Get or create global chat session
const url = 'https://app.everruns.com/api/v1/sessions/chat';const options = { method: 'POST', headers: {'Content-Type': 'application/json'}, body: '{"locale":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://app.everruns.com/api/v1/sessions/chat \ --header 'Content-Type: application/json' \ --data '{ "locale": "example" }'Returns the user’s singleton global chat session. Creates one if it doesn’t exist. Uses the Platform Chat harness and tags for per-user singleton management.
Request Body
Section titled “Request Body ”Responses
Section titled “ Responses ”Chat session returned
Wrapper that adds API and UI links to a serialized resource.
Uses self_url (not url) for the API link to avoid collision with
resources that already have a url field (e.g. McpServer). The
allowed_actions array carries state-aware hypermedia links — empty
(and omitted from the wire shape) until the underlying resource opts
into the convention by overriding ResourceUrlable::allowed_actions.
object
Number of active (enabled) schedules for this session. Populated when the session is fetched for API responses.
ID of the agent working in this session (format: agent_{32-hex}). Optional.
Optional resident agent identity for unattended/background execution.
Immutable agent version captured when the session was created or rebound.
Validated config passed by host at blueprint spawn time.
Example: {"target_repo": "acme/everruns"}.
Blueprint ID. When set, reason_activity and act_activity build RuntimeAgent from the blueprint definition instead of from harness_id/agent_id.
Session-level capabilities (additive to agent capabilities). Applied after agent capabilities when building RuntimeAgent.
Per-agent capability configuration
Associates a capability with an agent, including optional per-agent configuration. The config field allows the same capability to behave differently per-agent.
object
Per-agent configuration for this capability (capability-specific)
Reference to the capability ID
Timestamp when the session was created.
Effective human owner summary.
object
Class of principal that can hold permissions or own resources. system
is reserved for platform-internal callers and is never minted via the
public API.
Aggregated UI features from all active capabilities (harness + agent + session). Computed at read time from the capability registry. Known features: “file_system”, “schedules”, “secrets”, “key_value”, “sql_database”, “leased_resources”.
Timestamp when the session finished (completed or failed).
ID of the harness for this session (format: harness_{32-hex}).
Session-level client hints — arbitrary key-value pairs declared by the
client at session creation time. These are defaults for every turn;
per-message controls.hints override these key-by-key (shallow merge).
Examples: {"setup_connection": true, "rich_media": true}
Unique identifier for the session (format: session_{32-hex}).
Session-level initial files (additive to agent initial_files). Files with matching paths override agent/harness files; new paths are appended.
Starter file copied into a new session from an agent or harness.
object
File content: plain text or base64-encoded binary.
Content encoding: text or base64.
Prevent session-side edits or deletes when true.
Absolute path within the session workspace. /workspace prefix is accepted.
Whether this session is pinned by the current user. Only populated when the request has an authenticated user context.
Locale for localized agent behavior and formatting (BCP 47, e.g. uk-UA).
Maximum number of LLM iterations per turn for this session.
Remote MCP servers scoped to this session only.
object
Session-, agent-, or harness-scoped remote MCP server configuration.
This intentionally mirrors the mcpServers object shape used by common MCP
client config files while staying within Everruns’ current remote-HTTP-only
support.
object
Arguments passed to the stdio command.
Authentication mode used when executing tools from this scoped server.
Executable to spawn for a stdio transport server.
Environment variables set for the stdio command.
object
Additional HTTP headers sent on MCP requests (HTTP transport only).
object
Provider id used to resolve a user-scoped bearer token.
Whether to discover tool definitions live from this server.
MCP transport type. Only remote HTTP is supported today.
URL of the remote MCP server endpoint. Required for HTTP transport; empty/ignored for stdio.
LLM model ID to use for this session (format: model_{32-hex}). Overrides the agent’s default model if set.
Network access list controlling which hosts/URLs this session can reach. Merged with harness and agent layers (allowed: intersect, blocked: union).
object
Allowed host patterns. If non-empty, only matching URLs are permitted. An empty list means “no restriction from this layer” (inherit parent).
