Fibric. Docs fibric.io →
v1.0.0 · stable
Reference

Object reference

Every core object in the Fibric API, consolidated on one page: the field tables and a canonical JSON example for each. The per-endpoint pages, Events, Operators, Connectors, Actions & plans, Receipts, Guardrails, Tenants, Webhooks, and API keys, document the operations on these objects; this page is the shape reference you keep open next to them.

Shared conventions, including authentication, pagination, the Idempotency-Key header, and the error envelope, are defined in the API overview. Error codes are catalogued in Errors.

Shared conventions

Every object the API returns follows the same rules:

Objectobject valueId prefixEndpoint page
Envelope (event)eventev_Events API
Operatoroperatorop_Operators API
Connectorconnectorcn_Connectors API
Capabilitynone (a value, not a resource)noneCapabilities
Planexecution_planpl_Actions & plans API
Actionactionact_Actions & plans API
Receiptreceiptrc_Receipts API
Guardrailguardrail_policygrd_Guardrails API
Tenanttenantt_Tenants API
Webhook endpointwebhook_endpointwhk_Webhooks API
API keyapi_keykey_API keys

How objects relate

One thread of work touches most of these objects in a fixed order. An event arrives and is stamped with a correlation_id. An operator subscribed to its event_type proposes a plan of actions, each carrying its entity_key and idempotency_key. The executor disposes each action under the matching guardrail rules, and every disposition, applied, blocked, alerted, or deduplicated, appends a receipt. The correlation_id is present on every object in the chain, so any one of them recovers the whole story.

the object graph, one thread of work
event ev_3a91c7            (correlation_id: co_51d2e8)
  └─ plan pl_7c1a          (operator op_8f2a1c, status: proposed)
       ├─ action act_91d0  (order.hold, verdict ALLOW)   ─> receipt rc_5b21 (applied)
       └─ action act_91d1  (order.notify, verdict ALERT) ─> receipt rc_5b22 (awaiting_approval)

connector cn_7d2f4a        fulfills order.hold / order.notify for both actions
guardrail grd_3c90e1       supplied the rules the verdicts cite
webhook_endpoint whk_6b3e0d  delivered plan.proposed and action.needs_approval
api_key key_4e91b2         authenticated the requests; request_id lands on each receipt

Two navigation rules follow. To go forward from a cause, filter by correlation_id: GET /v1/receipts?filters and the Search API both accept it. To go backward from an effect, follow the id fields: a receipt names its action_id, plan_id, event_id, and operator_id directly, so an auditor starting from one receipt needs no search at all.

Envelope (event)

The one canonical event for everything. A commerce webhook, an MQTT temperature reading, a cron tick, and an operator's own output all become the same shape; this is what makes the platform vertical-agnostic. The API's event object is the kernel's EventEnvelope plus the server-assigned read fields. See the event envelope for the concept.

FieldTypeDescription
idstringUnique identifier, prefixed ev_. Assigned by the server at ingestion.
objectstringAlways event.
reseller_idstring or nullThe reseller the tenant belongs to; null means Fibric-direct. Present on every envelope, stamped from the key.
tenant_idstringThe owning tenant, stamped from the key. Read-only.
workspace_idstring or nullThe workspace within the tenant, or null for tenant-wide events.
sourcestringWhat produced the event: a connector id such as magento, a gateway such as bacnet-gw-7, cron, or operator:<name> for an operator's own output.
event_typestringDot-delimited noun.verb type, for example order.updated or hvac.zone.fault. Operators subscribe by glob over this field.
correlation_idstringThreads one piece of work across events, plans, actions, and receipts. Generated if not supplied at ingestion.
payloadobjectThe event body. Shape is source-defined; the convention is an entity reference ({ "kind", "id" }) plus the source fields.
agent_idstring or nullThe operator that produced this event, when the source is an operator.
session_idstring or nullGroups events belonging to one interactive session, when there is one.
received_atstringRFC 3339 timestamp the server accepted the envelope.
plan_idsstring[]Plans this event caused, populated as operators respond. Empty for events no operator acted on.
json · the event object
{
  "id": "ev_3a91c7",
  "object": "event",
  "reseller_id": null,
  "tenant_id": "t_8f2ac901",
  "workspace_id": null,
  "source": "magento",
  "event_type": "order.updated",
  "correlation_id": "co_51d2e8",
  "payload": {
    "order": "SO-10884",
    "status": "open",
    "ship_by": "2026-07-06",
    "carrier_scanned": false
  },
  "agent_id": null,
  "session_id": null,
  "received_at": "2026-07-02T14:58:01Z",
  "plan_ids": ["pl_7c1a"]
}

Operator

A named AI worker with a goal, a fixed capability allowlist, and the sense-reason-propose loop. An operator never acts directly: it proposes plans, and the deterministic executor disposes them. See Operators for the concept.

