Manage cloud-hosted AI Agents through a RESTful JSON API — create Agents, configure environments, run sessions, and stream events.
The API is in Beta. Some features may be adjusted in future releases.
The current API version is
Every request must include the
A successful response looks like:
No application-level rate limits apply today. The gateway enforces global burst-traffic controls and DDoS protection, which may return
Gateway URL
| Environment | URL |
|---|---|
| Production | https://api.qoder.com.cn/api/v1/cloud |
Versioning
The current API version is v1. All endpoints carry the version in the URL path (/v1/), so no separate version header is required.
Available APIs
| Resource | Description | Base path |
|---|---|---|
| Agents | Create, list, update, delete, and archive Agent instances | /agents |
| Environments | Manage runtime environment configurations | /environments |
| Sessions | Create Agent sessions and manage their lifecycle | /sessions |
| Events | Read and stream session events | /events |
| Files | Upload files and associate them with sessions | /files |
| Vaults | Store sensitive credentials securely | /vaults |
| Skills | Register and manage Agent skills | /skills |
| Memory Stores | Persist memory for Agent context | /memory_stores |
| Deployments | Scheduled deployment automation | /deployments |
| Forward Templates | Forward Agent template definitions, versioning, archiving, and cloning | /api/v1/forward/templates |
| Forward Identities | Create, enable, disable, delete Forward identities and query Agents | /api/v1/forward/identities |
| Forward Identity Configs | Per-identity template configuration and effective configuration queries | /api/v1/forward/identities/{identity_id}/templates |
| Forward Channels | Forward channel and QR code session management | /api/v1/forward/channels, /api/v1/forward/qr_sessions |
| Forward Sessions | Forward session lifecycle, events, and SSE streaming | /api/v1/forward/sessions |
| Forward Resources | Register and list Forward external resources | /api/v1/forward/resources |
| Forward Schedules | Forward scheduled task and run record management | /api/v1/forward/schedules, /api/v1/forward/schedule_runs |
Request size limits
- Maximum request body size: 4 MB.
- Larger bodies are truncated on the server, which causes JSON parsing to fail. The API then returns a 400 invalid_request_error with the message: "Request body must be valid JSON."
Request headers
Every request must include the Authorization header. The Content-Type header is recommended but optional — the server auto-detects JSON:
Beta status
- The API is broadly stable, but request signatures may see minor adjustments in future iterations.
- New features ship under new beta identifiers.
- In production, pin the API version and add compatibility handling.
- All current features work without an additional Beta header.
Quick connectivity check
Rate limiting
No application-level rate limits apply today. The gateway enforces global burst-traffic controls and DDoS protection, which may return 429 or 503 responses under heavy load. Retry 5xx and 429 responses with exponential backoff (1 s, 2 s, 4 s — up to three attempts).
What's next
- Authentication — get and use a personal access token (PAT).
- Errors — look up error codes and troubleshooting steps.
- Pagination — paginate list endpoints.