github/sim
1
0
Fork 0
mirror of https://github.com/simstudioai/sim.git synced 2026-02-10 06:35:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github:improvement/schema-derivation
Branches Tags
github:main github:improvement/schema-derivation github:staging github:feat/landing github:feat/the-copilot github:cursor/development-environment-setup-aad3 github:cursor/development-environment-setup-becb github:sim-609-tool-input-refactor github:feature/tiktok-integration github:feat/copilot-server-1 github:cursor/run-button-label-and-hover-fdc2 github:fix/tracespans github:sim-614 github:fix/kbtags github:feat/agent-media github:feat/copilot-server github:cleanup github:fix/hitl-outputs github:fix/copilot-credentials-validation github:dependabot/npm_and_yarn/npm_and_yarn-ae354da9f7 github:fix/s-tool github:lakees/db github:improvement/copilot-refactor github:feat/copilot-resume github:fix/start-inp github:feat/impersonation github:fix/refresh github:fix/copilot-thinking github:feat/groups github:fix/dups github:improvement/copilot-superagent-split github:improvement/respone-block github:SIM-514-useWebhookUrl-conditioning github:sim-499 github:fix/tool-output github:feat/figma github:feat/custom-oauth-adv-mdoe github:feat/zapier github:feat/snowflake github:feat/workflow-import-su github:feat/run-from-block github:improvement/debug-mode github:feat/while-subflow github:feat/aws-lambda
github:v0.5.85 github:v0.5.84 github:v0.5.83 github:v0.5.82 github:v0.5.81 github:v0.5.80 github:v0.5.79 github:v0.5.78 github:v0.5.77 github:v0.5.76 github:v0.5.75 github:v0.5.74 github:v0.5.73 github:v0.5.72 github:v0.5.71 github:python-sdk-v0.1.2 github:typescript-sdk-v0.1.2 github:v0.5.70 github:v0.5.69 github:v0.5.68 github:v0.5.67 github:v0.5.66 github:v0.5.65 github:v0.5.64 github:v0.5.63 github:v0.5.62 github:v0.5.61 github:v0.5.60 github:v0.5.59 github:v0.5.58 github:v0.5.57 github:v0.5.56 github:v0.5.55 github:v0.5.54 github:v0.5.53 github:v0.5.52 github:v0.5.51 github:v0.5.50 github:v0.5.49 github:v0.5.48 github:v0.5.47 github:v0.5.46 github:v0.5.45 github:v0.5.44 github:v0.5.43 github:v0.5.42 github:v0.5.41 github:v0.5.40 github:v0.5.39 github:v0.5.38 github:v0.5.37 github:v0.5.36 github:v0.5.35 github:v0.5.34 github:v0.5.33 github:v0.5.32 github:v0.5.31 github:v0.5.30 github:v0.5.29 github:v0.5.28 github:v0.5.27 github:v0.5.26 github:v0.5.25 github:v0.5.24 github:v0.5.23 github:v0.5.22 github:v0.5.21 github:v0.5.20 github:v0.5.19 github:v0.5.18 github:v0.5.17 github:v0.5.16 github:v0.5.15 github:v0.5.14 github:python-sdk-v0.1.1 github:typescript-sdk-v0.1.1 github:v0.5.13 github:v0.5.12 github:v0.5.11 github:v0.5.8 github:v0.5.9 github:v0.5.7 github:v0.5.6 github:v0.5.5 github:v0.5.2 github:v0.5.1 github:v0.5 github:v0.4.25 github:v0.4.24 github:v0.4.23 github:v0.4.22 github:v0.4.21 github:v0.4.20 github:v0.4.19 github:v0.4.17 github:v0.4.16 github:v0.4.15 github:v0.4.14 github:v0.4.13 github:v0.4.12 github:v0.4.11 github:v0.4.10 github:v0.4.9 github:v0.4.8 github:v0.4.7 github:v0.4.6 github:v0.4.5 github:v0.4.4 github:v0.4.3 github:v0.4.2 github:v0.4.1 github:v0.4.0 github:v0.3.41 github:v0.3.42 github:v0.3.43 github:v0.3.44 github:v0.3.45 github:v0.3.46 github:v0.3.47 github:v0.3.50 github:v0.3.51 github:v0.3.52 github:v0.3.53 github:v0.3.54 github:v0.3.55 github:v0.3.56 github:v0.3.57 github:v0.3.58 github:v0.2.1 github:v0.2.2 github:v0.2.3 github:v0.2.4 github:v0.2.5 github:v0.2.6 github:v0.2.7 github:v0.2.8 github:v0.2.9 github:v0.2.11 github:v0.2.12 github:v0.2.13 github:v0.3.1 github:v0.3.2 github:v0.3.3 github:v0.3.4 github:v0.3.5 github:v0.3.6 github:v0.3.7 github:v0.3.8 github:v0.3.9 github:v0.3.10 github:v0.3.13 github:v0.3.14 github:v0.3.15 github:v0.3.16 github:v0.3.17 github:v0.3.19 github:v0.3.21 github:v0.3.22 github:v0.3.23 github:v0.3.24 github:v0.3.26 github:v0.3.27 github:v0.3.28 github:v0.3.30 github:v0.3.31 github:v0.3.32 github:v0.3.33 github:v0.3.34 github:v0.3.35 github:v0.3.36 github:v0.3.37 github:v0.3.38 github:v0.3.39 github:v0.3.40 github:v1.0.0
..
compare: github:v0.5.82
Branches Tags
github:improvement/schema-derivation github:staging github:feat/landing github:feat/the-copilot github:cursor/development-environment-setup-aad3 github:cursor/development-environment-setup-becb github:main github:sim-609-tool-input-refactor github:feature/tiktok-integration github:feat/copilot-server-1 github:cursor/run-button-label-and-hover-fdc2 github:fix/tracespans github:sim-614 github:fix/kbtags github:feat/agent-media github:feat/copilot-server github:cleanup github:fix/hitl-outputs github:fix/copilot-credentials-validation github:dependabot/npm_and_yarn/npm_and_yarn-ae354da9f7 github:fix/s-tool github:lakees/db github:improvement/copilot-refactor github:feat/copilot-resume github:fix/start-inp github:feat/impersonation github:fix/refresh github:fix/copilot-thinking github:feat/groups github:fix/dups github:improvement/copilot-superagent-split github:improvement/respone-block github:SIM-514-useWebhookUrl-conditioning github:sim-499 github:fix/tool-output github:feat/figma github:feat/custom-oauth-adv-mdoe github:feat/zapier github:feat/snowflake github:feat/workflow-import-su github:feat/run-from-block github:improvement/debug-mode github:feat/while-subflow github:feat/aws-lambda
github:v0.5.85 github:v0.5.84 github:v0.5.83 github:v0.5.82 github:v0.5.81 github:v0.5.80 github:v0.5.79 github:v0.5.78 github:v0.5.77 github:v0.5.76 github:v0.5.75 github:v0.5.74 github:v0.5.73 github:v0.5.72 github:v0.5.71 github:python-sdk-v0.1.2 github:typescript-sdk-v0.1.2 github:v0.5.70 github:v0.5.69 github:v0.5.68 github:v0.5.67 github:v0.5.66 github:v0.5.65 github:v0.5.64 github:v0.5.63 github:v0.5.62 github:v0.5.61 github:v0.5.60 github:v0.5.59 github:v0.5.58 github:v0.5.57 github:v0.5.56 github:v0.5.55 github:v0.5.54 github:v0.5.53 github:v0.5.52 github:v0.5.51 github:v0.5.50 github:v0.5.49 github:v0.5.48 github:v0.5.47 github:v0.5.46 github:v0.5.45 github:v0.5.44 github:v0.5.43 github:v0.5.42 github:v0.5.41 github:v0.5.40 github:v0.5.39 github:v0.5.38 github:v0.5.37 github:v0.5.36 github:v0.5.35 github:v0.5.34 github:v0.5.33 github:v0.5.32 github:v0.5.31 github:v0.5.30 github:v0.5.29 github:v0.5.28 github:v0.5.27 github:v0.5.26 github:v0.5.25 github:v0.5.24 github:v0.5.23 github:v0.5.22 github:v0.5.21 github:v0.5.20 github:v0.5.19 github:v0.5.18 github:v0.5.17 github:v0.5.16 github:v0.5.15 github:v0.5.14 github:python-sdk-v0.1.1 github:typescript-sdk-v0.1.1 github:v0.5.13 github:v0.5.12 github:v0.5.11 github:v0.5.8 github:v0.5.9 github:v0.5.7 github:v0.5.6 github:v0.5.5 github:v0.5.2 github:v0.5.1 github:v0.5 github:v0.4.25 github:v0.4.24 github:v0.4.23 github:v0.4.22 github:v0.4.21 github:v0.4.20 github:v0.4.19 github:v0.4.17 github:v0.4.16 github:v0.4.15 github:v0.4.14 github:v0.4.13 github:v0.4.12 github:v0.4.11 github:v0.4.10 github:v0.4.9 github:v0.4.8 github:v0.4.7 github:v0.4.6 github:v0.4.5 github:v0.4.4 github:v0.4.3 github:v0.4.2 github:v0.4.1 github:v0.4.0 github:v0.3.41 github:v0.3.42 github:v0.3.43 github:v0.3.44 github:v0.3.45 github:v0.3.46 github:v0.3.47 github:v0.3.50 github:v0.3.51 github:v0.3.52 github:v0.3.53 github:v0.3.54 github:v0.3.55 github:v0.3.56 github:v0.3.57 github:v0.3.58 github:v0.2.1 github:v0.2.2 github:v0.2.3 github:v0.2.4 github:v0.2.5 github:v0.2.6 github:v0.2.7 github:v0.2.8 github:v0.2.9 github:v0.2.11 github:v0.2.12 github:v0.2.13 github:v0.3.1 github:v0.3.2 github:v0.3.3 github:v0.3.4 github:v0.3.5 github:v0.3.6 github:v0.3.7 github:v0.3.8 github:v0.3.9 github:v0.3.10 github:v0.3.13 github:v0.3.14 github:v0.3.15 github:v0.3.16 github:v0.3.17 github:v0.3.19 github:v0.3.21 github:v0.3.22 github:v0.3.23 github:v0.3.24 github:v0.3.26 github:v0.3.27 github:v0.3.28 github:v0.3.30 github:v0.3.31 github:v0.3.32 github:v0.3.33 github:v0.3.34 github:v0.3.35 github:v0.3.36 github:v0.3.37 github:v0.3.38 github:v0.3.39 github:v0.3.40 github:v1.0.0

