FabricFabricExperiments
Platform

Hosted API

The Next.js control plane that owns experiment lifecycle, auth, manifests, audit events, and aggregate queries.

apps/api is the hosted control plane. It is currently designed for Vercel/Node deployment.

Public API groups

  • /api/auth/* — Better Auth.
  • /api/v1/tenants/me — current organization/member context.
  • /api/v1/orgs/{orgId}/experiments/* — experiments and actions.
  • /api/v1/orgs/{orgId}/manifests/* — keys and publishing.
  • /api/v1/orgs/{orgId}/audit — audit events.
  • /.well-known/jwks/{orgId} — manifest verification keys.

Internal API groups

  • /internal/audit-export/* — Cloudflare audit export worker.
  • /internal/audit-forward/* — Harness audit-forward consumer.
  • /internal/retention/prune — retention worker.

Handlers are generated around endpoint definitions from packages/api-protocol. Each route gets session/API-key resolution, org role checks, zod validation, and consistent JSON errors.

Audit trail

Experiment changes are recorded as immutable audit events and can be exported or forwarded to agents.

Studio UI

The admin UI for experiments, audit logs, kill actions, authentication, organizations, and SAML settings.

On this page

Public API groupsInternal API groups