FieldTypeDescription
idstringUnique identifier, prefixed op_.
objectstringAlways operator.
namestringThe operator's name within the tenant. It appears on every plan and receipt the operator produces.
statusstringactive, paused, or error. A paused operator senses nothing and proposes nothing.
outcomestringThe goal in plain language. Part of the reviewed contract, not a tunable.
capabilitiesstring[]The complete allowlist of capabilities the operator may sense or propose through. A plan naming a tool outside this list fails validation.
guardrailsobject[]The trust rules bound to this operator: tool, decision (ALLOW / ALERT / BLOCK), and optional max_value. See Guardrail.
modelstringA model-router alias such as router:default, never a hardcoded vendor model. Resolved per tenant by the router seam.
schedulestring or nullCron expression for scheduled operators; null for purely event-driven or on-demand operators.
created_atstringRFC 3339 timestamp of creation.
last_runobject or nullSummary of the most recent run: run_id, counts of sensed, proposed, and applied, and its timestamp. null before the first run.
json · the operator object
{
  "id": "op_8f2a1c",
  "object": "operator",
  "name": "order-risk",
  "status": "active",
  "outcome": "No order misses its promised ship date without a hold and a reason on the record.",
  "capabilities": ["order.read", "order.hold", "order.notify"],
  "guardrails": [
    { "tool": "order.hold", "decision": "ALLOW", "max_value": 500 },
    { "tool": "order.notify", "decision": "ALERT" }
  ],
  "model": "router:default",
  "schedule": "*/15 * * * *",
  "created_at": "2026-06-10T14:21:03Z",
  "last_run": {
    "run_id": "run_5b21",
    "sensed": 42,
    "proposed": 3,
    "applied": 2,
    "at": "2026-07-02T15:02:11Z"
  }
}

Connector

An installed instance of a marketplace listing, bound to one connection's credentials. The connector is where capabilities become concrete: it declares which capabilities it fulfills and which of its tools are side-effecting. See Connectors for the concept and the Connector SDK for authoring.

FieldTypeDescription
idstringUnique identifier for this installed instance, prefixed cn_.
objectstringAlways connector.
listingstringThe marketplace listing this instance was installed from, for example cn-magento.
namestringYour name for this instance, for example magento-us-store. Multiple instances of one listing are distinguished by name.
kindstringsaas, hardware, or operator. Operators are connectors too; the kind is metadata, not a different code path.
transportstringHow the platform talks to it. mcp for all current listings.
capabilitiesstring[]The capabilities this instance fulfills. Operators bind to these, not to the connector directly.
toolsobject[]The tools the connector exposes: name plus side_effect. Side-effecting tools route through the executor and trust policy; reads do not.
authobjectThe auth declaration: type (oauth2, api_key, basic, aws_iam, mtls, or none) and a credential hint. Secrets are never returned.
statusstringconnected, degraded, error, or pending_auth. Status transitions can be delivered by webhook.
created_atstringRFC 3339 timestamp of installation.
last_synced_atstring or nullTimestamp of the most recent successful ingest or probe; null before the first.
json · the connector object
{
  "id": "cn_7d2f4a",
  "object": "connector",
  "listing": "cn-magento",
  "name": "magento-us-store",
  "kind": "saas",
  "transport": "mcp",
  "capabilities": ["order.read", "order.hold", "order.notify"],
  "tools": [
    { "name": "order.read",   "side_effect": false },
    { "name": "order.hold",   "side_effect": true },
    { "name": "order.notify", "side_effect": true }
  ],
  "auth": { "type": "api_key", "hint": "mg_****41" },
  "status": "connected",
  "created_at": "2026-06-18T10:02:00Z",
  "last_synced_at": "2026-07-02T14:59:40Z"
}

Capability

A capability is a value, not a resource: a dot-delimited noun.verb string naming one governed ability, such as order.hold or conversation.read. It has no id, no object field, and no endpoint of its own; it is the level of indirection that lets an operator require order.hold without knowing whether Magento or Shopify fulfills it. Swapping the fulfilling connector is configuration, not a redeploy. See Capabilities.

