Overview
The CodePiper API is served over two transports:
- Unix socket (
/tmp/codepiper.sock) for CLI communication. No authentication required (the OS enforces access control via file permissions). - HTTP (default port 3000, when started with
--web) for the web dashboard. All endpoints are prefixed with/apiand require a valid session cookie.
Request and response bodies use JSON. All endpoints return standard HTTP status codes.
Sessions
List Sessions
GET /sessionsReturns all sessions with their current status.
Create Session
POST /sessions| Field | Type | Required | Description |
|---|---|---|---|
provider | string | Yes | claude-code or codex |
cwd | string | Yes | Absolute path to working directory |
billingMode | string | No | subscription (default) or api |
dangerousMode | boolean | No | Bypass all policy checks |
worktree | boolean | No | Create a git worktree |
createBranch | string | No | Branch name for worktree |
envSetIds | string[] | No | Encrypted environment set IDs |
workspaceId | string | No | Workspace scope |
args | string[] | No | Pass-through arguments to provider |
Get Session
GET /sessions/:idStop Session
POST /sessions/:id/stopGraceful stop. The agent receives a stop signal.
Kill Session
POST /sessions/:id/killForce kill. Terminates the tmux session immediately.
Resume Session
POST /sessions/:id/resumeResume a stopped session.
Send Text
POST /sessions/:id/send| Field | Type | Required | Description |
|---|---|---|---|
text | string | Yes | Text to send |
newline | boolean | No | Append newline (default: true) |
Send Keys
POST /sessions/:id/keys| Field | Type | Required | Description |
|---|---|---|---|
keys | string[] | Yes | Key sequences (e.g. ["ctrl+c"], ["enter"]) |
Get Output
GET /sessions/:id/outputReturns the current terminal capture (tmux pane content).
Resize Terminal
POST /sessions/:id/resize| Field | Type | Required | Description |
|---|---|---|---|
cols | number | Yes | Column count |
rows | number | Yes | Row count |
Upload Image
POST /sessions/:id/upload-imageUpload an image file for visual context. Multipart form data.
Validate Session
POST /sessions/validateDry-run session creation. Returns validation errors without creating a session.
Validate Git
POST /sessions/validate-gitValidate git repository state for worktree creation.
Providers
List Providers
GET /providersReturns provider runtime info and capability metadata for each registered provider.
Model (Claude Code only)
Get Current Model
GET /sessions/:id/modelSwitch Model
PUT /sessions/:id/model| Field | Type | Required | Description |
|---|---|---|---|
model | string | Yes | Model alias or full ID (e.g. sonnet, opus, claude-sonnet-4-5) |
Policies
List Policies
GET /policiesCreate Policy
POST /policies| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Policy name |
enabled | boolean | No | Default: true |
priority | number | No | Higher evaluates first (default: 0) |
rules | Rule[] | Yes | Array of policy rules |
Get Policy
GET /policies/:idUpdate Policy
PUT /policies/:idDelete Policy
DELETE /policies/:idPolicy Sets
CRUD
GET /policy-setsPOST /policy-setsGET /policy-sets/:idPUT /policy-sets/:idDELETE /policy-sets/:idManage Members
POST /policy-sets/:id/policies # Add policy to setDELETE /policy-sets/:id/policies/:policyId # Remove policy from setAudit Log
GET /policy-decisionsQuery parameters: sessionId, limit, offset.
Session Policy Sets
List Assigned Sets
GET /sessions/:id/policy-setsAssign Policy Set
POST /sessions/:id/policy-setsRemove Policy Set
DELETE /sessions/:id/policy-sets/:setIdGet Effective Policies
GET /sessions/:id/effective-policiesReturns the merged, priority-ordered list of all rules that apply to this session.
Session Policies
Get Session Policy
GET /sessions/:id/policyUpdate Session Policy
PUT /sessions/:id/policyEvents
List Events
GET /sessions/:id/eventsQuery parameters: source (filter by event source), limit, offset.
Hook Ingestion
POST /hooks/claudeInternal endpoint used by codepiper hook-forward to send Claude Code hook events to the daemon.
