Skip to main content
All endpoints on this page except the read-only ownership and relationship lookups require the admin scope.

Kill Switch

Block an Agent

Immediately blocks the agent from making requests through the proxy.

Unblock an Agent

Quarantine

Quarantine an Agent

Flags a shadow or misbehaving agent as quarantined and blocks it in the proxy layer.

Release from Quarantine

List Quarantined Agents

Lifecycle

List Expired Agents

Agents whose expires_at has passed.

List Agents Due for Review

Agents whose review_date has passed.

Configure Lifecycle

Sets an agent’s expiry date, access review cadence, and/or sponsor. All fields are optional; review_frequency must be weekly, monthly, quarterly, or annually and drives the computed review_date.

Ownership (ABAC)

Assign an Owner

owner_type must be user, team, or service_account. owner_id is a caller-supplied external identifier (e.g. an SSO user ID), not a MeshAI-generated ID. permissions defaults to {"can_invoke": true, "can_configure": false, "can_delete": false} when omitted.

List Agent Owners

Requires the registry:read scope.

Remove an Owner

owner_id here is the integer ID of the ownership record returned by POST /agents/{agent_id}/owners (not the external owner_id string).
Returns 204 No Content on success.

List Agents by Owner

Requires the registry:read scope. owner_id is the external identifier used when the owner was assigned.

Relationships

Agent Relationships

Requires the registry:read scope. Lists the models, providers, tools, and other agents this agent calls.

Relationship Graph

Requires the registry:read scope. Returns the full tenant-wide agent dependency graph as nodes and edges.

Security Posture

Composite tenant security score (0-100) across six weighted dimensions: agent ownership, agent expiry, access reviews, quarantine status, kill switch status, and risk classification coverage.