Skip to content

Manage Product State

The API service owns product-management state and route handlers for zones, applications, providers, resources, policies, policy sets, grants, step-up challenges, policy templates, and zone events.

PropertyValue
Port3000
HealthGET /health
ReadinessGET /ready
MetricsGET /metrics
Main route prefix/v1
Optional docs route/docs when API docs are enabled
DependencyPurpose
PostgresProduct state, admin tokens, policy versions, grants, sessions, outbox, audit admin events.
RedisEvent streams and outbox dispatch.
STSService URL used by management flows that need STS coordination.
Runtime secretsAdmin token, zone KEK, stream HMAC, audit HMAC, Gateway-STS HMAC, database and Redis URLs.

API writes event_outbox rows in the same transaction as product-state changes. The dispatcher signs payloads with STREAMS_HMAC_KEY and publishes Redis stream events such as policy invalidation and audit records.

SignalMeaning
API readinessDatabase, Redis, outbox dead rows, and service config are healthy enough for management operations.
API_READY_OUTBOX_DEAD_MAXReadiness threshold for dead outbox rows.
Admin auth failuresToken, scope, or rate-limit issue for Console/Admin clients.
Outbox age/dead metricsRedis or dispatcher is not draining management events.

Use Coordinate Agent State to understand agent sessions, invocations, and delegation runtime state.