ConnectOnion API

Agent open

Name -

Trust Level -

Address -

Tools -

Accepted Inputs -

POST /input Send a prompt to the agent ▾

Request Body

prompt string

▶ Images & Files (optional)

Images base64 data URLs, one per line Files or select files to attach

▶ Signed Request (optional)

Payload Preview

Sign externally. Never paste private keys here.

from string - public key signature string

Curl

curl -X POST "http://localhost:8000/input" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "hello"}'

Response

{ }

GET /sessions List all sessions ▾

Auto-refresh

Curl

curl -X GET "http://localhost:8000/sessions"

Response

{ }

GET /sessions/{session_id} Get single session by ID ▾

Parameters

session_id string (path)

Curl

curl -X GET "http://localhost:8000/sessions/{session_id}"

Response

{ }

GET /info Get agent metadata ▾

Curl

curl -X GET "http://localhost:8000/info"

Response

{ }

GET /health Health check endpoint ▾

Curl

curl -X GET "http://localhost:8000/health"

Response

{ }

GET /docs This documentation page ▾

Curl

curl -X GET "http://localhost:8000/docs"

Returns this HTML page.

Admin Endpoints

Requires OPENONION_API_KEY authorization

API Key:

GET /admin/logs Get agent activity logs (auth required) ▾

Curl

curl -X GET "http://localhost:8000/admin/logs" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{ }

GET /admin/sessions Get all activity sessions (auth required) ▾

Curl

curl -X GET "http://localhost:8000/admin/sessions" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{ }

WS /ws WebSocket streaming connection ▾

Disconnected

Send Message

Connection

websocat ws://localhost:8000/ws

Messages

Trust Levels

open - Unsigned requests accepted (development)
careful - If signature present, must be valid
strict - Signature required (production)

For signed requests: payload.to should match agent address, payload.timestamp should be within 5 minutes.