49 Commits
improvemen ... v0.5.82

Author SHA1 Message Date
Waleed
a3a99eda19 v0.5.82: slack trigger files, pagination for linear, executor fixes 2026-02-06 00:41:52 -08:00
Waleed
1a66d48add v0.5.81: traces fix, additional confluence tools, azure anthropic support, opus 4.6 2026-02-05 11:28:54 -08:00
Waleed
46822e91f3 v0.5.80: lock feature, enterprise modules, time formatting consolidation, files, UX and UI improvements, longer timeouts 2026-02-04 18:27:05 -08:00
Waleed
2bb68335ee v0.5.79: longer MCP tools timeout, optimize loop/parallel regeneration, enrich.so integration 2026-01-31 21:57:56 -08:00
Waleed
8528fbe2d2 v0.5.78: billing fixes, mcp timeout increase, reactquery migrations, updated tool param visibilities, DSPy and Google Maps integrations 2026-01-31 13:48:22 -08:00
Waleed
31fdd2be13 v0.5.77: room manager redis migration, tool outputs, ui fixes 2026-01-30 14:57:17 -08:00
Waleed
028bc652c2 v0.5.76: posthog improvements, readme updates 2026-01-29 00:13:19 -08:00
Waleed
c6bf5cd58c v0.5.75: search modal overhaul, helm chart updates, run from block, terminal and visual debugging improvements 2026-01-28 22:54:13 -08:00
Vikhyath Mondreti
11dc18a80d v0.5.74: autolayout improvements, clerk integration, auth enforcements 2026-01-27 20:37:39 -08:00
Waleed
ab4e9dc72f v0.5.73: ci, helm updates, kb, ui fixes, note block enhancements 2026-01-26 22:04:35 -08:00
Vikhyath Mondreti
1c58c35bd8 v0.5.72: azure connection string, supabase improvement, multitrigger resolution, docs quick reference 2026-01-25 23:42:27 -08:00
Waleed
d63a5cb504 v0.5.71: ux, ci improvements, docs updates 2026-01-25 03:08:08 -08:00
Waleed
8bd5d41723 v0.5.70: router fix, anthropic agent response format adherence 2026-01-24 20:57:02 -08:00
Waleed
c12931bc50 v0.5.69: kb upgrades, blog, copilot improvements, auth consolidation (#2973) 
* fix(subflows): tag dropdown + resolution logic (#2949)

* fix(subflows): tag dropdown + resolution logic

* fixes;

* revert parallel change

* chore(deps): bump posthog-js to 1.334.1 (#2948)

* fix(idempotency): add conflict target to atomicallyClaimDb query + remove redundant db namespace tracking (#2950)

* fix(idempotency): add conflict target to atomicallyClaimDb query

* delete needs to account for namespace

* simplify namespace filtering logic

* fix cleanup

* consistent target

* improvement(kb): add document filtering, select all, and React Query migration (#2951)