Where it appearsAsMeaning
Operator capabilitiesstring[]The allowlist: everything the operator may sense or propose through. Enforced at sense time, plan validation, and disposition.
Connector capabilitiesstring[]What this installed instance fulfills. One connector can fulfill many capabilities; one capability is fulfilled by exactly one bound connector per operator.
GET /v1/connectors?capability=query filterWhich installed connectors fulfill a capability, used when binding.
Guardrail rulestool matchTrust rules match on the tool name, which by convention is the capability the tool implements.
json · a capability binding, inside an operator create
{
  "name": "order-risk",
  "capabilities": ["order.read", "order.hold"],
  "bindings": {
    "order.read": "cn_7d2f4a",
    "order.hold": "cn_7d2f4a"
  }
}

Plan

The kernel's ExecutionPlan: what an operator proposes and the only thing the executor will run. The LLM proposes; the deterministic executor disposes. A plan is validated against the kernel type before it exists as an API object, so every plan you can read was structurally sound. See the Actions & plans API for the approval flow.

FieldTypeDescription
idstringUnique identifier, prefixed pl_.
objectstringAlways execution_plan.
operator_idstringThe operator that proposed the plan.
event_idstring or nullThe event that triggered the run, or null for scheduled and on-demand runs.
statusstringproposed, executing, disposed, vetoed, or expired.
reasoningstring or nullThe operator's stated reasoning, stored with the plan and shown in review queues.
actionsobject[]The proposed actions, each carrying its verdict from the trust evaluation.
proposed_atstringRFC 3339 timestamp of the proposal.
disposed_atstring or nullTimestamp the plan reached a final state; null while proposed or executing.
expires_atstring or nullWhen an unapproved plan expires. An expired plan is receipted as such and never runs.
json · the plan object
{
  "id": "pl_7c1a",
  "object": "execution_plan",
  "operator_id": "op_8f2a1c",
  "event_id": "ev_3a91c7",
  "status": "proposed",
  "reasoning": "SO-10884 is paid, unfulfilled, and two days from its promise with no carrier scan. Hold it and tell the owner.",
  "actions": [
    {
      "id": "act_91d0",
      "connector": "cn_7d2f4a",
      "tool": "order.hold",
      "args": { "order": "SO-10884", "reason": "will miss promised ship date" },
      "value": 184.5,
      "entity_key": "order:SO-10884",
      "idempotency_key": "order-risk:SO-10884:hold",
      "verdict": { "decision": "ALLOW", "tier": 1, "rule": "tool:order.hold max_value:500" }
    }
  ],
  "proposed_at": "2026-07-02T15:02:09Z",
  "disposed_at": null,
  "expires_at": "2026-07-05T15:02:09Z"
}

Action

One side effect inside a plan, from proposal through disposition. The proposal fields are the kernel's PlannedAction, and the disposition is the kernel's ActionDisposition: a trust decision (ALLOW, ALERT, BLOCK) or DEDUP when the idempotency key had already been applied. The two keys are the kernel primitives that make a runaway flood structurally impossible; see Single-flight & idempotency.

FieldTypeDescription
idstringUnique identifier, prefixed act_. Stable from proposal through disposition.
objectstringAlways action.
plan_idstringThe plan this action belonged to.
connectorstringThe connector instance the tool routes through.
toolstringThe tool the action invokes, for example order.hold.
argsobjectThe validated arguments, unchanged from the proposal.
valuenumber, optionalThe monetary or physical magnitude, when the tool has one; evaluated against max_value guardrail rules.
entity_keystringSingle-flight key, conventionally kind:id. The executor serializes all side effects sharing the key.
idempotency_keystringDedup key, conventionally operator:entity:action. A key already applied disposes as DEDUP.
verdictobjectThe trust evaluation: decision, tier, and the rule that matched.
dispositionstringALLOW, ALERT, BLOCK, or DEDUP.
okbooleanWhether the disposition completed without error. A BLOCK is ok: false with error: "blocked by trust policy".
errorstring or nullError detail when ok is false.
receipt_idstringThe immutable receipt written for this action, refusals included.
undoablebooleantrue when the tool declares a compensating inverse and the action applied successfully.
undonebooleantrue after a successful undo.
disposed_atstringRFC 3339 timestamp of the disposition.
json · the action object
{
  "id": "act_91d0",
  "object": "action",
  "plan_id": "pl_7c1a",
  "connector": "cn_7d2f4a",
  "tool": "order.hold",
  "args": { "order": "SO-10884", "reason": "will miss promised ship date" },
  "value": 184.5,
  "entity_key": "order:SO-10884",
  "idempotency_key": "order-risk:SO-10884:hold",
  "verdict": { "decision": "ALLOW", "tier": 1, "rule": "tool:order.hold max_value:500" },
  "disposition": "ALLOW",
  "ok": true,
  "error": null,
  "receipt_id": "rc_5b21",
  "undoable": true,
  "undone": false,
  "disposed_at": "2026-07-02T15:04:41Z"
}

