curl -X POST "https://your-instance.com/api/tools/create" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"id": "my_custom_tool",
"name": "My Custom Tool",
"content": "class Tools:\n def calculator(self, expression: str) -> str:\n return str(eval(expression))",
"meta": {
"description": "A custom calculator tool"
},
"access_grants": []
}'
workspace.tools or workspace.tools_import permission for non-admin users.
Request Body
Unique identifier for the tool. Must be alphanumeric with underscores only (will be converted to lowercase).
Display name for the tool
Python source code for the tool. Must define a Tools class with tool methods. The system will:
- Replace imports with internal versions
- Load and validate the tool module
- Extract tool specifications from the class
- Parse frontmatter manifest
Tool metadata
Description of what the tool does
Additional manifest data (will be populated from tool frontmatter)
Access control configurationShow access grant properties
User ID, group ID, or ”*” for all
Response
Returns the created ToolResponse object with ID, metadata, and specifications.
curl -X GET "https://your-instance.com/api/tools/id/my_tool" \
-H "Authorization: Bearer YOUR_API_KEY"
Path Parameters
Response
Returns ToolAccessResponse with the complete tool data and write_access flag.
curl -X POST "https://your-instance.com/api/tools/id/my_tool/update" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"id": "my_tool",
"name": "Updated Tool Name",
"content": "class Tools:\n pass",
"meta": {
"description": "Updated description"
}
}'
Request Body
Same as Create Tool request body.
curl -X POST "https://your-instance.com/api/tools/id/my_tool/access/update" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"access_grants": [
{
"principal_type": "user",
"principal_id": "user123",
"permission": "read"
},
{
"principal_type": "group",
"principal_id": "group456",
"permission": "write"
}
]
}'
Request Body
Array of access grant objects. Replaces existing grants.
sharing.public_tools permission.
curl -X DELETE "https://your-instance.com/api/tools/id/my_tool/delete" \
-H "Authorization: Bearer YOUR_API_KEY"
Response
true if deletion was successful, false otherwise
Valve Management
curl -X GET "https://your-instance.com/api/tools/id/my_tool/valves" \
-H "Authorization: Bearer YOUR_API_KEY"
Get Valves Schema
curl -X GET "https://your-instance.com/api/tools/id/my_tool/valves/spec" \
-H "Authorization: Bearer YOUR_API_KEY"
Valves class).
curl -X POST "https://your-instance.com/api/tools/id/my_tool/valves/update" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"api_key": "new_value",
"enabled": true
}'
User Valves
Get User Valves
curl -X GET "https://your-instance.com/api/tools/id/my_tool/valves/user" \
-H "Authorization: Bearer YOUR_API_KEY"
Get User Valves Schema
curl -X GET "https://your-instance.com/api/tools/id/my_tool/valves/user/spec" \
-H "Authorization: Bearer YOUR_API_KEY"
UserValves class).
Update User Valves
curl -X POST "https://your-instance.com/api/tools/id/my_tool/valves/user/update" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"preference": "value"
}'
curl -X POST "https://your-instance.com/api/tools/load/url" \
-H "Authorization: Bearer YOUR_ADMIN_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://github.com/user/repo/blob/main/tool.py"
}'
Request Body
GitHub URL to the tool file or folder. URLs are automatically converted to raw.githubusercontent.com format.
Response
Suggested tool name extracted from the filename/folder
"""
title: My Tool
author: Your Name
version: 1.0.0
"""
from pydantic import BaseModel, Field
class Valves(BaseModel):
# Optional: Define configuration parameters
api_key: str = Field(default="", description="API Key")
class UserValves(BaseModel):
# Optional: Define user-specific parameters
enabled: bool = Field(default=True, description="Enable tool")
class Tools:
def __init__(self):
self.valves = Valves()
def my_function(self, param: str) -> str:
"""
Description of what this function does.
:param param: Parameter description
:return: Return value description
"""
return f"Result: {param}"
- Extracts tool specifications from the
Tools class methods
- Parses frontmatter as manifest
- Validates valve schemas
- Generates API documentation from docstrings
Error Responses
400 Bad Request
- Invalid tool ID format
- Tool ID already exists
- Invalid Python code
- Failed to load tool module
401 Unauthorized
- Missing authentication
- Insufficient permissions
404 Not Found
Authentication & Permissions
- Most operations require verified user authentication
- Creating tools requires
workspace.tools or workspace.tools_import permission
- Exporting tools requires
workspace.tools_export permission
- Write operations require tool ownership, write grant, or admin privileges
- Loading from URL requires admin privileges