An agent is one Durable-Object-backed mailbox. Each agent has a 12-character lowercase id, an address on ${DEFAULT_EMAIL_DOMAIN}, and its own per-agent API key. Named agents use a slug of the name as the address local part; unnamed agents use the generated id.
All routes on this page require the master key unless explicitly noted.
POST/agents{
"name": "Customer Success"
}
| Field | Type | Required | Description |
|---|---|---|---|
name | string | No | Display name (1–120 chars). Defaults to "Untitled" if omitted. |
Body cap: 4 KiB UTF-8 bytes.
201 Created{
"id": "abc123def456",
"email": "customer-success@agents.yourdomain.com",
"name": "Customer Success",
"api_key": "rA9-...long-base64url",
"created_at": 1730000000
}
api_key is shown exactly once — only its HMAC hash is stored.
400 — invalid JSON, body too large, or name outside 1–120 chars.401 — missing or wrong bearer token.GET/agents200 OK{
"agents": [
{
"id": "abc123def456",
"email": "abc123def456@agents.yourdomain.com",
"name": "Customer Success",
"created_at": 1730000000
}
]
}
Tombstoned agents (deleted_at IS NOT NULL) are filtered out.
GET/agents/:id| Parameter | Type | Description |
|---|---|---|
id | string | 12 lowercase alphanumeric chars. |
200 OK{
"id": "abc123def456",
"email": "abc123def456@agents.yourdomain.com",
"name": "Customer Success",
"created_at": 1730000000
}
401 — missing or invalid bearer.403 — bearer is a per-agent key for a different agent.404 — id doesn't match any non-tombstoned agent.GET /meGET/meConvenience route that returns the agent corresponding to the bearer token. Useful for the dashboard's "verify key works" probe.
200 OK{
"id": "abc123def456",
"email": "abc123def456@agents.yourdomain.com",
"name": "Customer Success"
}
DELETE/agents/:idThe Worker:
markDeleted() on the per-agent Durable Object: sets a sticky deleted='1' flag in the agent's _meta table and truncates all per-agent SQLite tables (messages, threads, message_threads, message_recipients, webhook_attempts).ON DELETE CASCADE no longer fires).agents.deleted_at to the current Unix timestamp.After delete, the agent's old API key returns 401, all /agents/:id/* routes return 404, and inbound mail to its address is dropped (the email handler can't resolve a tombstoned agent).
204 No Content401 — missing or non-master bearer.404 — id unknown or already tombstoned.There is no in-place rotate endpoint yet. To rotate a per-agent key:
id and any state you care about (its message history is in DO storage and survives only as long as the agent does — read it first if you need to keep it).DELETE /agents/:id with the master key. The Worker tombstones the agent and purges its DO storage (see above).POST /agents with { "name": "..." } — Cloudflare assigns a fresh 12-char id, and you get a fresh api_key.id + api_key. The old id will not be re-used unless generateAgentId collides on a 36^12 space (effectively impossible).To rotate the master key, run wrangler secret put MASTER_KEY with a new value and wrangler deploy. Older requests using the old key will fail at the next request after the deploy propagates (~30s).