slashevents.xyz docs

RPC endpoint for agent account, project, user, and event operations.

Endpoint: /rpc

Auth

Type: Bearer token, with optional mTLS client certificate support when TLS terminates at this server

Public methods: createUser

All RPC methods except createUser require the bearer token returned by createUser, or a registered client certificate when mTLS is available.

Sign Up

curl https://slashevents.xyz/rpc \
  -H 'Content-Type: application/json' \
  -d '{"method":"createUser","params":{"alias":"agent-name"}}'

Authenticated Request

Send the returned bearer token with authenticated RPC calls.

curl https://slashevents.xyz/rpc \
  -H 'Authorization: Bearer <bearerToken>' \
  -H 'Content-Type: application/json' \
  -d '{"method":"getProjects","params":{}}'

mTLS

For local or self-hosted deployments where TLS terminates at this server, an agent may instead register a P-256 self-signed client certificate.

openssl req -x509 -newkey ec -pkeyopt ec_paramgen_curve:P-256 -keyout client.key -out client.pem -days 365 -nodes -subj "/CN=agent-name"
openssl x509 -in client.pem -noout -fingerprint -sha256

curl -sk https://127.0.0.1:3000/rpc \
  -H 'Content-Type: application/json' \
  -d "$(jq -n --rawfile cert client.pem '{method:"createUser", params:{alias:"agent-name", publicCertPem:$cert}}')"

Send the registered certificate and key with authenticated RPC calls.

curl -sk https://127.0.0.1:3000/rpc \
  --cert client.pem --key client.key \
  -H 'Content-Type: application/json' \
  -d '{"method":"getProjects","params":{}}'

Transport

Request

{
  "id": "optional request id",
  "method": "method name",
  "params": {}
}

Success

{
  "id": "optional request id",
  "messages": [
    {
      "id": "01900000-0000-7000-8000-000000000000",
      "payload": "operator-facing message"
    }
  ],
  "result": {}
}

Error

{
  "id": "optional request id",
  "messages": [
    {
      "id": "01900000-0000-7000-8000-000000000000",
      "payload": "operator-facing message"
    }
  ],
  "error": {
    "code": "ERROR_CODE",
    "hint": "optional human-readable hint"
  }
}

Every RPC response includes a top-level messages array. Each message has a UUIDv7 id and string payload. Agents should log non-empty messages, flag them for human review, then acknowledge them with ackMessages.

Methods

ackMessages

Params

Name	Type	Required	Values
`messageIds`	`string/uuidv7[]`	yes

Returns

Name	Type	Required	Values
`ok`	`boolean`	yes

addUserToProject

Params

Name	Type	Required	Values
`projectId`	`string/uuid`	yes
`userId`	`string/uuid`	yes
`permissions`	`string/enum[]`	yes	`PROJECT_MANAGE_USERS`, `PROJECT_READ_USERS`, `PROJECT_READ_EVENTS`

Returns

Name	Type	Required	Values
`ok`	`boolean`	yes

createProject

Params

Name	Type	Required	Values
`name`	`string`	yes

Returns

Name	Type	Required	Values
`projectId`	`string/uuid`	yes

createUser

Params

Name	Type	Required
`alias`	`string`	yes
`fingerprintSha256`	`string`	no
`publicCertPem`	`string`	no

Returns

Name	Type	Required
`user`	`object`	yes
`user.id`	`string/uuid`	yes
`user.alias`	`string`	yes
`user.fingerprintSha256`	`string \| null`	yes
`user.subject`	`string \| null`	yes
`user.certValidFrom`	`string \| null`	yes
`user.certValidTo`	`string \| null`	yes
`user.createdAt`	`string`	yes
`user.revoked`	`boolean`	yes
`user.revokedAt`	`string \| null`	yes
`bearerToken`	`string`	yes

getEvents

Params

Name	Type	Required	Values
`projectId`	`string/uuid`	yes
`type`	`string/enum`	no	`WEBHOOK_RECEIVED`, `PROJECT_CREATED`, `PROJECT_USER_ADDED`, `PROJECT_USER_REMOVED`, `PROJECT_USER_PERMISSION_GRANTED`, `PROJECT_USER_PERMISSION_REVOKED`
`limit`	`integer`	no
`cursor`	`string`	no
`longPollDurationSeconds`	`integer`	no

Returns

Name	Type	Required	Values
`events`	`object[]`	yes
`events[].id`	`string/uuid`	yes
`events[].projectId`	`string/uuid`	yes
`events[].type`	`string/enum`	yes	`WEBHOOK_RECEIVED`, `PROJECT_CREATED`, `PROJECT_USER_ADDED`, `PROJECT_USER_REMOVED`, `PROJECT_USER_PERMISSION_GRANTED`, `PROJECT_USER_PERMISSION_REVOKED`
`events[].data`	`unknown`	yes
`events[].receivedAt`	`string`	yes
`events[].actorName`	`string \| null`	yes
`nextCursor`	`string \| null`	yes
`hasMore`	`boolean`	yes

getProject

Params

Name	Type	Required	Values
`projectId`	`string/uuid`	yes

Returns

Name	Type	Required
`project`	`object`	yes
`project.id`	`string/uuid`	yes
`project.name`	`string`	yes
`project.createdAt`	`string`	yes

getProjects

Params

None.

Returns

Name	Type	Required
`projects`	`object[]`	yes
`projects[].id`	`string/uuid`	yes
`projects[].name`	`string`	yes
`projects[].createdAt`	`string`	yes

getProjectUsers

Params

Name	Type	Required	Values
`projectId`	`string/uuid`	yes

Returns

Name	Type	Required	Values
`users`	`object[]`	yes
`users[].userId`	`string/uuid`	yes
`users[].displayName`	`string`	yes
`users[].permissions`	`string/enum[]`	yes	`PROJECT_MANAGE_USERS`, `PROJECT_READ_USERS`, `PROJECT_READ_EVENTS`

removeUserFromProject

Params

Name	Type	Required	Values
`projectId`	`string/uuid`	yes
`userId`	`string/uuid`	yes

Returns

Name	Type	Required	Values
`ok`	`boolean`	yes

updateProjectUserPermissions

Params

Name	Type	Required	Values
`projectId`	`string/uuid`	yes
`userId`	`string/uuid`	yes
`permissions`	`string/enum[]`	yes	`PROJECT_MANAGE_USERS`, `PROJECT_READ_USERS`, `PROJECT_READ_EVENTS`

Returns

Name	Type	Required	Values
`ok`	`boolean`	yes