GET /workspaces/{id}/autonomy — the resolved effective autonomy + policy + ceilings for the workspace. A workspace MEMBER may read it (the slider preview + the plan-ceiling source every scope's slider clamps to). The acting user is the entitlement-scoping identity for the plan-ceiling read.
const url = 'https://example.com/api/workspaces/2489E9AD-2EE2-8E00-8EC9-32D5F69181C0/autonomy';const options = {method: 'GET', headers: {cookie: 'supacloud_session=<supacloud_session>'}};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request GET \ --url https://example.com/api/workspaces/2489E9AD-2EE2-8E00-8EC9-32D5F69181C0/autonomy \ --cookie supacloud_session=<supacloud_session>Authorizations
Section titled “Authorizations”Parameters
Section titled “Parameters”Path Parameters
Section titled “Path Parameters”Workspace ID whose resolved autonomy to read
Responses
Section titled “Responses”Resolved effective autonomy + policy + ceilings
The resolved workspace autonomy a member reads for the live preview: the
EFFECTIVE level (after the plan ceiling + onboarding cap), the two ceilings
that bounded it, and the slider-derived policy vector. Mirrors the FE
resolvedAutonomySchema (web/src/lib/autonomy.ts).
object
The level the engine actually acts at (after the chain + both ceilings).
The onboarding cap currently in force (ONBOARDING_AUTONOMY_CAP while
onboarding, else the engine maximum).
The plan/edition entitlement ceiling on the autonomy level.
The resolved policy vector (dispatch/ask/effort/merge) the engine threads in.
object
Which tool calls raise a human clarification ask (relaxes as autonomy rises).
false ⇒ the global/auto dispatcher does nothing (manual trigger only).
Signed nudge intended for the router’s effort selection (-1 economical · 0
balanced · +1 generous). An i8 (not an enum) so a consumer can add it to a
numeric effort index and clamp; it is intentionally a small bounded range.
NOTE: this axis is currently snapshot-only / informational (the sole such axis;
[AskThreshold] and [MergePolicy] are wired) — it is resolved, override-clamped and
recorded into runs.autonomy_policy_json (and exposed in the FE policy
preview), but no router pass reads it yet (routing effort is still derived
solely from item severity). It is a forward axis not yet consumed; wiring it
into classify_routing is a follow-up phase.
The upper bound the merge step is clamped to.
Example
{ "policy": { "ask_threshold": "always", "merge_ceiling": "none" }}Authentication required
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}Permission denied
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}Workspace not found
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}Structured server error
The canonical JSON body of every error response — the single source of truth
the frontend binds to. Every AppError serializes as this exact shape, and
the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is
what the frontend error schema is generated from, so there is no hand-written
error schema on either end.
object
Machine-readable, stable error code.
Present only on a quota-exceeded 403 — the inline upgrade-CTA payload.
object
The entitlement feature key that was hit, e.g. apps.max_count.
The plan’s limit for this key.
Where to send the user to upgrade.
Current usage (count or bytes, per the key).
Human-readable message (the server’s English text; the client may localize
by code).
Example
{ "code": "not_found"}