Skip to content
Select themeSelect language

GET /workspaces/{id}/settings — read the persisted workspace settings the FE pre-hydrates from (today: the system-LLM credential pin). A workspace MEMBER may read it; the PATCH on the same path stays admin-only.

GET
/api/workspaces/{id}/settings
curl --request GET \
--url https://example.com/api/workspaces/2489E9AD-2EE2-8E00-8EC9-32D5F69181C0/settings \
--cookie supacloud_session=<supacloud_session>
id
required
string format: uuid

Workspace ID whose settings to read

Workspace settings (the system-LLM credential pin)

Media typeapplication/json

The workspace-settings read body. Carries the system-LLM credential pin (null when unpinned) and — ADR 0049 P3 / Tier-3 (#547/#548) — the per-scope memory GOVERNANCE policy (always present; a never-configured workspace returns the conservative default). A passthrough() on the FE schema leaves room for further settings without a wire break.

object
allow_debug
required

#583 Item 2 / #582 — the Debug-light CEILING. When true, members may opt their own live/follow session into debug; when false (the fail-closed default), no one can enable debug in this workspace. A workspace MEMBER may read it (correct: a non-admin needs it to gate the per-session toggle UI).

boolean
closeout_config
required

#712 — the workspace-tier standard-closeout config ({memory, project_docs, user_docs, wiki}, mig 283). Always present: a workspace that never configured closeout returns the built-in default so the closeout panel hydrates without a sparse-table special case. It is the DEFAULT every project inherits (per step) when the project + task tiers leave a step unset.

environment_scope_floor
required

#708 W8 — the workspace environment-scope FLOOR (all | production | staging | development, mig 290), or null when no floor is set. A concrete value narrows every autonomous run’s blast radius to at most that environment class. A workspace MEMBER may read it (to render the resolved effective gates); PATCH stays admin-only.

string | null
memory_governance
required

ADR 0049 P3 / Tier-3 — the per-scope memory governance policy (auto-publish / require-review / retention-days, keyed by workspace|project|personal). Always present so the governance panel hydrates without a sparse-table special case; a never-configured workspace gets the conservative default.

object
personal

The governance rule for ONE memory scope: whether new memories of that scope skip the review queue (auto_publish), whether they must be human-reviewed (require_review), and how long they are retained before the decay sweep may archive them (retention_days, 0 = keep forever).

auto_publish and require_review are intentionally NOT collapsed into one flag: the conservative default is “review required, not auto-published”, and a future “auto-published BUT still logged for review” mode keeps both axes meaningful. The validation below rejects the contradictory auto_publish && require_review combo.

object
auto_publish

New memories of this scope skip the review queue and land live immediately.

boolean
require_review

New memories of this scope must be human-reviewed before they go live.

boolean
retention_days

Days a memory of this scope is retained before the decay sweep may archive it; 0 keeps it forever (the default).

integer format: int32
project

The governance rule for ONE memory scope: whether new memories of that scope skip the review queue (auto_publish), whether they must be human-reviewed (require_review), and how long they are retained before the decay sweep may archive them (retention_days, 0 = keep forever).

auto_publish and require_review are intentionally NOT collapsed into one flag: the conservative default is “review required, not auto-published”, and a future “auto-published BUT still logged for review” mode keeps both axes meaningful. The validation below rejects the contradictory auto_publish && require_review combo.

object
auto_publish

New memories of this scope skip the review queue and land live immediately.

boolean
require_review

New memories of this scope must be human-reviewed before they go live.

boolean
retention_days

Days a memory of this scope is retained before the decay sweep may archive it; 0 keeps it forever (the default).

integer format: int32
workspace

The governance rule for ONE memory scope: whether new memories of that scope skip the review queue (auto_publish), whether they must be human-reviewed (require_review), and how long they are retained before the decay sweep may archive them (retention_days, 0 = keep forever).

auto_publish and require_review are intentionally NOT collapsed into one flag: the conservative default is “review required, not auto-published”, and a future “auto-published BUT still logged for review” mode keeps both axes meaningful. The validation below rejects the contradictory auto_publish && require_review combo.

object
auto_publish

New memories of this scope skip the review queue and land live immediately.

boolean
require_review

New memories of this scope must be human-reviewed before they go live.

boolean
retention_days

Days a memory of this scope is retained before the decay sweep may archive it; 0 keeps it forever (the default).

integer format: int32
system_llm_credential
One of:
null
Examplegenerated
{
"allow_debug": true,
"closeout_config": "example",
"environment_scope_floor": "example",
"memory_governance": {
"personal": {
"auto_publish": true,
"require_review": true,
"retention_days": 1
},
"project": {
"auto_publish": true,
"require_review": true,
"retention_days": 1
},
"workspace": {
"auto_publish": true,
"require_review": true,
"retention_days": 1
}
},
"system_llm_credential": {
"id": "2489E9AD-2EE2-8E00-8EC9-32D5F69181C0",
"kind": "example"
}
}

Authentication required

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}

Permission denied

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}

Workspace not found

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}

Structured server error

Media typeapplication/json

The canonical JSON body of every error response — the single source of truth the frontend binds to. Every AppError serializes as this exact shape, and the generated OpenAPI component ApiErrorBody (with its ErrorCode enum) is what the frontend error schema is generated from, so there is no hand-written error schema on either end.

object
code
required

Machine-readable, stable error code.

string
Allowed values: not_found unauthorized forbidden bad_request unprocessable precondition_failed conflict method_not_allowed rate_limited quota_exceeded database_error docker_error vault_error internal_error
details
One of:
null
error
required

Human-readable message (the server’s English text; the client may localize by code).

string
Example
{
"code": "not_found"
}