Runtime API
The runtime exposes a small management API at
https://runtime.<root>/_api/*. All endpoints require
Authorization: Bearer ${PIPEBASE_DEPLOY_TOKEN} except /_api/health.
User-defined Camel routes can NOT claim paths under /_api/* — the
runtime rejects PUTs that try to.
Endpoints
Section titled “Endpoints”| Method + path | Auth | Purpose |
|---|---|---|
GET /_api/health | open | Returns uptime, Camel version, per-route status |
GET /_api/flows | bearer | List YAML files in routes dir + lastModified + hash + routeCount |
PUT /_api/flows/:id | bearer | Install/replace a flow’s YAML. Body: {yaml, params?} |
DELETE /_api/flows/:id | bearer | Stop + remove the flow’s routes; delete YAML |
GET /_api/runs?routeId=X&limit=N | bearer | Per-route run history (in-memory ring buffer) |
GET /_api/value-mappings | bearer | List installed value-mapping tables |
PUT /_api/value-mappings/:id | bearer | Install/replace a value-mapping |
DELETE /_api/value-mappings/:id | bearer | Remove |
GET /_api/message-mappings | bearer | List installed message-mapping documents |
PUT /_api/message-mappings/:id | bearer | Install/replace |
DELETE /_api/message-mappings/:id | bearer | Remove |
PUT /_api/auth/:flowId | bearer | Install per-flow RBAC policy |
GET /_api/auth/:flowId | bearer | Read policy |
DELETE /_api/auth/:flowId | bearer | Remove |
GET /_api/trace/stream | bearer | SSE — live trace events |
GET /_api/logs/stream | bearer | SSE — live log events |
Auth model
Section titled “Auth model”Runtime reads PIPEBASE_DEPLOY_TOKEN once at boot via
AuthPredicate. Constant-time comparison via MessageDigest.isEqual.
| Scenario | Status | Body |
|---|---|---|
| Token env var unset | 503 | {"error":"PIPEBASE_DEPLOY_TOKEN not configured"} |
| Missing/wrong header | 401 | {"error":"unauthorized"} |
| Token matches | hand off to handler | — |
Sample requests
Section titled “Sample requests”# Health (no auth)curl https://runtime.<root>/_api/health
# List flowscurl -H "Authorization: Bearer $TOKEN" https://runtime.<root>/_api/flows
# Deploy a flowcurl -X PUT -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{"yaml": "- route:\n id: hello\n from: { uri: timer:tick?period=5000 }\n steps:\n - log: hello"}' \ https://runtime.<root>/_api/flows/hello
# Tail runs for a routecurl -H "Authorization: Bearer $TOKEN" \ "https://runtime.<root>/_api/runs?routeId=hello&limit=10"Source of truth
Section titled “Source of truth”runtime/src/main/java/dev/pipebase/runtime/ManagementApi.java — all
endpoints declared in configure(). See
the GitHub source.