From 4c0985ca02b1a3f67fe6b538fdc570c361dc3c5f Mon Sep 17 00:00:00 2001 From: Kevin Zhang Date: Fri, 1 May 2026 11:32:43 -0700 Subject: [PATCH] fix(agents): correct auth scheme, stale paths, and phantom COMPLETED status - Add AgentAuth to global security array so Stainless includes it as a supported client auth scheme (was causing the Stainless merge step to fail, which prevented the documented spec from being published) - Update three agent endpoint descriptions that still referenced the old /transactions/{transactionId}/approve path instead of /actions/{actionId}/approve - Remove nonexistent COMPLETED terminal state from approvals-and-audit.mdx; APPROVED is the terminal success state in AgentActionStatus --- mintlify/global-accounts/agents/approvals-and-audit.mdx | 2 +- mintlify/openapi.yaml | 7 ++++--- openapi.yaml | 7 ++++--- openapi/openapi.yaml | 1 + .../paths/agents/agents_me_quotes_{quoteId}_execute.yaml | 2 +- openapi/paths/agents/agents_me_transfer-in.yaml | 2 +- openapi/paths/agents/agents_me_transfer-out.yaml | 2 +- 7 files changed, 13 insertions(+), 10 deletions(-) diff --git a/mintlify/global-accounts/agents/approvals-and-audit.mdx b/mintlify/global-accounts/agents/approvals-and-audit.mdx index 0433493d..653d24cc 100644 --- a/mintlify/global-accounts/agents/approvals-and-audit.mdx +++ b/mintlify/global-accounts/agents/approvals-and-audit.mdx @@ -26,7 +26,7 @@ When an agent submits an action that is not eligible for automatic execution, Gr 5. Your app shows the customer the requested amount, accounts, and reason. 6. The customer approves or rejects from that trusted surface. 7. Your backend calls `POST /agents/{agentId}/actions/{actionId}/approve` or `.../reject`. -8. Grid executes the action and the `AgentAction` transitions to `APPROVED`, then `COMPLETED` — or `REJECTED` if declined. +8. Grid executes the action and the `AgentAction` transitions to `APPROVED` — or `REJECTED` if declined. ## Approval outcomes diff --git a/mintlify/openapi.yaml b/mintlify/openapi.yaml index 2ff9e36b..72748b01 100644 --- a/mintlify/openapi.yaml +++ b/mintlify/openapi.yaml @@ -15,6 +15,7 @@ servers: description: Production server security: - BasicAuth: [] + - AgentAuth: [] tags: - name: Platform Configuration description: Platform configuration endpoints for managing global settings. You can also configure these settings in the Grid dashboard. @@ -5288,7 +5289,7 @@ paths: summary: Execute a quote description: | Execute a quote created by the authenticated agent. Requires the EXECUTE_QUOTES permission in the agent's policy. - If the agent's policy requires approval for this amount (based on execution mode or approval thresholds), the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + If the agent's policy requires approval for this amount (based on execution mode or approval thresholds), the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. Once executed, the quote cannot be cancelled. operationId: agentExecuteQuote tags: @@ -5452,7 +5453,7 @@ paths: summary: Create a transfer-in description: | Transfer funds from an external account to an internal account for the authenticated agent's customer. Accounts must belong to the agent's customer. Requires the CREATE_TRANSFERS permission in the agent's policy. - If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. This endpoint should only be used for external account sources with pull functionality (e.g. ACH Pull). Otherwise, use the payment instructions on the internal account to deposit funds. operationId: agentCreateTransferIn tags: @@ -5525,7 +5526,7 @@ paths: summary: Create a transfer-out description: | Transfer funds from an internal account to an external account for the authenticated agent's customer. Accounts must belong to the agent's customer. Requires the CREATE_TRANSFERS permission in the agent's policy. - If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. operationId: agentCreateTransferOut tags: - Agent Operations diff --git a/openapi.yaml b/openapi.yaml index 2ff9e36b..72748b01 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -15,6 +15,7 @@ servers: description: Production server security: - BasicAuth: [] + - AgentAuth: [] tags: - name: Platform Configuration description: Platform configuration endpoints for managing global settings. You can also configure these settings in the Grid dashboard. @@ -5288,7 +5289,7 @@ paths: summary: Execute a quote description: | Execute a quote created by the authenticated agent. Requires the EXECUTE_QUOTES permission in the agent's policy. - If the agent's policy requires approval for this amount (based on execution mode or approval thresholds), the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + If the agent's policy requires approval for this amount (based on execution mode or approval thresholds), the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. Once executed, the quote cannot be cancelled. operationId: agentExecuteQuote tags: @@ -5452,7 +5453,7 @@ paths: summary: Create a transfer-in description: | Transfer funds from an external account to an internal account for the authenticated agent's customer. Accounts must belong to the agent's customer. Requires the CREATE_TRANSFERS permission in the agent's policy. - If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. This endpoint should only be used for external account sources with pull functionality (e.g. ACH Pull). Otherwise, use the payment instructions on the internal account to deposit funds. operationId: agentCreateTransferIn tags: @@ -5525,7 +5526,7 @@ paths: summary: Create a transfer-out description: | Transfer funds from an internal account to an external account for the authenticated agent's customer. Accounts must belong to the agent's customer. Requires the CREATE_TRANSFERS permission in the agent's policy. - If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. operationId: agentCreateTransferOut tags: - Agent Operations diff --git a/openapi/openapi.yaml b/openapi/openapi.yaml index 96f695d1..771b4131 100644 --- a/openapi/openapi.yaml +++ b/openapi/openapi.yaml @@ -279,3 +279,4 @@ webhooks: $ref: webhooks/verification-update.yaml security: - BasicAuth: [] + - AgentAuth: [] diff --git a/openapi/paths/agents/agents_me_quotes_{quoteId}_execute.yaml b/openapi/paths/agents/agents_me_quotes_{quoteId}_execute.yaml index c1126e8e..7754dbe8 100644 --- a/openapi/paths/agents/agents_me_quotes_{quoteId}_execute.yaml +++ b/openapi/paths/agents/agents_me_quotes_{quoteId}_execute.yaml @@ -14,7 +14,7 @@ post: If the agent's policy requires approval for this amount (based on execution mode or approval thresholds), the transaction will be created in a pending state and - must be approved by the platform via `POST /agents/{agentId}/transactions/{transactionId}/approve`. + must be approved by the platform via `POST /agents/{agentId}/actions/{actionId}/approve`. Once executed, the quote cannot be cancelled. operationId: agentExecuteQuote diff --git a/openapi/paths/agents/agents_me_transfer-in.yaml b/openapi/paths/agents/agents_me_transfer-in.yaml index 3a282417..4deba5af 100644 --- a/openapi/paths/agents/agents_me_transfer-in.yaml +++ b/openapi/paths/agents/agents_me_transfer-in.yaml @@ -7,7 +7,7 @@ post: If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via - `POST /agents/{agentId}/transactions/{transactionId}/approve`. + `POST /agents/{agentId}/actions/{actionId}/approve`. This endpoint should only be used for external account sources with pull functionality (e.g. ACH Pull). Otherwise, use the payment instructions on the internal account to diff --git a/openapi/paths/agents/agents_me_transfer-out.yaml b/openapi/paths/agents/agents_me_transfer-out.yaml index 57d9a25a..24ef251e 100644 --- a/openapi/paths/agents/agents_me_transfer-out.yaml +++ b/openapi/paths/agents/agents_me_transfer-out.yaml @@ -7,7 +7,7 @@ post: If the agent's policy requires approval for this amount, the transaction will be created in a pending state and must be approved by the platform via - `POST /agents/{agentId}/transactions/{transactionId}/approve`. + `POST /agents/{agentId}/actions/{actionId}/approve`. operationId: agentCreateTransferOut tags: - Agent Operations