Analytics
Overview
GET /analytics/overview?range=7dRange values: today, 7d, 30d, all.
Returns: session count, active sessions, total tokens, input/output/cache tokens, messages, cache hit rate, cost estimate.
Activity Timeline
GET /analytics/activity-timeline?range=7dDaily message counts (user and assistant).
Token Usage
GET /analytics/token-usage?range=7dDaily token breakdown (prompt, completion, cache creation, cache read).
Tokens by Model
GET /analytics/tokens-by-model?range=7dPer-model token counts and cost estimates.
Sessions by Provider
GET /analytics/sessions-by-provider?range=7dTool Usage
GET /analytics/tool-usage?range=7dTop 15 tools by usage count.
Policy Decisions
GET /analytics/policy-decisions?range=7dGit (per session)
Status
GET /sessions/:id/git/statusBranches
GET /sessions/:id/git/branchesLog
GET /sessions/:id/git/logDiff
GET /sessions/:id/git/diffFile Content
GET /sessions/:id/git/file?path=<relative-path>Raw File
GET /sessions/:id/git/file-raw?path=<relative-path>Diff Stats
GET /sessions/:id/git/diff-statStage Files
POST /sessions/:id/git/stageUnstage Files
POST /sessions/:id/git/unstageTerminal (per session)
Terminal Info
GET /sessions/:id/terminal/infoReturns pane mode, scroll position, and history size.
Enter/Exit Copy Mode
POST /sessions/:id/terminal/modeScroll
POST /sessions/:id/terminal/scrollSearch
POST /sessions/:id/terminal/searchTranscribe Audio
POST /sessions/:id/terminal/transcribeSpeech-to-text transcription for uploaded audio files.
Workflows
CRUD
GET /workflowsPOST /workflowsGET /workflows/:idDELETE /workflows/:idExecute
POST /workflows/:id/execute| Field | Type | Required | Description |
|---|---|---|---|
variables | object | No | Key-value pairs for variable substitution |
Returns 202 Accepted with the execution ID.
List Executions
GET /workflows/:id/executionsQuery parameters: status, limit.
Get Execution
GET /workflows/:id/executions/:execIdGET /workflows/executions/:execIdCancel Execution
POST /workflows/:id/executions/:execId/cancelPOST /workflows/executions/:execId/cancelAuth
Status
GET /auth/statusReturns setup state, MFA status, and authentication state. No auth required.
Setup (first-time)
POST /auth/setup| Field | Type | Required | Description |
|---|---|---|---|
password | string | Yes | New admin password (min 8 chars) |
bootstrapPassword | string | Yes | One-time password from daemon startup |
Login
POST /auth/login| Field | Type | Required | Description |
|---|---|---|---|
password | string | Yes | Admin password |
totpCode | string | No | 6-digit TOTP code (required if MFA enabled) |
Logout
POST /auth/logoutMFA Setup
POST /auth/mfa/setupReturns a TOTP secret and QR code URI.
MFA Verify
POST /auth/mfa/verify| Field | Type | Required | Description |
|---|---|---|---|
code | string | Yes | 6-digit TOTP verification code |
Returns recovery codes on success.
Change Password
POST /auth/passwordList Auth Sessions
GET /auth/sessionsRevoke All Sessions
POST /auth/sessions/revoke-allCLI-Only: Reset Password
POST /auth/cli/reset-passwordUnix socket only. Cannot be called via HTTP.
CLI-Only: Reset MFA
POST /auth/cli/reset-mfaUnix socket only. Revokes all active sessions.
Settings
Daemon Settings
GET /settings/daemonPUT /settings/daemonPOST /settings/daemon/restartWorkspaces
GET /workspacesPOST /workspacesGET /workspaces/:idPUT /workspaces/:idDELETE /workspaces/:idEnvironment Sets
GET /env-setsPOST /env-setsGET /env-sets/:idPUT /env-sets/:idDELETE /env-sets/:idInfrastructure
Health Check
GET /healthVersion
GET /versionWebSocket Upgrade
GET /wsSee WebSocket Protocol for details.