API Reference
Ruri provides a comprehensive REST API for programmatic access to all features. All endpoints are relative to the base URL (default: http://localhost:3000).
Authentication
Most API endpoints require authentication via a session cookie. Authenticate by logging in first.
Login
POST /api/auth/loginRequest body:
{
"username": "ruri",
"password": "ruri"
}Response: A session cookie is set in the response headers.
Logout
POST /api/auth/logoutChat
Send a Chat Message
POST /api/chatRequest body:
{
"message": "Hello, how are you?",
"conversation_id": "optional-conversation-id"
}Get Chat History
GET /api/chat/historyClear Chat History
DELETE /api/chat/historyConversations
See the Chat History page for a detailed overview of the conversation system.
List Conversations
GET /api/conversationsQuery parameters (optional):
| Parameter | Description |
|---|---|
bot_name | Filter by bot name |
chat_type | Filter by group or private |
keyword | Search in title and chat ID (partial match) |
Create Conversation
POST /api/conversationsRequest body:
{
"bot_name": "my-bot",
"chat_type": "private",
"chat_id": "user-123",
"title": "My Conversation"
}Get Conversation
GET /api/conversations/:idDelete Conversation
DELETE /api/conversations/:idDeletes a conversation and all its messages (cascade delete). Returns 204 No Content on success.
Add Message to Conversation
POST /api/conversations/:id/messagesRequest body:
{
"role": "user",
"content": "Hello!"
}The conversation's updated_at timestamp is automatically refreshed when a message is added.
Get Conversation Messages
GET /api/conversations/:id/messagesReturns all messages in a conversation, ordered by created_at ascending.
Providers
List Providers
GET /api/providersCreate Provider
POST /api/providersRequest body:
{
"name": "My Provider",
"provider_type": "openai_compatible",
"api_url": "https://api.openai.com/v1",
"api_key": "sk-...",
"model": "gpt-4o"
}Get Provider
GET /api/providers/:idUpdate Provider
PUT /api/providers/:idRequest body: Same as create, with fields to update.
Delete Provider
DELETE /api/providers/:idActivate Provider
POST /api/providers/:id/activateSets the specified provider as the active provider for all chat interactions.
Skills
List Skills
GET /api/skillsAdd Skill
POST /api/skillsRequest body:
{
"name": "my-skill",
"content": "---\nname: my-skill\ndescription: My skill\n---\nSkill instructions here."
}Upload Skill Package
POST /api/skills/uploadRequest: Multipart form data with a file field containing a ZIP archive.
curl -X POST http://localhost:3000/api/skills/upload \
-H "Cookie: session=<your-session-cookie>" \
-F "file=@skills.zip"Toggle Skill
PATCH /api/skills/:nameRequest body:
{
"enabled": true
}Delete Skill
DELETE /api/skills/:nameTools
List Tools
GET /api/toolsReturns a list of all available tools, including built-in tools and MCP-provided tools.
Agent
Get Agent Status
GET /api/agent/statusReturns the current status of the agent, including whether it's processing a request.
ACP
Get ACP Configuration
GET /api/acp/configUpdate ACP Configuration
PUT /api/acp/configPlatforms
Platform CRUD endpoints follow the standard pattern:
GET /api/platforms — List platforms
POST /api/platforms — Create platform
GET /api/platforms/:id — Get platform
PUT /api/platforms/:id — Update platform
DELETE /api/platforms/:id — Delete platformAuthentication Endpoints
POST /api/auth/login — Login
POST /api/auth/logout — LogoutAdditional auth endpoints may be available for password changes and username updates.
WebSocket
Real-time Logs
WS /api/ws/logsConnect to this WebSocket endpoint to receive real-time log messages from the LogManager. This is the same data displayed in the Web UI's log viewer.
Message format:
{
"level": "info",
"message": "Agent started processing",
"timestamp": "2024-01-01T00:00:00Z"
}Error Responses
All endpoints return errors in the following format:
{
"error": "Error message describing what went wrong"
}Common HTTP status codes:
| Status | Description |
|---|---|
| 200 | Success |
| 201 | Created |
| 400 | Bad request — Invalid input |
| 401 | Unauthorized — Authentication required |
| 403 | Forbidden — Insufficient permissions |
| 404 | Not found |
| 500 | Internal server error |
Authentication Details
Ruri uses session-based authentication with cookies:
- Login —
POST /api/auth/loginwith credentials - Session cookie — Returned in the response, automatically included in subsequent requests
- Default credentials —
ruri/ruri(change on first login) - Password changes — Supported after initial login
- Username updates — Supported through the auth endpoints
提示
When using curl, include the session cookie with -H "Cookie: session=<value>". When using a browser or HTTP client library, cookies are typically handled automatically.