* improvement(kb): add document filtering, select all, and React Query migration

* test(kb): update tests for enabledFilter and removed userId params

* fix(kb): remove non-null assertion, add explicit guard

* improvement(logs): trace span, details (#2952)

* improvement(action-bar): ordering

* improvement(logs): details, trace span

* feat(blog): v0.5 release post (#2953)

* feat(blog): v0.5 post

* improvement(blog): simplify title and remove code block header

- Simplified blog title from Introducing Sim Studio v0.5 to Introducing Sim v0.5
- Removed language label header and copy button from code blocks for cleaner appearance

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* ack PR comments

* small styling improvements

* created system to create post-specific components

* updated componnet

* cache invalidation

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* feat(admin): add credits endpoint to issue credits to users (#2954)

* feat(admin): add credits endpoint to issue credits to users

* fix(admin): use existing credit functions and handle enterprise seats

* fix(admin): reject NaN and Infinity in amount validation

* styling

* fix(admin): validate userId and email are strings

* improvement(copilot): fast mode, subagent tool responses and allow preferences (#2955)

* Improvements

* Fix actions mapping

* Remove console logs

* fix(billing): handle missing userStats and prevent crashes (#2956)

* fix(billing): handle missing userStats and prevent crashes

* fix(billing): correct import path for getFilledPillColor

* fix(billing): add Number.isFinite check to lastPeriodCost

* fix(logs): refresh logic to refresh logs details (#2958)

* fix(security): add authentication and input validation to API routes (#2959)

* fix(security): add authentication and input validation to API routes

* moved utils

* remove extraneous commetns

* removed unused dep

* improvement(helm): add internal ingress support and same-host path consolidation (#2960)

* improvement(helm): add internal ingress support and same-host path consolidation

* improvement(helm): clean up ingress template comments

Simplify verbose inline Helm comments and section dividers to match the
minimal style used in services.yaml.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix(helm): add missing copilot path consolidation for realtime host

When copilot.host equals realtime.host but differs from app.host,
copilot paths were not being routed. Added logic to consolidate
copilot paths into the realtime rule for this scenario.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* improvement(helm): follow ingress best practices

- Remove orphan comments that appeared when services were disabled
- Add documentation about path ordering requirements
- Paths rendered in order: realtime, copilot, app (specific before catch-all)
- Clean template output matching industry Helm chart standards

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* feat(blog): enterprise post (#2961)

* feat(blog): enterprise post

* added more images, styling

* more content

* updated v0-5 post

* remove unused transition

---------

Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>

* fix(envvars): resolution standardized (#2957)

* fix(envvars): resolution standardized

* remove comments

* address bugbot

* fix highlighting for env vars

* remove comments

* address greptile

* address bugbot

* fix(copilot): mask credentials fix (#2963)

* Fix copilot masking

* Clean up

* Lint

* improvement(webhooks): remove dead code (#2965)

* fix(webhooks): subscription recreation path

* improvement(webhooks): remove dead code

* fix tests

* address bugbot comments

* fix restoration edge case

* fix more edge cases

* address bugbot comments

* fix gmail polling

* add warnings for UI indication for credential sets

* fix(preview): subblock values (#2969)

* fix(child-workflow): nested spans handoff (#2966)

* fix(child-workflow): nested spans handoff

* remove overly defensive programming

* update type check

* type more code

* remove more dead code

* address bugbot comments

* fix(security): restrict API key access on internal-only routes (#2964)

* fix(security): restrict API key access on internal-only routes

* test(security): update function execute tests for checkInternalAuth

* updated agent handler

* move session check higher in checkSessionOrInternalAuth

* extracted duplicate code into helper for resolving user from jwt

* fix(copilot): update copilot chat title (#2968)

* fix(hitl): fix condition blocks after hitl (#2967)

* fix(notes): ghost edges (#2970)

* fix(notes): ghost edges

* fix deployed state fallback

* fallback

* remove UI level checks

* annotation missing from autoconnect source check

* improvement(docs): loop and parallel var reference syntax (#2975)

* fix(blog): slash actions description (#2976)

* improvement(docs): loop and parallel var reference syntax

* fix(blog): slash actions description

* fix(auth): copilot routes (#2977)

* Fix copilot auth

* Fix

* Fix

* Fix

* fix(copilot): fix edit summary for loops/parallels (#2978)

* fix(integrations): hide from tool bar (#2544)

* fix(landing): ui (#2979)

* fix(edge-validation): race condition on collaborative add (#2980)

* fix(variables): boolean type support and input improvements (#2981)

* fix(variables): boolean type support and input improvements

* fix formatting

---------

Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Emir Karabeg <78010029+emir-karabeg@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Siddharth Ganesan <33737564+Sg312@users.noreply.github.com>
Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>
 2026-01-24 14:29:53 -08:00
Waleed
e9c4251c1c v0.5.68: router block reasoning, executor improvements, variable resolution consolidation, helm updates (#2946) 
* improvement(workflow-item): stabilize avatar layout and fix name truncation (#2939)

* improvement(workflow-item): stabilize avatar layout and fix name truncation

* fix(avatars): revert overflow bg to hardcoded color for contrast

* fix(executor): stop parallel execution when block errors (#2940)

* improvement(helm): add per-deployment extraVolumes support (#2942)

* fix(gmail): expose messageId field in read email block (#2943)

* fix(resolver): consolidate reference resolution  (#2941)

* fix(resolver): consolidate code to resolve references

* fix edge cases

* use already formatted error

* fix multi index

* fix backwards compat reachability

* handle backwards compatibility accurately

* use shared constant correctly

* feat(router): expose reasoning output in router v2 block (#2945)

* fix(copilot): always allow, credential masking (#2947)

* Fix always allow, credential validation

* Credential masking

* Autoload

* fix(executor): handle condition dead-end branches in loops (#2944)

---------

Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Siddharth Ganesan <33737564+Sg312@users.noreply.github.com>
 2026-01-22 13:48:15 -08:00
Waleed
cc2be33d6b v0.5.67: loading, password reset, ui improvements, helm updates (#2928) 
* fix(zustand): updated to useShallow from deprecated createWithEqualityFn (#2919)

* fix(logger): use direct env access for webpack inlining (#2920)

* fix(notifications): text overflow with line-clamp (#2921)

* chore(helm): add env vars for Vertex AI, orgs, and telemetry (#2922)

* fix(auth): improve reset password flow and consolidate brand detection (#2924)

* fix(auth): improve reset password flow and consolidate brand detection

* fix(auth): set errorHandled for EMAIL_NOT_VERIFIED to prevent duplicate error

* fix(auth): clear success message on login errors

* chore(auth): fix import order per lint

* fix(action-bar): duplicate subflows with children (#2923)

* fix(action-bar): duplicate subflows with children

* fix(action-bar): add validateTriggerPaste for subflow duplicate

* fix(resolver): agent response format, input formats, root level (#2925)