Receipt

The immutable record of one disposition: the proposal exactly as the operator made it, the policy decision, the keys, who approved, and the outcome. Receipts are append-only; there is no write scope for them because only the kernel appends. Refusals and dedups are receipted with the same fidelity as applied actions. See Receipts & audit.

FieldTypeDescription
idstringUnique identifier, prefixed rc_.
objectstringAlways receipt.
reseller_idstring or nullStamped from the tenant, on every row.
tenant_idstringThe owning tenant.
operator_idstringThe operator whose plan produced this disposition.
operatorstringThe operator's name at disposition time, denormalized for readable exports.
event_idstring or nullThe triggering event, threading the receipt back to its cause.
plan_idstringThe plan the action belonged to.
action_idstringThe action this receipt records.
connectorstringThe connector instance the action routed through.
toolstringThe tool invoked, or refused.
entity_keystringThe single-flight key the disposition held.
idempotency_keystringThe dedup key the disposition checked.
verdictobjectThe trust evaluation: decision, tier, and the matching rule.
outcomestringapplied, blocked, deduplicated, failed, or awaiting_approval.
approverstring or nullWho approved an ALERT action; null for unattended dispositions.
request_idstringThe API request that caused the disposition, for correlation with your own logs.
atstringRFC 3339 timestamp of the disposition.
json · the receipt object
{
  "id": "rc_5b21",
  "object": "receipt",
  "reseller_id": null,
  "tenant_id": "t_8f2ac901",
  "operator_id": "op_8f2a1c",
  "operator": "order-risk",
  "event_id": "ev_3a91c7",
  "plan_id": "pl_7c1a",
  "action_id": "act_91d0",
  "connector": "cn_7d2f4a",
  "tool": "order.hold",
  "entity_key": "order:SO-10884",
  "idempotency_key": "order-risk:SO-10884:hold",
  "verdict": { "decision": "ALLOW", "tier": 1, "rule": "tool:order.hold max_value:500" },
  "outcome": "applied",
  "approver": null,
  "request_id": "req_9b3e21f0",
  "at": "2026-07-02T15:04:41Z"
}

Guardrail

A named, versioned trust policy: the deterministic half of the loop. Rules match on connector and tool, optionally constrain by value, and yield a decision. Evaluation is default-closed: no matching rule is BLOCK, a matching rule with a failed constraint is BLOCK, and among passing matches ALERT wins over ALLOW. See the Guardrails API and Trust tiers.

FieldTypeDescription
idstringUnique identifier, prefixed grd_.
objectstringAlways guardrail_policy.
namestringThe policy's name within the tenant.
descriptionstring or nullWhat the policy is for, in plain language.
statusstringactive or disabled. A disabled policy contributes no rules, which under default-closed evaluation means less is allowed, never more.
versionintegerMonotonic version, incremented on every rules change. Receipts record the version that evaluated them.
rulesobject[]The rules, evaluated as a set. Each rule: optional connector and tool matchers (absent means any), optional max_value constraint, and a decision of ALLOW, ALERT, or BLOCK.
created_atstringRFC 3339 timestamp of creation.
updated_atstringTimestamp of the most recent change.
json · the guardrail policy object
{
  "id": "grd_3c90e1",
  "object": "guardrail_policy",
  "name": "refund-ceiling",
  "description": "Refunds auto-run to $250; larger refunds page a human.",
  "status": "active",
  "version": 3,
  "rules": [
    { "tool": "order.refund", "decision": "ALLOW", "max_value": 250 },
    { "tool": "order.refund", "decision": "ALERT" }
  ],
  "created_at": "2026-05-14T10:00:00Z",
  "updated_at": "2026-06-30T16:42:12Z"
}

Tenant

The isolation boundary. Every envelope, plan, action, and receipt carries the tenant's id, and a key belongs to exactly one tenant; another tenant's ids read as 404 not_found, not 403. Workspaces subdivide a tenant for scoping keys and organizing operators. See Tenancy & isolation and the Tenants API.

