OpenSandbox is structured around three purpose-built REST APIs, each with a distinct base URL, authentication model, and responsibility. The Sandbox Lifecycle API controls creation, state transitions, and deletion of sandbox environments. The Execd API runs inside each sandbox at a well-known port and handles shell command execution, file operations, and multi-language code interpretation. The Egress Policy API is served by a per-sandbox sidecar and governs outbound network rules and Credential Vault bindings at runtime. A fourth, lighter API — the Diagnostics API — shares the lifecycle server and provides best-effort log and event retrieval for troubleshooting.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/opensandbox-group/OpenSandbox/llms.txt
Use this file to discover all available pages before exploring further.
API Summary
| API | Spec File | Base URL | Auth Header |
|---|---|---|---|
| Sandbox Lifecycle | sandbox-lifecycle.yml | http://localhost:8080/v1 | OPEN-SANDBOX-API-KEY |
| Diagnostics | diagnostic-api.yml | http://localhost:8080/v1 | OPEN-SANDBOX-API-KEY |
| Execd (In-Sandbox Execution) | execd-api.yaml | http://localhost:44772 | X-EXECD-ACCESS-TOKEN |
| Egress Policy | egress-api.yaml | http://localhost:18080 | None (local sidecar) |
Authentication
Lifecycle and Diagnostics APIs
All Lifecycle and Diagnostics endpoints require an API key passed as an HTTP request header:server.api_key field in the server TOML configuration file. SDK clients can also set the OPEN_SANDBOX_API_KEY environment variable, which is picked up automatically.
If no API key is configured, the server runs in unauthenticated mode. This is acceptable for local development but must not be used in production or multi-tenant deployments.
Execd API
The in-sandbox daemon (execd) authenticates via the X-EXECD-ACCESS-TOKEN header. The token is provisioned by the sandbox runtime at startup and is available to code running inside the sandbox through the execution environment. Direct HTTP callers must obtain this token from the sandbox runtime context.
Egress Policy API
The egress sidecar runs as a local process within the sandbox pod and is reached via the sandbox endpoint resolver. No additional auth header is required by default. However, when the sandbox was created withsecureAccess: true, the endpoint resolver returns required headers that must be forwarded on every egress sidecar request.
Interactive API Docs
When the OpenSandbox server is running locally, interactive API documentation is available at:| UI | URL |
|---|---|
| Swagger UI | http://localhost:8080/docs |
| ReDoc | http://localhost:8080/redoc |
API Sections
Detailed endpoint documentation is organized into the following pages:- Sandboxes — Create, list, get, delete, pause, resume, and renew sandboxes
- Snapshots — Create OCI snapshots from running sandboxes, list and delete them
- Commands — Execute shell commands and bash sessions with SSE streaming output
- Files — Upload, download, search, move, chmod, and replace file content in-sandbox
- Code — Create execution contexts, run code in Python, Bash, Java, Node.js, or Go, and manage isolated execution sessions
- Egress — Get and patch per-sandbox outbound network policy and Credential Vault bindings
- Diagnostics — Retrieve sandbox log and event payloads for troubleshooting