Blocked host patterns. Always denied, even if matched by allowed.
Organization this session belongs to (format: org_{32-hex}).
Preview text from the last assistant response (truncated).
Owning principal for this session.
Request-level parallel tool calling preference (EVE-598).
None (default) preserves provider defaults. Some(true) signals the
provider that parallel tool calls are wanted; Some(false) requests at
most one tool call per turn and forces serial execution. Merged across
harness/agent/session layers (overlay wins).
Parent session that spawned this subagent. NULL for top-level sessions. Used as the nesting guard in spawn_subagent.
Preview text from the first user message (truncated).
Denormalized effective human owner of the owning principal lineage.
Timestamp when the session started executing.
Current execution status of the session.
Session-level system prompt override. Prepended to the agent’s system prompt when building RuntimeAgent.
Tags for organizing and filtering sessions.
Human-readable title for the session.
Client-side tools for this session (additive to agent tools).
Built-in tool - executed by the worker via ToolRegistry
object
Category for tool_search namespace grouping (from parent capability)
Whether this tool’s schema can be deferred via tool_search
Tool description for LLM
Human-readable display name for UI rendering (e.g., “Get Current Time” for get_current_time)
Original full parameter schema saved by DeferSchemaHook before stripping.
Serialized only when present so durable reason-to-act scheduling can
preserve deferred schemas for tool_search in the act phase.
Semantic hints describing the tool’s behavioral properties
object
Capability that contributed this tool definition.
Reporting uses this attribution only as metadata. It must never contain tool arguments, results, prompts, or any other sensitive payload.
Human-readable capability name snapshot for reporting.
Scheduling conflict key. Tool calls within the same act batch that share
a non-empty concurrency_class are executed sequentially in arrival
order; calls in different classes (or with no class) run concurrently.
Set this on tools that mutate shared session state so that, e.g., two
file writes or two SQL mutations in one batch do not race. Read-only
tools should leave this None so they always parallelize. See
crate::atoms::tool_scheduler for how the act scheduler consumes it.
Tool performs significant CPU-bound or otherwise non-yielding work in
process (e.g. an in-process interpreter). When true, the act scheduler
runs the call on its own task (tokio::spawn) so a long CPU burst does
not starve the cooperative polling of I/O-bound tools in the same batch.
Distinct from long_running, which describes wall-clock time for
I/O-bound work (those tools yield at await points and need no offload).
Tool may irreversibly destroy or delete data. Subset of non-readonly — a tool can be non-readonly (writes) without being destructive (e.g., create/update operations).
Calling the tool repeatedly with the same arguments produces the same effect. Safe to retry on transient failures.
Tool may take significant time to complete (> ~5s typical). Useful for clients to show progress indicators and set timeouts.
Entity noun for operation-based narration (e.g. “agent”, “harness”).
When set, the narration system reads the operation argument and
produces verb-based narration like “Created agent: Neon Cartographer”
instead of the generic “Ran Manage Agents”.
Tool interacts with external entities beyond the local system (network calls, third-party APIs, cloud services).
Tool output should be persisted to session VFS before truncation.
When set, the tool_output_persistence capability (EVE-222, EVE-245) writes
stdout to /outputs/{tool_call_id}.stdout and stderr to
/outputs/{tool_call_id}.stderr, injecting full_output, total_lines,
and output_files into the result.
Tool does not modify any state (read-only queries, lookups). When true: safe to call speculatively, result can be cached.
Tool requires API keys, credentials, or other secrets to function. Useful for UI to show connection prompts and for LLMs to anticipate authentication failures.
Replay-safety class used by the durable Act activity (EVE-530).
Controls what happens when a worker reclaims a stale running claim:
Pure/Idempotent tools are re-executed; AtMostOnce tools are
settled as interrupted to prevent double side-effects.
None is treated conservatively as AtMostOnce.
Tool supports detached background execution via spawn_background.
