Overview
The Alfred API gives you full programmatic access to your vault, specialists, workflows, and service management. Everything you can do in the dashboard, you can do via the API.The base URL for all API endpoints is
https://alfred.black/api/v1. Authenticate every request with your API key.Authentication
Every request requires a Bearer token in theAuthorization header:
Request format
All requests that send data must useapplication/json as the Content-Type:
Response format
All responses return JSON. Successful responses have a structure specific to each endpoint. Error responses follow a consistent format:Error codes
| Code | HTTP Status | Description |
|---|---|---|
UNAUTHORIZED | 401 | Missing, malformed, or invalid API key |
VALIDATION_ERROR | 400 | Request body failed validation (missing required fields, invalid types) |
NOT_FOUND | 404 | Requested resource does not exist |
CONFLICT | 409 | Operation conflicts with current state (e.g., record already exists) |
EXEC_ERROR | 500 | Operation execution failed |
INTERNAL_ERROR | 500 | Unexpected server error |
Endpoint groups
The API is organized into 8 functional groups with 86 endpoints:Vault (12 endpoints)
Record CRUD, search, inbox management, schema inspection.
Workers (15 endpoints)
Curator, Janitor, Distiller, and Surveyor control. Start, stop, scan, run.
Workflows (7 endpoints)
Workflow management. List, start, terminate, signal, cancel, view history.
Schedules (7 endpoints)
Recurring workflows. Create, pause, unpause, trigger, delete schedules.
Devices (7 endpoints)
Device pairing. Approve, reject, remove, rotate keys, revoke access.
OpenClaw (13 endpoints)
Gateway management. Health, skills, sessions, agents, plugins, hooks, secrets.
Logs (1 endpoint)
Real-time SSE log streaming from your services.
Instance (24 endpoints)
Health checks, system info, service management, credentials, specialist config.
Next steps
Authentication
Learn how to authenticate API requests
Vault endpoints
Start with vault operations