* fix(resolvers): agent response format, input formats, root level

* fix response block initial seeding

* fix tests

* fix(messages-input): fix cursor alignment and auto-resize with overlay (#2926)

* fix(messages-input): fix cursor alignment and auto-resize with overlay

* fixed remaining zustand warnings

* fix(stores): remove dead code causing log spam on startup (#2927)

* fix(stores): remove dead code causing log spam on startup

* fix(stores): replace custom tools zustand store with react query cache

* improvement(ui): use BrandedButton and BrandedLink components (#2930)

- Refactor auth forms to use BrandedButton component
- Add BrandedLink component for changelog page
- Reduce code duplication in login, signup, reset-password forms
- Update star count default value

* fix(custom-tools): remove unsafe title fallback in getCustomTool (#2929)

* fix(custom-tools): remove unsafe title fallback in getCustomTool

* fix(custom-tools): restore title fallback in getCustomTool lookup

Custom tools are referenced by title (custom_${title}), not database ID.
The title fallback is required for client-side tool resolution to work.

* fix(null-bodies): empty bodies handling (#2931)

* fix(null-statuses): empty bodies handling

* address bugbot comment

* fix(token-refresh): microsoft, notion, x, linear (#2933)

* fix(microsoft): proactive refresh needed

* fix(x): missing token refresh flag

* notion and linear missing flag too

* address bugbot comment

* fix(auth): handle EMAIL_NOT_VERIFIED in onError callback (#2932)

* fix(auth): handle EMAIL_NOT_VERIFIED in onError callback

* refactor(auth): extract redirectToVerify helper to reduce duplication

* fix(workflow-selector): use dedicated selector for workflow dropdown (#2934)

* feat(workflow-block): preview (#2935)

* improvement(copilot): tool configs to show nested props (#2936)

* fix(auth): add genericOAuth providers to trustedProviders (#2937)

---------

Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Emir Karabeg <78010029+emir-karabeg@users.noreply.github.com>
 2026-01-21 22:53:25 -08:00
Vikhyath Mondreti
45371e521e v0.5.66: external http requests fix, ring highlighting 2026-01-21 02:55:39 -08:00
Waleed
0ce0f98aa5 v0.5.65: gemini updates, textract integration, ui updates (#2909) 
* fix(google): wrap primitive tool responses for Gemini API compatibility (#2900)

* fix(canonical): copilot path + update parent (#2901)

* fix(rss): add top-level title, link, pubDate fields to RSS trigger output (#2902)

* fix(rss): add top-level title, link, pubDate fields to RSS trigger output

* fix(imap): add top-level fields to IMAP trigger output

* improvement(browseruse): add profile id param (#2903)

* improvement(browseruse): add profile id param

* make request a stub since we have directExec

* improvement(executor): upgraded abort controller to handle aborts for loops and parallels (#2880)

* improvement(executor): upgraded abort controller to handle aborts for loops and parallels

* comments

* improvement(files): update execution for passing base64 strings (#2906)

* progress

* improvement(execution): update execution for passing base64 strings

* fix types

* cleanup comments

* path security vuln

* reject promise correctly

* fix redirect case

* remove proxy routes

* fix tests

* use ipaddr

* feat(tools): added textract, added v2 for mistral, updated tag dropdown (#2904)

* feat(tools): added textract

* cleanup

* ack pr comments

* reorder

* removed upload for textract async version

* fix additional fields dropdown in editor, update parser to leave validation to be done on the server

* added mistral v2, files v2, and finalized textract

* updated the rest of the old file patterns, updated mistral outputs for v2

* updated tag dropdown to parse non-operation fields as well

* updated extension finder

* cleanup

* added description for inputs to workflow

* use helper for internal route check

* fix tag dropdown merge conflict change

* remove duplicate code

---------

Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>

* fix(ui): change add inputs button to match output selector (#2907)

* fix(canvas): removed invite to workspace from canvas popover (#2908)

* fix(canvas): removed invite to workspace

* removed unused props

* fix(copilot): legacy tool display names (#2911)

* fix(a2a): canonical merge  (#2912)

* fix canonical merge

* fix empty array case

* fix(change-detection): copilot diffs have extra field (#2913)

* improvement(logs): improved logs ui bugs, added subflow disable UI (#2910)

* improvement(logs): improved logs ui bugs, added subflow disable UI

* added duplicate to action bar for subflows

* feat(broadcast): email v0.5 (#2905)

---------

Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>
Co-authored-by: Emir Karabeg <78010029+emir-karabeg@users.noreply.github.com>
 2026-01-20 23:54:55 -08:00
Waleed
dff1c9d083 v0.5.64: unsubscribe, search improvements, metrics, additional SSO configuration 2026-01-20 00:34:11 -08:00
Vikhyath Mondreti
b09f683072 v0.5.63: ui and performance improvements, more google tools 2026-01-18 15:22:42 -08:00
Vikhyath Mondreti
a8bb0db660 v0.5.62: webhook bug fixes, seeding default subblock values, block selection fixes 2026-01-16 20:27:06 -08:00
Waleed
af82820a28 v0.5.61: webhook improvements, workflow controls, react query for deployment status, chat fixes, reducto and pulse OCR, linear fixes 2026-01-16 18:06:23 -08:00
Waleed
4372841797 v0.5.60: invitation flow improvements, chat fixes, a2a improvements, additional copilot actions 2026-01-15 00:02:18 -08:00
Waleed
5e8c843241 v0.5.59: a2a support, documentation 2026-01-13 13:21:21 -08:00
Waleed
7bf3d73ee6 v0.5.58: export folders, new tools, permissions groups enhancements 2026-01-13 00:56:59 -08:00
Vikhyath Mondreti
7ffc11a738 v0.5.57: subagents, context menu improvements, bug fixes 2026-01-11 11:38:40 -08:00
Waleed
be578e2ed7 v0.5.56: batch operations, access control and permission groups, billing fixes 2026-01-10 00:31:34 -08:00
Waleed
f415e5edc4 v0.5.55: polling groups, bedrock provider, devcontainer fixes, workflow preview enhancements 2026-01-08 23:36:56 -08:00
Waleed
13a6e6c3fa v0.5.54: seo, model blacklist, helm chart updates, fireflies integration, autoconnect improvements, billing fixes 2026-01-07 16:09:45 -08:00
Waleed
f5ab7f21ae v0.5.53: hotkey improvements, added redis fallback, fixes for workflow tool 2026-01-06 23:34:52 -08:00
Waleed
bfb6fffe38 v0.5.52: new port-based router block, combobox expression and variable support 2026-01-06 16:14:10 -08:00
Waleed
4fbec0a43f v0.5.51: triggers, kb, condition block improvements, supabase and grain integration updates 2026-01-06 14:26:46 -08:00
Waleed
585f5e365b v0.5.50: import improvements, ui upgrades, kb styling and performance improvements 2026-01-05 00:35:55 -08:00
Waleed
3792bdd252 v0.5.49: hitl improvements, new email styles, imap trigger, logs context menu (#2672) 
* feat(logs-context-menu): consolidated logs utils and types, added logs record context menu (#2659)