When true, the tool may be executed asynchronously outside the current
foreground tool call and report status back later.
Tool name (used by LLM and for registry lookup)
JSON schema for tool parameters
Tool policy (auto or requires_approval)
Client-side tool - executed by the client, not the server
object
Category for tool_search namespace grouping (from parent capability)
Whether this tool’s schema can be deferred via tool_search
Tool description for LLM
Human-readable display name for UI rendering
Original full parameter schema saved by DeferSchemaHook before stripping.
Serialized only when present so durable reason-to-act scheduling can
preserve deferred schemas for tool_search in the act phase.
Semantic hints describing the tool’s behavioral properties
object
Capability that contributed this tool definition.
Reporting uses this attribution only as metadata. It must never contain tool arguments, results, prompts, or any other sensitive payload.
Human-readable capability name snapshot for reporting.
Scheduling conflict key. Tool calls within the same act batch that share
a non-empty concurrency_class are executed sequentially in arrival
order; calls in different classes (or with no class) run concurrently.
Set this on tools that mutate shared session state so that, e.g., two
file writes or two SQL mutations in one batch do not race. Read-only
tools should leave this None so they always parallelize. See
crate::atoms::tool_scheduler for how the act scheduler consumes it.
Tool performs significant CPU-bound or otherwise non-yielding work in
process (e.g. an in-process interpreter). When true, the act scheduler
runs the call on its own task (tokio::spawn) so a long CPU burst does
not starve the cooperative polling of I/O-bound tools in the same batch.
Distinct from long_running, which describes wall-clock time for
I/O-bound work (those tools yield at await points and need no offload).
Tool may irreversibly destroy or delete data. Subset of non-readonly — a tool can be non-readonly (writes) without being destructive (e.g., create/update operations).
Calling the tool repeatedly with the same arguments produces the same effect. Safe to retry on transient failures.
Tool may take significant time to complete (> ~5s typical). Useful for clients to show progress indicators and set timeouts.
Entity noun for operation-based narration (e.g. “agent”, “harness”).
When set, the narration system reads the operation argument and
produces verb-based narration like “Created agent: Neon Cartographer”
instead of the generic “Ran Manage Agents”.
Tool interacts with external entities beyond the local system (network calls, third-party APIs, cloud services).
Tool output should be persisted to session VFS before truncation.
When set, the tool_output_persistence capability (EVE-222, EVE-245) writes
stdout to /outputs/{tool_call_id}.stdout and stderr to
/outputs/{tool_call_id}.stderr, injecting full_output, total_lines,
and output_files into the result.
Tool does not modify any state (read-only queries, lookups). When true: safe to call speculatively, result can be cached.
Tool requires API keys, credentials, or other secrets to function. Useful for UI to show connection prompts and for LLMs to anticipate authentication failures.
Replay-safety class used by the durable Act activity (EVE-530).
Controls what happens when a worker reclaims a stale running claim:
Pure/Idempotent tools are re-executed; AtMostOnce tools are
settled as interrupted to prevent double side-effects.
None is treated conservatively as AtMostOnce.
Tool supports detached background execution via spawn_background.
When true, the tool may be executed asynchronously outside the current
foreground tool call and report status back later.
Tool name (used by LLM and for correlation)
JSON schema for tool parameters
Timestamp when the session was last updated.
Cumulative token usage for all LLM calls in this session.
object
Actual cost of this generation in USD, as reported by the provider inline
(e.g. OpenRouter’s usage.cost, which reflects real post-routing/BYOK/cache
pricing). None for providers that do not return a cost.
Number of tokens written to cache (Anthropic-specific)
Number of tokens read from cache (reduces cost)
Estimated cost of this generation in USD, derived from the model’s static
price-table profile. Computed whenever a profile with cost data exists,
independently of actual_cost_usd, so estimate-vs-actual drift can be
reconciled. None when there is no profile cost data for the model.
