API Reference

REST API reference for the YokeBot engine.

Overview

The YokeBot engine exposes a REST API for managing agents, tasks, chat, knowledge bases, and data tables. The dashboard uses this API under the hood, and you can call it directly for custom integrations.

Base URL

For YokeBot Cloud:

https://api.yokebot.com/api

For self-hosted instances, the default is:

http://localhost:3001/api

All endpoints below are relative to the base URL. For example, listing agents:

GET https://api.yokebot.com/api/agents

Authentication

The API supports two authentication methods:

1. JWT Tokens (Dashboard)

Supabase JWT tokens are used by the dashboard. Requires both Authorization and X-Team-Id headers.

curl -X GET https://api.yokebot.com/api/agents \
  -H "Authorization: Bearer YOUR_SUPABASE_ACCESS_TOKEN" \
  -H "X-Team-Id: YOUR_TEAM_ID" \
  -H "Content-Type: application/json"

2. API Keys (Programmatic Access)

API keys are ideal for CI/CD pipelines, scripts, Zapier integrations, and mobile apps. Create them in Settings > API Keys.

curl -X GET https://api.yokebot.com/api/agents \
  -H "Authorization: Bearer yk_live_YOUR_API_KEY" \
  -H "Content-Type: application/json"

API keys embed the team context, so no X-Team-Id header is needed.

Scopes

API keys can be scoped to limit access. Available scopes:

ScopeAccess
*Full access (default)
agents:read / agents:writeAgent management
tasks:read / tasks:writeTask management
chat:read / chat:writeTeam chat and task thread messages
data:read / data:writeSource of record (data tables)
files:read / files:writeWorkspace files
kb:read / kb:writeKnowledge base documents

Agents

MethodEndpointDescription
GET/agentsList all agents in the current team.
POST/agentsCreate a new agent.
GET/agents/:idGet agent details.
PATCH/agents/:idUpdate an agent.
DELETE/agents/:idDelete an agent.
POST/agents/:id/startStart the agent (enable heartbeat scheduling).
POST/agents/:id/stopStop the agent (pause heartbeat scheduling).

Tasks

MethodEndpointDescription
GET/tasksList tasks with optional status filter.
POST/tasksCreate a new task.
GET/tasks/:idGet task details and comments.
PATCH/tasks/:idUpdate task status or details.
POST/tasks/:id/commentsAdd a comment to a task.
POST/tasks/:id/approveApprove a pending task.
POST/tasks/:id/rejectReject a pending task with feedback.

Chat

MethodEndpointDescription
GET/chat/messagesGet messages in the team chat.
POST/chat/messagesSend a message to the team chat.
GET/tasks/:id/messagesGet messages in a task thread.
POST/tasks/:id/messagesSend a message to a task thread.

Knowledge Base

MethodEndpointDescription
GET/knowledge-basesList knowledge bases.
POST/knowledge-basesCreate a knowledge base.
POST/knowledge-bases/:id/documentsUpload a document (multipart/form-data).
GET/knowledge-bases/:id/documentsList documents in a KB.
DELETE/knowledge-bases/:id/documents/:docIdDelete a document.
POST/knowledge-bases/:id/querySemantic search query.

Data Tables

MethodEndpointDescription
GET/tablesList data tables.
POST/tablesCreate a table with column definitions.
GET/tables/:id/rowsQuery rows with filters.
POST/tables/:id/rowsInsert rows.
PATCH/tables/:id/rowsUpdate rows matching filters.
DELETE/tables/:id/rowsDelete rows matching filters.

Error Responses

All error responses follow a standard format:

{
  "error": {
    "code": "NOT_FOUND",
    "message": "Agent with id 'abc123' not found.",
    "status": 404
  }
}
Status CodeMeaning
400Bad request — invalid parameters.
401Unauthorized — missing or invalid token.
403Forbidden — insufficient permissions.
404Not found — resource does not exist.
429Rate limited — too many requests.
500Internal server error.

API Key Management

MethodEndpointDescription
POST/api-keysCreate a new API key (admin only, returns plaintext once).
GET/api-keysList API keys for the team (admin only, no secrets).
DELETE/api-keys/:idPermanently delete an API key (admin only).
POST/api-keys/:id/revokeRevoke an API key (soft delete, keeps audit trail).
POST/api-keys/:id/regenerateRevoke and recreate a key with same name/scopes.

Rate Limits

Dashboard (JWT) requests: 5,000 requests per 15 minutes.

API key requests use per-key limits based on subscription tier:

TierStandard EndpointsChat/LLM Endpoints
Free / No subscription20/min5/min
Starter Crew ($29/mo)60/min20/min
Growth Crew ($59/mo)200/min50/min
Power Crew ($149/mo)600/min100/min

Rate limit headers are included in every response:

RateLimit-Limit: 60
RateLimit-Remaining: 47
RateLimit-Reset: 30