FieldTypeDescription
idstringUnique identifier, prefixed t_.
objectstringAlways tenant.
namestringDisplay name.
slugstringURL-safe identifier, unique across the platform.
reseller_idstring or nullThe reseller the tenant belongs to; null means Fibric-direct.
planstringThe billing plan, for example early_access or team.
workspacesobject[]The tenant's workspaces: id (prefixed ws_), name, created_at. Keys may be pinned to one workspace; see tenant and workspace scoping.
created_atstringRFC 3339 timestamp of creation.
json · the tenant object
{
  "id": "t_8f2ac901",
  "object": "tenant",
  "name": "Acme Fulfillment",
  "slug": "acme-fulfillment",
  "reseller_id": null,
  "plan": "early_access",
  "workspaces": [
    { "id": "ws_2d81f0", "name": "us-store", "created_at": "2026-05-01T10:00:00Z" },
    { "id": "ws_9a44c2", "name": "eu-store", "created_at": "2026-06-12T09:30:00Z" }
  ],
  "created_at": "2026-04-01T12:00:00Z"
}

Webhook endpoint

A registered HTTPS destination for signed deliveries: plan proposals, action dispositions, connector status changes, and receipts, pushed as they happen. Deliveries wrap the full API objects defined on this page, so a consumer rarely needs a follow-up fetch. Signature verification, the retry schedule, and the delivery object are covered in the Webhooks API.

FieldTypeDescription
idstringUnique identifier, prefixed whk_.
objectstringAlways webhook_endpoint.
urlstringThe HTTPS destination. Plain HTTP is rejected at creation.
typesstring[]Subscribed delivery types, for example plan.proposed or action.needs_approval.
statusstringactive, disabled (by you), or suspended (by Fibric, after sustained delivery failure).
secretstringSigning secret, prefixed whsec_. Returned in full at creation and rotation only; reads return a hint. Used to verify Fibric-Signature.
created_atstringRFC 3339 timestamp of creation.
last_delivery_atstring or nullTimestamp of the most recent delivery attempt, successful or not.
json · the webhook endpoint object
{
  "id": "whk_6b3e0d",
  "object": "webhook_endpoint",
  "url": "https://ops.example.com/fibric/webhook",
  "types": ["plan.proposed", "action.needs_approval", "connector.status_changed"],
  "status": "active",
  "secret": "whsec_5f2e8a1c9b0d7e4f6a3b",
  "created_at": "2026-07-02T15:30:00Z",
  "last_delivery_at": null
}

API key

The credential every request authenticates with. A key proves identity, names the one tenant it can touch, and carries the scopes that decide what it can do there. The full secret is returned exactly once, at creation; the object stores only a display hint. Key anatomy, roles, and rotation are covered in Authentication and the API keys reference.

FieldTypeDescription
idstringUnique identifier, prefixed key_. This is the id you revoke; it is not the secret.
objectstringAlways api_key.
namestringYour label for the workload holding the key, for example ingest-gateway.
modestringlive or test. The secret's prefix (sk_live_ / sk_test_) matches. Test keys operate on an isolated test partition.
rolestring or nullThe role preset the key was created from (read_only, ingest, operate, admin), or null for hand-assembled scopes. The expanded scopes are stored on the key; later role changes never alter existing keys.
scopesstring[]The granted scopes, for example events:write. The grant is the union; there is no implicit escalation.
workspace_idstring or nullWorkspace pin. A pinned key behaves as if the tenant contained only that workspace; null sees the whole tenant.
hintstringDisplay hint for the secret, for example sk_live_…41f7. The full secret is never readable after creation.
statusstringactive or revoked. Revocation is immediate and permanent.
last_used_atstring or nullTimestamp of the most recent authenticated request; null if never used.
created_atstringRFC 3339 timestamp of creation.
revoked_atstring or nullTimestamp of revocation; null while active.
json · the API key object
{
  "id": "key_4e91b2",
  "object": "api_key",
  "name": "ingest-gateway",
  "mode": "live",
  "role": "ingest",
  "scopes": ["events:write"],
  "workspace_id": null,
  "hint": "sk_live_…41f7",
  "status": "active",
  "last_used_at": "2026-07-02T15:11:02Z",
  "created_at": "2026-05-20T09:00:00Z",
  "revoked_at": null
}