Number of input/prompt tokens
Number of output/completion tokens
Workspace this session is attached to (format: wsp_{32-hex}). Owns the session’s virtual filesystem. For the default 1:1 case this mirrors the session id, but clients should read it here rather than deriving it.
State-aware hypermedia actions the caller can take on this resource
next (e.g. cancel, events, update). Omitted from the wire
shape when empty so resources that haven’t opted into the
convention don’t grow their payloads.
Agent-actionable link describing a follow-up the caller can take. Used in two contexts:
- Error recovery —
ErrorResponse.allowed_actionscarriesrels likeretry,retry-later,unarchive,get-existingso the agent knows the right next call after a 4xx/429. - Entity hypermedia —
WithUrls<T>.allowed_actionscarries state-awarerels likecancel,events,self,updateon the entity itself so the agent can follow links instead of reconstructing routes from prose.
The shape is intentionally identical across both contexts; the closed
rel vocabulary documented in specs/api-conventions.md distinguishes
them.
object
Short, agent-readable hint (e.g. “Shorten ‘name’ to <= 200 chars.”, “Cancel the active turn for this session.”).
Absolute (preferred) or relative URL the caller may invoke
directly. Always present on entity hypermedia actions
(WithUrls<T>.allowed_actions); optional on error-recovery
actions (ErrorResponse.allowed_actions) where the matching
operation_id is enough and the URI is implicit from the failed
call.
HTTP method to use against href. Required for entity hypermedia
actions; usually omitted on error-recovery actions where the same
operation is retried with its original method.
OpenAPI operationId the caller should invoke. Lets an MCP client
resolve the call without parsing href.
Link relation describing the action. Closed vocabulary documented
in specs/api-conventions.md — examples: self, cancel, pause,
resume, events, retry, retry-later, unarchive,
get-existing, delete, update.
OpenAPI $ref to the request-body schema, when the action takes one
(e.g. #/components/schemas/UpdateSessionRequest). Lets a tool-calling
agent fetch the input shape without scanning the whole spec.
Full API endpoint URL for this resource.
Alias for view_url, used by command and MCP outputs.
Full UI URL for viewing this resource.
Example
{ "active_schedule_count": 2, "agent_id": "agent_01933b5a00007000800000000000001", "agent_identity_id": "identity_01933b5a00007000800000000000001", "agent_version_id": "agentver_01933b5a00007000800000000000001", "blueprint_id": "blueprint_research_pack", "created_at": "2026-05-25T10:00:00Z", "effective_owner": { "id": "principal_01933b5a000070008000000000000001", "kind": "user" }, "features": [ "file_system", "secrets" ], "finished_at": "2026-05-25T10:14:32Z", "harness_id": "harness_01933b5a00007000800000000000001", "id": "session_01933b5a00007000800000000000001", "is_pinned": false, "locale": "en-US", "max_iterations": 50, "mcpServers": { "additionalProperty": { "auth_mode": "none", "type": "http" } }, "model_id": "model_01933b5a00007000800000000000001", "network_access": { "allowed": [ "*.example.com", "https://api.acme.com/" ], "blocked": [ "169.254.169.254" ] }, "organization_id": "org_00000000000000000000000000000001", "output_preview": "Here is a Q3 plan covering the three pillars we discussed...", "owner": { "id": "principal_01933b5a000070008000000000000001", "kind": "user" }, "owner_principal_id": "principal_01933b5a000070008000000000000001", "parallel_tool_calls": true, "preview": "Help me draft the Q3 marketing plan", "resolved_owner_user_id": "550e8400-e29b-41d4-a716-446655440000", "started_at": "2026-05-25T10:00:01Z", "status": "started", "tags": [ "marketing", "q3", "draft" ], "title": "Q3 marketing brief", "tools": [ { "deferrable": "never", "hints": { "side_effect_class": "Pure" }, "policy": "auto", "type": "builtin" } ], "updated_at": "2026-05-25T10:14:32Z", "workspace_id": "wsp_01933b5a00007000800000000000001", "allowed_actions": [ { "method": "POST" } ]}Authentication required
Internal server error