* feat(email): welcome email; improvement(emails): ui/ux (#2658)

* feat(email): welcome email; improvement(emails): ui/ux

* improvement(emails): links, accounts, preview

* refactor(emails): file structure and wrapper components

* added envvar for personal emails sent, added isHosted gate

* fixed failing tests, added env mock

* fix: removed comment

---------

Co-authored-by: waleed <walif6@gmail.com>

* fix(logging): hitl + trigger dev crash protection (#2664)

* hitl gaps

* deal with trigger worker crashes

* cleanup import strcuture

* feat(imap): added support for imap trigger (#2663)

* feat(tools): added support for imap trigger

* feat(imap): added parity, tested

* ack PR comments

* final cleanup

* feat(i18n): update translations (#2665)

Co-authored-by: waleedlatif1 <waleedlatif1@users.noreply.github.com>

* fix(grain): updated grain trigger to auto-establish trigger (#2666)

Co-authored-by: aadamgough <adam@sim.ai>

* feat(admin): routes to manage deployments (#2667)

* feat(admin): routes to manage deployments

* fix naming fo deployed by

* feat(time-picker): added timepicker emcn component, added to playground, added searchable prop for dropdown, added more timezones for schedule, updated license and notice date (#2668)

* feat(time-picker): added timepicker emcn component, added to playground, added searchable prop for dropdown, added more timezones for schedule, updated license and notice date

* removed unused params, cleaned up redundant utils

* improvement(invite): aligned styling (#2669)

* improvement(invite): aligned with rest of app

* fix(invite): error handling

* fix: addressed comments

---------

Co-authored-by: Emir Karabeg <78010029+emir-karabeg@users.noreply.github.com>
Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: waleedlatif1 <waleedlatif1@users.noreply.github.com>
Co-authored-by: Adam Gough <77861281+aadamgough@users.noreply.github.com>
Co-authored-by: aadamgough <adam@sim.ai>
 2026-01-03 13:19:18 -08:00
Waleed
eb5d1f3e5b v0.5.48: copy-paste workflow blocks, docs updates, mcp tool fixes 2025-12-31 18:00:04 -08:00
Waleed
54ab82c8dd v0.5.47: deploy workflow as mcp, kb chunks tokenizer, UI improvements, jira service management tools 2025-12-30 23:18:58 -08:00
Waleed
f895bf469b v0.5.46: build improvements, greptile, light mode improvements 2025-12-29 02:17:52 -08:00
Waleed
dd3209af06 v0.5.45: light mode fixes, realtime usage indicator, docker build improvements 2025-12-27 19:57:42 -08:00
Waleed
b6ba3b50a7 v0.5.44: keyboard shortcuts, autolayout, light mode, byok, testing improvements 2025-12-26 21:25:19 -08:00
Waleed
b304233062 v0.5.43: export logs, circleback, grain, vertex, code hygiene, schedule improvements 2025-12-23 19:19:18 -08:00
Vikhyath Mondreti
57e4b49bd6 v0.5.42: fix memory migration 2025-12-23 01:24:54 -08:00
Vikhyath Mondreti
e12dd204ed v0.5.41: memory fixes, copilot improvements, knowledgebase improvements, LLM providers standardization 2025-12-23 00:15:18 -08:00
Vikhyath Mondreti
3d9d9cbc54 v0.5.40: supabase ops to allow non-public schemas, jira uuid 2025-12-21 22:28:05 -08:00
Waleed
0f4ec962ad v0.5.39: notion, workflow variables fixes 2025-12-20 20:44:00 -08:00
Waleed
4827866f9a v0.5.38: snap to grid, copilot ux improvements, billing line items 2025-12-20 17:24:38 -08:00
Waleed
3e697d9ed9 v0.5.37: redaction utils consolidation, logs updates, autoconnect improvements, additional kb tag types 2025-12-19 22:31:55 -08:00
Martin Yankov
4431a1a484 fix(helm): add custom egress rules to realtime network policy (#2481) 
The realtime service network policy was missing the custom egress rules section
that allows configuration of additional egress rules via values.yaml. This caused
the realtime pods to be unable to connect to external databases (e.g., PostgreSQL
on port 5432) when using external database configurations.

The app network policy already had this section, but the realtime network policy
was missing it, creating an inconsistency and preventing the realtime service
from accessing external databases configured via networkPolicy.egress values.

This fix adds the same custom egress rules template section to the realtime
network policy, matching the app network policy behavior and allowing users to
configure database connectivity via values.yaml.
 2025-12-19 18:59:08 -08:00
Waleed
4d1a9a3f22 v0.5.36: hitl improvements, opengraph, slack fixes, one-click unsubscribe, auth checks, new db indexes 2025-12-19 01:27:49 -08:00
Vikhyath Mondreti
eb07a080fb v0.5.35: helm updates, copilot improvements, 404 for docs, salesforce fixes, subflow resize clamping 2025-12-18 16:23:19 -08:00
459 changed files with 20397 additions and 54646 deletions
Expand all files Collapse all files

