Skip to main content

Flows API

Flows are declarative delivery contracts that connect an endpoint (source receiver) to a target (delivery destination).

Status: WIRED_SANDBOX. This page describes the current contract surface and known non-claims. It is not a production-live availability claim.

Terminology

Customer termInternal API/model termAPI path
Flowdelivery-flow/delivery-flows

Audience

Customer / developer managing event routing.

Base path

/api/bff/v1/tenants/{tenant_id}/clusters/{cluster_id}/delivery-flows (dashboard/BFF — app-facing, INTERNAL_ONLY)
/v1/tenants/{tenant_id}/delivery-flows (backend API — WIRED_SANDBOX)

Endpoint table

MethodPathDescriptionRead/WriteStatusAuth/scopesIdempotencyOpenAPI
GET/tenants/{tid}/delivery-flowsList flowsReadWIRED_SANDBOXread:delivery-flowsNot requiredPartial (zen-back)
POST/tenants/{tid}/delivery-flowsCreate a flowWriteWIRED_SANDBOXwrite:delivery-flowsRecommendedPartial (zen-back)
GET/tenants/{tid}/delivery-flows/{fid}Get flow detailsReadWIRED_SANDBOXread:delivery-flowsNot requiredPartial (zen-back)
PUT/tenants/{tid}/delivery-flows/{fid}Update a flowWriteWIRED_SANDBOXwrite:delivery-flowsRecommendedPartial (zen-back)
DELETE/tenants/{tid}/delivery-flows/{fid}Delete a flowWriteWIRED_SANDBOXwrite:delivery-flowsRecommendedPartial (zen-back)

Read/write status

OperationReadWriteStatus
List flowsYesWIRED_SANDBOX
Create flowYesWIRED_SANDBOX
Get flow detailsYesWIRED_SANDBOX
Update flowYesWIRED_SANDBOX
Delete flowYesWIRED_SANDBOX

Write operations require tenant authorization, appropriate scopes, and audit logging. See Write Safety Model for details.

List example

curl -sS -H "Authorization: Bearer <api_key>" \
"https://api.zen-mesh.io/v1/tenants/<tenant_id>/delivery-flows"

Create example

curl -X POST \
-H "Authorization: Bearer <api_key>" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: <unique_key>" \
-d '{"name": "stripe-to-app", "source_id": "ing_abc123", "destination_id": "dest_abc123"}' \
"https://api.zen-mesh.io/v1/tenants/<tenant_id>/delivery-flows"

Request fields

FieldTypeRequiredDescription
namestringYesHuman-readable name
source_idstringYesEndpoint ID (source receiver)
destination_idstringYesTarget ID (delivery destination)
config.retry_policy.max_attemptsintegerNoMaximum retry attempts (default: 3)
config.retry_policy.backoff_secondsintegerNoInitial backoff in seconds (default: 10)

Error examples

400 Validation error

{
"type": "https://api.zen-mesh.io/errors/validation-error",
"title": "Validation Error",
"status": 400,
"detail": "source_id: endpoint not found",
"instance": "req_abc123"
}

403 Insufficient scope

{
"type": "https://api.zen-mesh.io/errors/insufficient-scope",
"title": "Insufficient Scope",
"status": 403,
"detail": "API key does not have write:delivery-flows scope.",
"required_scope": "write:delivery-flows"
}

Pagination

List flows supports pagination with limit and cursor parameters. See Pagination and Filtering.

Auth

Bearer JWT or API key in Authorization header. Tenant-scoped via path parameter. See Authentication for scope model.

OpenAPI coverage

Partially covered in zen-back.v1.yaml (delivery-flows CRUD). See OpenAPI Spec Index.

UI mapping

Connect → Flows, Maintain → Flows

Non-claims

  • WIRED_SANDBOX: implemented in local/sandbox runtime. Not production-live.
  • Multi-target fanout is a Business+ planned feature (V1.1).
  • GitOps for flows is not available in V1 (planned V1.1 Business+).
  • Draft vs published flow distinction is V1.1+ planned, not available in V1.