Alethia Labs
API Reference

API Overview

Alethia API endpoints — authentication methods, base URLs, and route categories.

API Reference

Alethia exposes three categories of API routes, each with its own authentication mechanism.

Authentication Methods

CategoryAuth HeaderToken TypeUsed By
Worker APIsX-Worker-ID + X-Worker-TokenSHA-256 hashed tokenRunner agents
CLI APIsAuthorization: Bearer {jwt}HS256 JWT (1h access, 90d refresh)alethia CLI
Release APIsAuthorization: Bearer {secret}Static secret (RELEASE_API_SECRET)CI/CD pipeline

See Authentication Flows for details on each mechanism.

API Categories

Worker APIs

Job claiming, heartbeat, status updates, log streaming, plan artifacts.

CLI APIs

Zones, configurations, jobs, workers, repositories.

Auth APIs

Device code flow: generate, exchange, refresh.

Request Format

All APIs accept and return JSON. Errors return a consistent format:

{
  "error": "Human-readable error message"
}

HTTP status codes:

  • 200 — success
  • 201 — created
  • 400 — validation error
  • 401 — authentication failure
  • 404 — not found
  • 409 — conflict (e.g., duplicate release version)
  • 500 — internal error

Clusters

Viewing provisioned Kubernetes clusters with ArgoCD access and kubeconfig.

Worker APIs

API endpoints used by Runner agents for job claiming, heartbeat, and log streaming.

On this page

API ReferenceAuthentication MethodsAPI CategoriesRequest Format