Manage app lifecycle: list, delete, pause/resume, get config, update access mode, secure, update CORS, clone, and find templates.
Actions:
- "list": List all backend apps with basic metadata (no app_id needed)
- "delete": Delete an app and ALL its resources permanently (IRREVERSIBLE)
- "pause": Pause or resume all data-plane traffic for an app (kill-switch)
- "get_config": Get detailed configuration for an app including CORS, storage settings, and metadata
- "set_visibility": Toggle the app's template visibility between "public" and "private"
- "update_access_mode": Toggle an app's access mode between "public" and "authenticated"
- "secure": Lock down an app: sets access_mode to "authenticated" and optionally enables RLS user isolation
- "update_cors": Update CORS allowed origins to control which frontend domains can access your API
- "preview_clone_env_vars": Preview which env vars a source app's functions need before cloning. Returns { functions: [{ fn_name, keys, conventions }] }. Call this before clone to decide what to supply via env_var_values or auto_mint_api_key.
- "clone": Create a clone of a public app. Returns { job_id, pending_env_vars }. The dest app is a fresh empty-DB app owned by the caller. Source must be public and have a repo snapshot. Supply env_var_values and/or auto_mint_api_key to pre-fill function env vars; pending_env_vars lists keys still needing values.
- "get_clone_job": Look up the status of a previously-started clone job. Returns { status, dest_app_id?, error_message? }.
- "find_templates": Search public templates by name, region, sort order, and pagination. Returns paginated list of public app templates.
- "set_clone_webhook": Set or clear a webhook that fires when someone clones this app. Pass webhook_url + webhook_secret to configure, or clear_webhook: true to remove.
- "link_substrate": Link this app to the caller's substrate. Once linked, the app's deployed functions receive ctx.substrate and its actions/entities flow into the caller's substrate ledger.
- "unlink_substrate": Unlink this app from substrate. ctx.substrate stops being injected; in-flight actions are unaffected.
Parameters by action:
list: { action: "list" }
delete: { action: "delete", app_id }
pause: { action: "pause", app_id, paused, reason? }
get_config: { action: "get_config", app_id }
set_visibility: { action: "set_visibility", app_id, visibility, listed? }
update_access_mode: { action: "update_access_mode", app_id, access_mode }
secure: { action: "secure", app_id, tables? }
update_cors: { action: "update_cors", app_id, allowed_origins }
preview_clone_env_vars: { action: "preview_clone_env_vars", source_app_id }
clone: { action: "clone", source_app_id, name?, region?, env_var_values?, auto_mint_api_key? }
get_clone_job: { action: "get_clone_job", job_id }
find_templates: { action: "find_templates", q?, region?, sort?, limit?, offset? }
set_clone_webhook: { action: "set_clone_webhook", app_id, webhook_url, webhook_secret } or { action: "set_clone_webhook", app_id, clear_webhook: true }
link_substrate: { action: "link_substrate", app_id }
unlink_substrate: { action: "unlink_substrate", app_id }
Common errors:
- RESOURCE_NOT_FOUND: App doesn't exist, verify app_id with action: "list"
- AUTH_INVALID_API_KEY: Check your API key is set correctly