Expand description
Engine-core HTTP admin API.
Mounted at /api/v1/engine/core/* by the engine binary so the engine
console (/engine/console) has structured JSON to render.
Endpoints (all return JSON):
GET /api/v1/engine/core/infopublic, no authGET /api/v1/engine/core/healthpublic, no authGET /api/v1/engine/core/active-modulespublic, no authGET /api/v1/engine/core/modulesadminPOST /api/v1/engine/core/modules/{name}/toggleadminGET /api/v1/engine/core/instancesadminGET /api/v1/engine/core/auditadminGET /api/v1/engine/core/configadmin (secrets redacted)
Admin-gated endpoints reuse the same Authorization: Bearer ...
check the auth admin router uses (compared in constant-ish time
against EngineState.admin_api_keys). When admin_api_keys is
empty every admin endpoint returns 401 — locking the surface
entirely. info, health, and active-modules are always public
so dashboards can render the header bar + cross-nav before an
operator has supplied credentials.
Backend-agnostic: handlers branch on the BackendConfig variant
to call into either PgEngineSchema or SqliteEngineSchema. SQLite
engines are single-instance so the instances endpoint typically
returns one row; the shape stays identical so the UI doesn’t care.
Structs§
- Audit
Entry - Audit
Query - Engine
Info - Instance
Entry - List
Audit Response - List
Instances Response - List
Modules Response - Module
Entry - Page
Query - Toggle
Body - Toggle
Response
Functions§
- router
- Build the engine-core admin router. Bound to
EngineState<S>so handlers can pluck the workflow store, the parsed config, and the admin keys list off the parent state.