81
apps/docs/components/icons.tsx
View File

@@ -1131,32 +1131,6 @@ export function AirtableIcon(props: SVGProps<SVGSVGElement>) {
)
}
export function AirweaveIcon(props: SVGProps<SVGSVGElement>) {
return (
<svg
{...props}
width='143'
height='143'
viewBox='0 0 143 143'
fill='none'
xmlns='http://www.w3.org/2000/svg'
>
<path
d='M89.8854 128.872C79.9165 123.339 66.7502 115.146 60.5707 107.642L60.0432 107.018C58.7836 105.5 57.481 104.014 56.1676 102.593C51.9152 97.9641 47.3614 93.7978 42.646 90.2021C40.7405 88.7487 38.7704 87.3492 36.8111 86.0789C35.7991 85.4222 34.8302 84.8193 33.9151 84.2703C31.6221 82.903 28.8338 82.5263 26.2716 83.2476C23.8385 83.9366 21.89 85.5406 20.7596 87.7476C18.5634 92.0323 20.0814 97.3289 24.2046 99.805C27.5204 101.786 30.7608 104.111 33.8398 106.717C34.2381 107.05 34.3996 107.578 34.2596 108.062C33.1292 112.185 31.9989 118.957 31.5682 121.67C30.6424 127.429 33.4737 133.081 38.5982 135.751L38.7812 135.848C41.0204 137 43.6472 136.946 45.8219 135.697C47.9858 134.459 49.353 132.231 49.4822 129.733C49.536 128.657 49.6006 127.58 49.676 126.59C49.719 126.062 50.042 125.632 50.5264 125.459C50.6772 125.406 50.8494 125.373 51.0001 125.373C51.3554 125.373 51.6784 125.513 51.9475 125.782C56.243 130.185 60.8829 134.169 65.7167 137.625C70.3674 140.951 75.8686 142.706 81.639 142.706C83.7383 142.706 85.8376 142.469 87.8938 141.995L88.1199 141.942C90.9943 141.274 93.029 139.024 93.4488 136.085C93.8687 133.146 92.4476 130.315 89.8747 128.883H89.8639L89.8854 128.872Z'
fill='currentColor'
/>
<path
d='M142.551 58.1747L142.529 58.0563C142.045 55.591 140.118 53.7069 137.598 53.2548C135.112 52.8134 132.754 53.8577 131.484 55.9893L131.408 56.1077C126.704 64.1604 120.061 71.6101 111.653 78.2956C109.446 80.0504 107.293 81.902 105.226 83.8075C103.644 85.2717 101.265 85.53 99.4452 84.4212C97.6474 83.3339 95.8495 82.1389 94.1055 80.8686C90.3268 78.1233 86.6772 74.9475 83.2753 71.4271C81.4989 69.597 79.798 67.6915 78.1939 65.7321C76.0408 63.1161 73.7477 60.5539 71.3685 58.1316C66.3195 52.9857 56.6089 45.9127 53.7453 43.878C53.3792 43.6304 53.1639 43.2428 53.0993 42.8014C53.0455 42.3601 53.1639 41.9509 53.4546 41.6064C55.274 39.4318 56.9965 37.1818 58.5683 34.921C60.2369 32.5311 60.786 29.6028 60.0862 26.8899C59.408 24.2523 57.6424 22.11 55.134 20.8827C50.9139 18.7942 45.8972 20.0968 43.2273 23.9293C40.8373 27.3636 38.0167 30.7332 34.8732 33.9306C34.5718 34.232 34.1304 34.3397 33.7213 34.1889C30.5239 33.1447 27.2296 32.2942 23.9461 31.659C23.7093 31.616 23.354 31.5514 22.9126 31.4975C16.4102 30.5286 10.1123 33.7798 7.21639 39.5717L7.1195 39.7548C6.18289 41.628 6.26902 43.8349 7.32405 45.6651C8.40061 47.5167 10.3277 48.701 12.4592 48.8194C13.4604 48.8732 14.4401 48.9378 15.3659 49.0024C15.7966 49.0347 16.1411 49.2823 16.3025 49.6914C16.4533 50.1112 16.3671 50.5419 16.0657 50.8541C12.147 54.8804 8.60515 59.1974 5.5262 63.6867C1.1446 70.0814 -0.481008 78.2095 1.08 85.9822L1.10154 86.1006C1.70441 89.0719 4.05131 91.2035 7.07644 91.5264C9.98315 91.8386 12.6099 90.3208 13.7619 87.6724L13.8265 87.5109C18.6925 75.8625 26.7559 65.5168 37.7907 56.7536C38.3182 56.3445 39.0072 56.28 39.567 56.5922C45.3373 59.768 50.8601 63.902 55.9738 68.8864C56.5982 69.4893 56.6089 70.5013 56.0168 71.1257C53.4761 73.8063 51.0862 76.6054 48.9115 79.469C47.2106 81.7083 47.5335 84.8949 49.6221 86.7358L53.3254 89.9977L53.2824 90.0409C53.8637 90.5576 54.445 91.0744 55.0264 91.5911L55.8123 92.194C56.9319 93.1844 58.3529 93.6365 59.8386 93.4858C61.3027 93.3351 62.67 92.56 63.5635 91.3758C65.1353 89.2873 66.8578 87.2525 68.6556 85.304C68.957 84.9702 69.3661 84.798 69.8075 84.7872C70.2705 84.7872 70.6257 84.9379 70.9164 85.2286C75.8147 90.0624 81.1114 94.3686 86.6772 97.9966C88.8626 99.4176 89.4978 102.26 88.1306 104.477C86.9248 106.448 85.7729 108.493 84.7179 110.539C83.5014 112.918 83.2968 115.738 84.1688 118.257C84.9978 120.68 86.7095 122.585 88.981 123.64C90.2514 124.232 91.5971 124.534 92.9859 124.534C96.5062 124.534 99.682 122.596 101.286 119.452C102.729 116.61 104.419 113.8 106.281 111.131C107.369 109.559 109.36 108.838 111.255 109.322C115.26 110.355 120.643 111.421 124.454 112.143C128.308 112.864 132.119 111.023 133.96 107.578L134.143 107.233C135.521 104.628 135.531 101.506 134.164 98.8901C132.786 96.2526 130.181 94.4655 127.21 94.121C126.478 94.0349 125.778 93.9488 125.11 93.8626C124.97 93.8411 124.852 93.8196 124.744 93.798L123.356 93.4751L124.357 92.4523C124.432 92.377 124.529 92.2801 124.658 92.194C128.771 88.8028 132.571 85.1963 135.962 81.4714C141.668 75.1951 144.122 66.4965 142.518 58.1747H142.529H142.551Z'
fill='currentColor'
/>
<path
d='M56.6506 14.3371C65.5861 19.6338 77.4067 27.3743 82.9833 34.1674C83.64 34.9532 84.2967 35.7391 84.9534 36.4927C86.1591 37.8815 86.2991 39.8731 85.2979 41.4233C83.4892 44.2116 81.4115 46.9569 79.1399 49.5945C77.4713 51.5107 77.4067 54.3098 78.9785 56.2476L79.0431 56.323C79.2261 56.5598 79.4306 56.8074 79.6136 57.0442C81.2931 59.1758 83.0801 61.2213 84.9211 63.1375C85.9007 64.1603 87.2249 64.7309 88.6352 64.7309L88.7644 65.5275L88.7429 64.7309C90.207 64.6986 91.6173 64.0526 92.5969 62.933C94.8362 60.4031 96.9247 57.744 98.8302 55.0633C100.133 53.2224 102.63 52.8026 104.525 54.1052C106.463 55.4402 108.465 56.7105 110.457 57.8839C112.793 59.2511 115.614 59.5095 118.165 58.5621C120.749 57.604 122.762 55.5694 123.656 52.9533C125.055 48.9055 123.257 44.2547 119.382 41.9078C116.755 40.3145 114.15 38.5166 111.674 36.5788C110.382 35.5561 109.833 33.8767 110.296 32.2941C111.437 28.3001 112.481 23.1218 113.148 19.4831C113.837 15.7259 112.147 11.8826 108.939 9.94477L108.562 9.72944C105.871 8.12537 102.587 8.00696 99.7668 9.40649C96.9247 10.8168 95.03 13.5405 94.6855 16.6733L94.6639 16.867C94.6209 17.2546 94.384 17.5453 94.018 17.6637C93.652 17.7821 93.2859 17.6852 93.0168 17.4269C89.0012 13.1422 84.738 9.25576 80.3134 5.8646C74.3708 1.31075 66.7811 -0.583999 59.4928 0.675575L59.1805 0.729423C56.1124 1.2677 53.7547 3.60383 53.1949 6.68279C52.6351 9.72946 53.9915 12.7223 56.6722 14.3048H56.6614L56.6506 14.3371Z'
fill='currentColor'
/>
</svg>
)
}
export function GoogleDocsIcon(props: SVGProps<SVGSVGElement>) {
return (
<svg
@@ -5462,58 +5436,3 @@ export function EnrichSoIcon(props: SVGProps<SVGSVGElement>) {
</svg>
)
}
export function AgentSkillsIcon(props: SVGProps<SVGSVGElement>) {
return (
<svg
{...props}
xmlns='http://www.w3.org/2000/svg'
width='16'
height='16'
viewBox='0 0 16 16'
fill='none'
>
<path
d='M8 1L14.0622 4.5V11.5L8 15L1.93782 11.5V4.5L8 1Z'
stroke='currentColor'
strokeWidth='1.5'
fill='none'
/>
<path d='M8 4.5L11 6.25V9.75L8 11.5L5 9.75V6.25L8 4.5Z' fill='currentColor' />
</svg>
)
}
export function OnePasswordIcon(props: SVGProps<SVGSVGElement>) {
return (
<svg {...props} viewBox='0 0 48 48' xmlns='http://www.w3.org/2000/svg' fill='none'>
<circle
cx='24'
cy='24'
r='21.5'
stroke='#000000'
strokeLinecap='round'
strokeLinejoin='round'
/>
<path
d='M28.083,17.28a7.8633,7.8633,0,0,1,0,13.44'
stroke='#000000'
strokeLinecap='round'
strokeLinejoin='round'
/>
<path
d='M19.917,30.72a7.8633,7.8633,0,0,1,0-13.44'
stroke='#000000'
strokeLinecap='round'
strokeLinejoin='round'
/>
<path
d='M26.067,10.43H21.933a2.0172,2.0172,0,0,0-2.016,2.016v6.36c2.358,1.281,2.736,2.562,0,3.843V35.574a2.0169,2.0169,0,0,0,2.016,2.015h4.134a2.0169,2.0169,0,0,0,2.016-2.015V29.213c-2.358-1.281-2.736-2.562,0-3.842V12.446A2.0172,2.0172,0,0,0,26.067,10.43Z'
fill='#000000'
stroke='#000000'
strokeLinecap='round'
strokeLinejoin='round'
/>
</svg>
)
}

