diff --git a/api-reference/error-codes.mdx b/api-reference/error-codes.mdx index 112fff8..f4f1df1 100644 --- a/api-reference/error-codes.mdx +++ b/api-reference/error-codes.mdx @@ -185,6 +185,8 @@ Codes here are the externally-observable subset of the server registry; a gap in |---|---|---|---| | `UZ-CONN-001` | 503 | Connector not configured | Connect is unavailable for this provider on this deployment — the platform app credentials (GitHub App slug / Slack app secrets) are unset. An operator must register the provider app and populate the admin vault before workspaces can connect. | | `UZ-CONN-002` | 400 | Invalid connect state | The connect callback's `state` was missing, forged, expired, or already used. Start the connect again from the dashboard — each attempt issues a fresh single-use state. | +| `UZ-CONN-003` | 502 | Connector vendor call exceeded its deadline | An outbound call to the connector's vendor hit its enforced deadline (the vendor accepted the connection, then stalled), could not be deadline-armed, or the vendor was unreachable — the call never runs unbounded. Transient — retry; if it persists, check the vendor's status page and this deployment's egress. | +| `UZ-CONN-004` | 404 | Unknown connector provider | The `{provider}` in the connector URL does not match any provider in this deployment's connector registry. List the available providers from the dashboard connectors page. | | `UZ-CRED-001` | 404 | Integration not connected | No connected integration matches this id for the fleet's workspace. Connect it first (e.g. GitHub via the dashboard **Connect** flow) before a fleet can mint a token for it. | | `UZ-GH-001` | 409 | GitHub App reconnect required | The GitHub App installation is gone (uninstalled or revoked), so no token can be minted. Reconnect GitHub from the dashboard — the fleet stays blocked until the App is reinstalled. | | `UZ-GH-002` | 502 | GitHub token mint failed | GitHub did not return an installation token (upstream 5xx, network, or a malformed exchange response). Transient — retry shortly; if it persists, check GitHub status and the App configuration. | diff --git a/changelog.mdx b/changelog.mdx index 474af05..bff7a8c 100644 --- a/changelog.mdx +++ b/changelog.mdx @@ -42,6 +42,19 @@ export const STAGE_SELF_MANAGED_M66 = "$0.0001"; - **New error codes:** `UZ-SLK-010` (401, invalid Slack signature), `UZ-SLK-011` (401, stale timestamp), `UZ-SLK-020` (200 — an event from a team with no install is acknowledged and ignored), `UZ-SLK-022` (502, OAuth token exchange failed), `UZ-SLK-030` (502, answer delivery to Slack failed — logged and retried; the run itself never fails). `UZ-CONN-001`/`UZ-CONN-002` now cover the Slack connect flow as well as GitHub. + + ## Connector platform: one uniform API, bounded vendor calls + + Connecting a third-party service (Slack, GitHub, and the providers landing next) now runs through one uniform, documented route set instead of a per-provider one. The URLs you already use are unchanged; what's new is that the connector surface is in the public API reference, an unknown provider returns a clear `404` instead of a generic not-found, and every outbound call agentsfleet makes to a connector's vendor is now time-bounded — a vendor that accepts a connection and then stalls degrades that one connect or mention instead of tying up the platform. + + ## API reference + + - **`POST /v1/workspaces/{workspace_id}/connectors/{provider}/connect`** and **`GET /v1/workspaces/{workspace_id}/connectors/{provider}`** — start a connect and read connector status for any registered provider (`slack`, `github`), Bearer-authed with the `connector:write` / `connector:read` scopes. + - **`GET /v1/connectors/{provider}/callback`** — the vendor redirect target; Bearer-less, authenticated by the signed single-use state minted at connect. + - **`UZ-CONN-003`** (502) — an outbound call to a connector's vendor hit its enforced deadline, could not be time-bounded, or the vendor was unreachable; the call never runs unbounded. Transient — retry. + - **`UZ-CONN-004`** (404) — the `{provider}` in a connector URL matches no provider on this deployment; the body names the unknown provider. + + ## Bring your own Fleet templates diff --git a/docs.json b/docs.json index f1f09de..6bea421 100644 --- a/docs.json +++ b/docs.json @@ -195,6 +195,15 @@ "DELETE /v1/workspaces/{workspace_id}/credentials/{credential_name}" ] }, + { + "group": "Connectors", + "pages": [ + "POST /v1/workspaces/{workspace_id}/connectors/{provider}/connect", + "GET /v1/workspaces/{workspace_id}/connectors/{provider}", + "GET /v1/connectors/{provider}/callback", + "POST /v1/connectors/slack/events" + ] + }, { "group": "Approvals", "pages": [