Skip to content
kimbap
On this page

#HTTP API

The HTTP API is exposed by kimbap serve. It provides the same capabilities as the CLI, accessible over HTTP for programmatic integration.

bash
kimbap serve --port 8080

#Base URL

All endpoints are served under /v1/. Default listen address is http://127.0.0.1:8080.

#Authentication

Requests to the API require a valid kimbap bearer token in the Authorization header:

Authorization: Bearer <kimbap_token>

Tokens are issued via kimbap token and scoped to specific actions and tenants.

#Endpoints

#Execute an action

POST /v1/actions/{service}/{action}:execute

Runs an action through the full pipeline (identify, resolve, policy, credential, execute, audit).

Request body:

json
{
  "input": {
    "owner": "acme",
    "repo": "api"
  }
}

Response:

json
{
  "result": { ... }
}

#List pending approvals

GET /v1/approvals

Returns all pending approval requests.

#Approve a held action

POST /v1/approvals/{id}:approve

Approves a held action, allowing it to proceed through the pipeline.

#Audit log

GET /v1/audit

Returns recent audit log entries.

#Policy management

GET /v1/policies
PUT /v1/policies

Read or replace the active policy document.

#Vault metadata

GET /v1/vault

List vault key metadata. Secret values are never returned.

#Health check

GET /v1/health

Returns server health status.

Each API endpoint has a corresponding CLI command:

API (/v1/...)CLI (kimbap ...)
POST /v1/actions/{svc}/{action}:executekimbap call <svc>.<action>
GET /v1/approvalskimbap approve list
POST /v1/approvals/{id}:approvekimbap approve accept <id>
GET /v1/auditkimbap audit tail
GET /v1/policieskimbap policy get
PUT /v1/policieskimbap policy set --file <path>
GET /v1/vaultkimbap vault list
GET /v1/healthkimbap doctor (local diagnostics)

The CLI is the primary interface. Use the HTTP API when integrating kimbap into existing systems or when a persistent server is preferred over per-call CLI invocations.

#Next steps

Back to top ↑