S2R Admin API Reference (Curated Skeleton)
Curated API reference for S2R admin tasks, covering authentication, service management, discovery, dashboard KPIs, license, updates, and settings.
Overview
This document provides a curated skeleton of the S2R Admin API, focusing on the highest-frequency endpoints for everyday operator and integration tasks (source: docs/customer/api-reference.md). The full API reference is auto-generated from the admin-api OpenAPI v3 specification and is available in JSON, YAML, and an interactive Swagger UI (source: docs/customer/api-reference.md).
API consumers can import the auto-generated OpenAPI specification into their preferred tooling for comprehensive coverage. This curated document serves as an entry point, not a substitute, for the full specification (source: docs/customer/api-reference.md).
All timestamps in API responses are in ISO-8601 UTC format. Response shapes are stable within a major version, and field additions are considered non-breaking changes (source: docs/customer/api-reference.md).
For per-service runtime endpoints (the REST-ified SOAP services themselves), refer to each service's own OpenAPI specification, typically located at https://s2r.your-domain.com/api/v1/<service>/openapi.json (source: docs/customer/api-reference.md).
Authentication
All S2R Admin API calls require an OIDC bearer token from your Identity Provider (IdP) (source: docs/customer/api-reference.md). This token must be included in the Authorization header of each request:
Authorization: Bearer <token>
(source: docs/customer/api-reference.md)
Tokens are issued by your IdP. For GCP-native installations, Cloud IAP signs these tokens; for Helm installations, OIDC is used (source: docs/customer/api-reference.md).
Access to API resources is controlled by Role-Based Access Control (RBAC) scopes:
| Scope | Description |
|---|---|
admin | Full read/write access across all resources. |
operator | Read/write access on services and runtime; read-only on settings and audit. |
reader | Read-only access across all resources. |
(source: docs/customer/api-reference.md)
Services
GET /admin/v1/services
Lists all services that have been onboarded to the platform (source: docs/customer/api-reference.md).
Request Example:
GET /admin/v1/services?status=published&limit=50 HTTP/1.1
Authorization: Bearer <token>
(source: docs/customer/api-reference.md)
Request Parameters:
| Name | Type | Description
