Use API Reference
Use this section when you need wire-level behavior. For task workflows, start in Guides. For service ownership and operations, use Understand Services and Operations.
API Surfaces
Section titled “API Surfaces”| Surface | Base | Purpose |
|---|---|---|
| Use Management API | API service /v1 | Zones, applications, providers, resources, policies, policy sets, grants, sessions, audit, step-up, and templates. |
| Use Coordinator API | Coordinator service | Agent sessions, agent services, invocations, delegation edges, and SDK lifecycle endpoints. |
| Use STS Endpoint | STS service | OAuth token exchange, JWKS, step-up status, and internal policy operations. |
| Proxy Through Gateway | Gateway service | Protected reverse-proxy behavior rather than CRUD endpoints. |
| Use Event Topics | Redis Streams | Audit, invalidation, revocation, agent, invocation, and delegation topics. |
Service Ports
Section titled “Service Ports”| Service | Local port |
|---|---|
| API | 3000 |
| Coordinator | 4000 |
| STS | 8080 |
| Gateway | 8081 |
| Audit | 9090 |
| Control | API 3000 when enabled |
Error Shape
Section titled “Error Shape”Caracal service errors use the shared OAuth-compatible shape:
{ "error": "access_denied", "error_description": "policy denied request", "requestId": "018f..."}See Error Codes for canonical codes.
Reading Path
Section titled “Reading Path”| Need | Page |
|---|---|
| Manage product objects over HTTP | Use Management API |
| Manage agent and delegation runtime state | Use Coordinator API |
| Exchange authority for mandates | Use STS Endpoint |
| Understand Gateway proxy requirements | Proxy Through Gateway |
| Consume or verify stream contracts | Use Event Topics |
Next Step
Section titled “Next Step”Start with Use Management API when automating product setup.