4
apps/docs/components/ui/icon-mapping.ts
View File

@@ -7,7 +7,6 @@ import {
A2AIcon,
AhrefsIcon,
AirtableIcon,
AirweaveIcon,
ApifyIcon,
ApolloIcon,
ArxivIcon,
@@ -80,7 +79,6 @@ import {
MySQLIcon,
Neo4jIcon,
NotionIcon,
OnePasswordIcon,
OpenAIIcon,
OutlookIcon,
PackageSearchIcon,
@@ -143,7 +141,6 @@ export const blockTypeToIconMap: Record<string, IconComponent> = {
a2a: A2AIcon,
ahrefs: AhrefsIcon,
airtable: AirtableIcon,
airweave: AirweaveIcon,
apify: ApifyIcon,
apollo: ApolloIcon,
arxiv: ArxivIcon,
@@ -215,7 +212,6 @@ export const blockTypeToIconMap: Record<string, IconComponent> = {
neo4j: Neo4jIcon,
notion_v2: NotionIcon,
onedrive: MicrosoftOneDriveIcon,
onepassword: OnePasswordIcon,
openai: OpenAIIcon,
outlook: OutlookIcon,
parallel_ai: ParallelIcon,

98
apps/docs/content/docs/en/copilot/index.mdx
View File

@@ -56,7 +56,7 @@ Switch between modes using the mode selector at the bottom of the input area.
Select your preferred AI model using the model selector at the bottom right of the input area.
**Available Models:**
- Claude 4.6 Opus (default), 4.5 Opus, Sonnet, Haiku
- Claude 4.5 Opus, Sonnet (default), Haiku
- GPT 5.2 Codex, Pro
- Gemini 3 Pro
@@ -190,99 +190,3 @@ Copilot usage is billed per token from the underlying LLM. If you reach your usa
<Callout type="info">
See the [Cost Calculation page](/execution/costs) for billing details.
</Callout>
## Copilot MCP
You can use Copilot as an MCP server in your favorite editor or AI client. This lets you build, test, deploy, and manage Sim workflows directly from tools like Cursor, Claude Code, Claude Desktop, and VS Code.
### Generating a Copilot API Key
To connect to the Copilot MCP server, you need a **Copilot API key**:
1. Go to [sim.ai](https://sim.ai) and sign in
2. Navigate to **Settings** → **Copilot**
3. Click **Generate API Key**
4. Copy the key — it is only shown once
The key will look like `sk-sim-copilot-...`. You will use this in the configuration below.
### Cursor
Add the following to your `.cursor/mcp.json` (project-level) or global Cursor MCP settings:
```json
{
"mcpServers": {
"sim-copilot": {
"url": "https://www.sim.ai/api/mcp/copilot",
"headers": {
"X-API-Key": "YOUR_COPILOT_API_KEY"
}
}
}
}
```
Replace `YOUR_COPILOT_API_KEY` with the key you generated above.
### Claude Code
Run the following command to add the Copilot MCP server:
```bash
claude mcp add sim-copilot \
--transport http \
https://www.sim.ai/api/mcp/copilot \
--header "X-API-Key: YOUR_COPILOT_API_KEY"
```
Replace `YOUR_COPILOT_API_KEY` with your key.
### Claude Desktop
Claude Desktop requires [`mcp-remote`](https://www.npmjs.com/package/mcp-remote) to connect to HTTP-based MCP servers. Add the following to your Claude Desktop config file (`~/Library/Application Support/Claude/claude_desktop_config.json` on macOS):
```json
{
"mcpServers": {
"sim-copilot": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://www.sim.ai/api/mcp/copilot",
"--header",
"X-API-Key: YOUR_COPILOT_API_KEY"
]
}
}
}
```
Replace `YOUR_COPILOT_API_KEY` with your key.
### VS Code
Add the following to your VS Code `settings.json` or workspace `.vscode/settings.json`:
```json
{
"mcp": {
"servers": {
"sim-copilot": {
"type": "http",
"url": "https://www.sim.ai/api/mcp/copilot",
"headers": {
"X-API-Key": "YOUR_COPILOT_API_KEY"
}
}
}
}
}
```
Replace `YOUR_COPILOT_API_KEY` with your key.
<Callout type="info">
For self-hosted deployments, replace `https://www.sim.ai` with your self-hosted Sim URL.
</Callout>

