Documentation Index
Fetch the complete documentation index at: https://mintlify.com/joseluis-dev/harness-ai/llms.txt
Use this file to discover all available pages before exploring further.
harness-core is the only public-facing service; all endpoints listed here are accessible on port 4321. It acts as a BFF (Backend for Frontend) — validating inputs with Zod, resolving actor identity from bearer tokens, enforcing fail-closed identity gates, and forwarding validated requests to runtime-python over the private Docker network. The BFF never writes to Postgres directly and never imports the rq Python library or speaks the Redis wire protocol.
Zod Schema: ExecutionCreateBodySchema
The POST create body is validated against this Zod schema before any call to the runtime. A Zod failure short-circuits immediately and returns 400 invalid_payload without creating a Postgres row.
Identity Forwarding
When a valid bearer token is present, the middleware resolves the actor viamcp-identity-connector and stores it in Astro.locals.actor. The BFF then builds two forwarding headers for the runtime:
| Header | Value | When included |
|---|---|---|
X-Harness-Actor-Id | Resolved user_id, trimmed, ≤128 chars | Only when actor_type is user |
X-Harness-Actor-Department | Resolved department, trimmed, ≤128 chars | Only when actor_type is user |
actor_type is "system" or "service" — only resolved user identities produce forwarded headers. The runtime accepts requests without these headers for non-sensitive reads.
GET /api/healthz
Aggregate health check. Probes the runtime’s /healthz and returns a combined status. No authentication required.
Response — 200 OK
Response — 503 Service Unavailable
Returned when the runtime’s /healthz does not respond with 200 within 3 seconds.
"ok" when runtime is reachable; "degraded" otherwise."ok" when runtime returned HTTP 200; "error" otherwise.Always
"harness-core".BFF version string.
Present only on
503. Describes the probe failure (e.g. timeout, connection refused).The BFF does not perform a Postgres ping. Container-level health for Postgres and Redis is observed via
docker compose ps. A BFF-side Postgres connection is forbidden by the architecture (design AD-3) and would silently drift from the connection string the runtime actually uses.POST /api/executions
Creates a new execution. Validates the body with Zod, resolves actor identity, enforces the fail-closed identity gate for sensitive writes, and forwards the validated payload to POST /internal/executions on the runtime.
Auth
Bearer token is optional for low-risk requests. It is required for any request whereconstraints.risk_level is high or critical — degraded identity (actor_type=system) is blocked for those levels.
Request Body
Origin of the execution request. 1–128 characters. Maps to the
source.type field of the execution event.Semantic intent of the execution. 1–128 characters.
Intent-specific data. Free-form key-value object. Defaults to an empty object when omitted.
Execution constraint envelope.
Example Request
Response — 201 Created
Proxied verbatim from the runtime.
Error Responses
Fail-Closed Identity Gate
The upstream fetch to the runtime has a 5-second timeout. If the runtime does not respond within that window, the request is aborted and the BFF returns
502 runtime_unreachable. The execution row may or may not have been committed by the runtime at that point — callers should treat 502 as an indeterminate state and check GET /api/executions to confirm.GET /api/executions
Lists recent executions. Proxies GET /internal/executions on the runtime. Read operations are non-sensitive; actor headers are not forwarded on this path.
Query Parameters
Number of results to return. Minimum
1, maximum 200.Number of results to skip for pagination. Minimum
0.Response — 200 OK
Array of execution objects proxied from the runtime. See Runtime API — GET /internal/executions for the full field descriptions.
GET /api/executions/{id}
Fetches a single execution by UUID. Proxies GET /internal/executions/{id} on the runtime and passes through the runtime’s 404 verbatim when the execution does not exist.
Path Parameters
The execution UUID. Must be a valid UUID string — a non-UUID value returns
400 invalid_id without calling the runtime.Response — 200 OK
Full ExecutionResponse object proxied from the runtime. See Runtime API — GET /internal/executions/{execution_id} for field descriptions.
Error Responses
GET /api/executions/{id}/events
Fetches the audit event trail for an execution. Proxies GET /internal/executions/{id}/events on the runtime.
Path Parameters
The execution UUID.
Response — 200 OK
Array of AuditEventItem objects proxied from the runtime.
200 [] for unknown execution IDs (not 404), and the BFF passes this through unchanged — the UI can render “no events yet” without branching.
See Runtime API — GET /internal/executions/{execution_id}/events for full field descriptions.
The BFF never writes to Postgres directly. All writes — execution rows, audit events, status transitions — flow through the runtime’s internal API. This constraint is validated on every PR gate and is enforced by the fact that
apps/harness-core does not have a Postgres client dependency.