied request",
"requestId": "018f..."
}

See Error Codes for canonical codes.

NeedPage
Manage product objects over HTTPUse Management API
Manage agent and delegation runtime stateUse Coordinator API
Exchange authority for mandatesUse STS Endpoint
Understand Gateway proxy requirementsProxy Through Gateway
Consume or verify stream contractsUse Event Topics

Start with Use Management API when automating product setup.