Create a tenant (plain create).
const url = 'https://shiftagent.example.com/tenants';const options = { method: 'POST', headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'}, body: '{"name":"example","external_id":"example","settings":{"filler_enabled":true,"default_agent_type":"claude-agent-sdk","max_sticky_ttl_seconds":3600,"max_concurrent_sticky":5},"metadata":{"additionalProperty":"example"}}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://shiftagent.example.com/tenants \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data '{ "name": "example", "external_id": "example", "settings": { "filler_enabled": true, "default_agent_type": "claude-agent-sdk", "max_sticky_ttl_seconds": 3600, "max_concurrent_sticky": 5 }, "metadata": { "additionalProperty": "example" } }'Non-idempotent create for tenants that do not mirror a host-system tenant (or when the caller wants an explicit conflict instead of an upsert). If external_id is provided and already taken, responds 409 external-id-conflict with conflicting_resource_id pointing at the existing tenant. For host-mapped tenants prefer upsertTenantByExternalId.
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Header Parameters
Section titled “Header Parameters ”Optional idempotency key (any unique string, e.g. a UUID; max 255 chars). Responses are cached 24h per (key principal, operation, key); replays return the original status and body with Idempotency-Replayed: true. Reusing a key with a different payload responds 409 idempotency-key-conflict.
Request Body required
Section titled “Request Body required ”Plain-create body for createTenant.
object
Display name.
Optional host mapping. If taken, responds 409 external-id-conflict with conflicting_resource_id.
Tenant-level runtime defaults and caps. Downstream scopes (conversation, message) may only narrow within these.
object
Default filler-agent enablement — root of the filler cascade (tenant → conversation → message; most specific wins).
Default runtime.agent_type for new conversations (open enum; e.g. claude-agent-sdk, codex, deepagent).
Cap on any conversation’s sticky lease TTL.
Cap on simultaneously leased sticky sandboxes.
Free-form string key–value map for host/adapter bookkeeping (e.g. a host-side reference ID). Max 50 keys; values max 500 chars. Replaced wholesale when provided in updates.
object
Responses
Section titled “ Responses ”Tenant created.
Unit of isolation mirroring one host-system tenant. Child of the integration key’s root tenant.
object
Host system’s tenant ID (namespaced by the adapter). Unique across the integration; natural key for upsertTenantByExternalId. Null only for tenants created via plain createTenant without one.
Display name. Nullable — external-ID-only creation is valid.
Suspended tenants reject conversation/message writes with 403 tenant-suspended; reads keep working.
Tenant default repository — the fall-through of the resolution cascade (message → conversation → user → role → tenant default). Must reference an attached repository.
Tenant-level runtime defaults and caps. Downstream scopes (conversation, message) may only narrow within these.
object
Default filler-agent enablement — root of the filler cascade (tenant → conversation → message; most specific wins).
Default runtime.agent_type for new conversations (open enum; e.g. claude-agent-sdk, codex, deepagent).
Cap on any conversation’s sticky lease TTL.
Cap on simultaneously leased sticky sandboxes.
Free-form string key–value map for host/adapter bookkeeping (e.g. a host-side reference ID). Max 50 keys; values max 500 chars. Replaced wholesale when provided in updates.
object
RFC 3339 / ISO 8601 timestamp, UTC.
RFC 3339 / ISO 8601 timestamp, UTC.
Example
{ "object": "tenant", "status": "active", "settings": { "filler_enabled": true, "default_agent_type": "claude-agent-sdk", "max_sticky_ttl_seconds": 3600, "max_concurrent_sticky": 5 }}Missing or invalid credentials — no bearer token, an unknown/revoked sk_int_ key, or an expired platform JWT.
RFC 9457 problem+json error envelope. type is a URI under https://shiftagent.example.com/problems/{slug} (deployment host substituted); see the API-level problem registry for every slug.
object
Problem type URI (registry slug).
Short, human-readable summary of the problem type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI reference identifying this occurrence.
Correlation ID for support and log lookup.
On name-conflict, external-id-conflict, and resource-in-use: the ID of the existing/depended-on resource — fetch it and continue (replay recovery).
On validation-error, field-level details.
object
JSON pointer to the offending field.
What failed.
Examples
Missing or invalid bearer token
{ "type": "https://shiftagent.example.com/problems/insufficient-scope", "title": "Unauthorized", "status": 401, "detail": "Provide a valid sk_int_ service key or platform JWT.", "request_id": "req_01hzx8auth001"}Conflict — name-conflict / external-id-conflict (unique name or external ID taken; conflicting_resource_id names the holder — fetch it and continue), resource-in-use (guarded delete refused), cross-tenant (referenced resource belongs to another tenant), conversation-archived (write to an archived conversation), approval-expired (approval already resolved or expired), or idempotency-key-conflict (same key, different payload).
RFC 9457 problem+json error envelope. type is a URI under https://shiftagent.example.com/problems/{slug} (deployment host substituted); see the API-level problem registry for every slug.
object
Problem type URI (registry slug).
Short, human-readable summary of the problem type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI reference identifying this occurrence.
Correlation ID for support and log lookup.
On name-conflict, external-id-conflict, and resource-in-use: the ID of the existing/depended-on resource — fetch it and continue (replay recovery).
On validation-error, field-level details.
object
JSON pointer to the offending field.
What failed.
Examples
Named sub-resource already exists — recoverable
{ "type": "https://shiftagent.example.com/problems/name-conflict", "title": "Name conflict", "status": 409, "detail": "A role named \"csr\" already exists in this tenant.", "conflicting_resource_id": "rol_01hzx8csr001", "request_id": "req_01hzx8conf01"}Guarded delete refused
{ "type": "https://shiftagent.example.com/problems/resource-in-use", "title": "Resource in use", "status": 409, "detail": "Repository is attached to 1 tenant and pinned by 2 roles.", "conflicting_resource_id": "tnt_01hzx8acme001", "request_id": "req_01hzx8used01"}Unprocessable — validation-error (schema/semantic validation failed; errors[] lists JSON-pointer details) or role-required (user has multiple roles and no role_id was given).
RFC 9457 problem+json error envelope. type is a URI under https://shiftagent.example.com/problems/{slug} (deployment host substituted); see the API-level problem registry for every slug.
object
Problem type URI (registry slug).
Short, human-readable summary of the problem type.
HTTP status code.
Human-readable explanation specific to this occurrence.
URI reference identifying this occurrence.
Correlation ID for support and log lookup.
On name-conflict, external-id-conflict, and resource-in-use: the ID of the existing/depended-on resource — fetch it and continue (replay recovery).
On validation-error, field-level details.
object
JSON pointer to the offending field.
What failed.
Examples
Field-level validation failure
{ "type": "https://shiftagent.example.com/problems/validation-error", "title": "Validation error", "status": 422, "detail": "One or more fields failed validation.", "errors": [ { "pointer": "/skill_access/skill_ids/0", "message": "skl_01hzx8unknown does not belong to the effective repository." } ], "request_id": "req_01hzx8val001"}Ambiguous role at conversation creation
{ "type": "https://shiftagent.example.com/problems/role-required", "title": "Role required", "status": 422, "detail": "User usr_01hzx8jane001 holds 2 roles; pass role_id explicitly.", "request_id": "req_01hzx8role01"}