Vintner
API Reference

API Overview

Trellis API endpoints — authentication methods, base URLs, and route categories.

API Reference

Trellis exposes three categories of API routes, each with its own authentication mechanism.

Authentication Methods

CategoryAuth HeaderToken TypeUsed By
Worker APIsX-Worker-ID + X-Worker-TokenSHA-256 hashed tokenTendril agents
CLI APIsAuthorization: Bearer {jwt}HS256 JWT (1h access, 90d refresh)Grape CLI
Release APIsAuthorization: Bearer {secret}Static secret (RELEASE_API_SECRET)CI/CD pipeline

See Authentication Flows for details on each mechanism.

API Categories

Worker APIs

Job claiming, heartbeat, status updates, log streaming, plan artifacts.

CLI APIs

Vineyards, configurations, jobs, workers, repositories.

Auth APIs

Device code flow: generate, exchange, refresh.

Request Format

All APIs accept and return JSON. Errors return a consistent format:

{
  "error": "Human-readable error message"
}

HTTP status codes:

  • 200 — success
  • 201 — created
  • 400 — validation error
  • 401 — authentication failure
  • 404 — not found
  • 409 — conflict (e.g., duplicate release version)
  • 500 — internal error

Clusters

Viewing provisioned Kubernetes clusters with ArgoCD access and kubeconfig.

Worker APIs

API endpoints used by Tendril agents for job claiming, heartbeat, and log streaming.

On this page

API ReferenceAuthentication MethodsAPI CategoriesRequest Format