The control-plane API is the transport the CLI speaks to a server. Most operators
never call it directly — the boatramp subcommands wrap it — but it is a stable,
documented surface for building your own tooling. This page lists the endpoints;
the CLI reference maps each command onto them.
Base path. Every control-plane endpoint is under /api. Public serving
(host-routed content, /_sites/*, /healthz) is a separate, unauthenticated
surface.
Authentication. A bearer token in Authorization: Bearer <token>. Every
/api/* request is authenticated and authorized, except the handful gated by
their own single-use credential (bootstrap, join, OIDC exchange). The exact
right each endpoint requires is in the
request-to-right mapping.
Bodies. Requests and responses are JSON, except blob upload (raw bytes) and
/api/metrics (Prometheus text).
Errors. A non-2xx status carries a JSON { "error": "..." }. 401 is a
missing or invalid token; 403 is a valid token without the required right.