1
apps/docs/content/docs/en/meta.json
View File

@@ -10,7 +10,6 @@
"connections",
"mcp",
"copilot",
"skills",
"knowledgebase",
"variables",
"execution",

134
apps/docs/content/docs/en/skills/index.mdx
View File

@@ -1,134 +0,0 @@
---
title: Agent Skills
---
import { Callout } from 'fumadocs-ui/components/callout'
Agent Skills are reusable packages of instructions that give your AI agents specialized capabilities. Based on the open [Agent Skills](https://agentskills.io) format, skills let you capture domain expertise, workflows, and best practices that agents can load on demand.
## How Skills Work
Skills use **progressive disclosure** to keep agent context lean:
1. **Discovery** — Only skill names and descriptions are included in the agent's system prompt (~50-100 tokens each)
2. **Activation** — When the agent decides a skill is relevant, it calls the `load_skill` tool to load the full instructions into context
3. **Execution** — The agent follows the loaded instructions to complete the task
This means you can attach many skills to an agent without bloating its context window. The agent only loads what it needs.
## Creating Skills
Go to **Settings** and select **Skills** under the Tools section.
![Manage Skills](/static/skills/manage-skills.png)
Click **Add** to create a new skill with three fields:
| Field | Description |
|-------|-------------|
| **Name** | A kebab-case identifier (e.g. `sql-expert`, `code-reviewer`). Max 64 characters. |
| **Description** | A short explanation of what the skill does and when to use it. This is what the agent reads to decide whether to activate the skill. Max 1024 characters. |
| **Content** | The full skill instructions in markdown. This is loaded when the agent activates the skill. |
<Callout type="info">
The description is critical — it's the only thing the agent sees before deciding to load a skill. Be specific about when and why the skill should be used.
</Callout>
### Writing Good Skill Content
Skill content follows the same conventions as [SKILL.md files](https://agentskills.io/specification):
```markdown
# SQL Expert
## When to use this skill
Use when the user asks you to write, optimize, or debug SQL queries.
## Instructions
1. Always ask which database engine (PostgreSQL, MySQL, SQLite)
2. Use CTEs over subqueries for readability
3. Add index recommendations when relevant
4. Explain query plans for optimization requests
## Common Patterns
...
```
**Recommended structure:**
- **When to use** — Specific triggers and scenarios
- **Instructions** — Step-by-step guidance with numbered lists
- **Examples** — Input/output samples showing expected behavior
- **Common Patterns** — Reusable approaches for frequent tasks
- **Edge Cases** — Gotchas and special considerations
Keep skills focused and under 500 lines. If a skill grows too large, split it into multiple specialized skills.
## Adding Skills to an Agent
Open any **Agent** block and find the **Skills** dropdown below the tools section. Select the skills you want the agent to have access to.
![Add Skill](/static/skills/add-skill.png)
Selected skills appear as cards that you can click to edit or remove.
### What Happens at Runtime
When the workflow runs:
1. The agent's system prompt includes an `<available_skills>` section listing each skill's name and description
2. A `load_skill` tool is automatically added to the agent's available tools
3. When the agent determines a skill is relevant to the current task, it calls `load_skill` with the skill name
4. The full skill content is returned as a tool response, giving the agent detailed instructions
This works across all supported LLM providers — the `load_skill` tool uses standard tool-calling, so no provider-specific configuration is needed.
## Common Use Cases
Skills are most valuable when agents need specialized knowledge or multi-step workflows:
**Domain Expertise**
- `api-integration-expert` — Best practices for calling specific APIs (authentication, rate limiting, error handling)
- `data-transformation` — ETL patterns, data cleaning, and validation rules
- `code-reviewer` — Code review guidelines specific to your team's standards
**Workflow Templates**
- `bug-investigation` — Step-by-step debugging methodology (reproduce → isolate → test → fix)
- `feature-implementation` — Development workflow from requirements to deployment
- `document-generator` — Templates and formatting rules for technical documentation
**Company-Specific Knowledge**
- `our-architecture` — System architecture diagrams, service dependencies, and deployment processes
- `style-guide` — Brand guidelines, writing tone, UI/UX patterns
- `customer-onboarding` — Standard procedures and common customer questions
**When to use skills vs. agent instructions:**
- Use **skills** for knowledge that applies across multiple workflows or changes frequently
- Use **agent instructions** for task-specific context that's unique to a single agent
## Best Practices
**Writing Effective Descriptions**
- **Be specific and keyword-rich** — Instead of "Helps with SQL", write "Write optimized SQL queries for PostgreSQL, MySQL, and SQLite, including index recommendations and query plan analysis"
- **Include activation triggers** — Mention specific words or phrases that should prompt the skill (e.g., "Use when the user mentions PDFs, forms, or document extraction")
- **Keep it under 200 words** — Agents scan descriptions quickly; make every word count
**Skill Scope and Organization**
- **One skill per domain** — A focused `sql-expert` skill works better than a broad `database-everything` skill
- **Limit to 5-10 skills per agent** — More skills = more decision overhead; start small and add as needed
- **Split large skills** — If a skill exceeds 500 lines, break it into focused sub-skills
**Content Structure**
- **Use markdown formatting** — Headers, lists, and code blocks help agents parse and follow instructions
- **Provide examples** — Show input/output pairs so agents understand expected behavior
- **Be explicit about edge cases** — Don't assume agents will infer special handling
**Testing and Iteration**
- **Test activation** — Run your workflow and verify the agent loads the skill when expected
- **Check for false positives** — Make sure skills aren't activating when they shouldn't
- **Refine descriptions** — If a skill isn't loading when needed, add more keywords to the description
## Learn More
- [Agent Skills specification](https://agentskills.io) — The open format for portable agent skills
- [Example skills](https://github.com/anthropics/skills) — Browse community skill examples
- [Best practices](https://agentskills.io/what-are-skills) — Writing effective skills

68
apps/docs/content/docs/en/tools/airweave.mdx
View File

@@ -1,68 +0,0 @@
---
title: Airweave
description: Search your synced data collections
---
import { BlockInfoCard } from "@/components/ui/block-info-card"
<BlockInfoCard
type="airweave"
color="#6366F1"
/>
{/* MANUAL-CONTENT-START:intro */}
[Airweave](https://airweave.ai/) is an AI-powered semantic search platform that helps you discover and retrieve knowledge across all your synced data sources. Built for modern teams, Airweave enables fast, relevant search results using neural, hybrid, or keyword-based strategies tailored to your needs.
With Airweave, you can:
- **Search smarter**: Use natural language queries to uncover information stored across your connected tools and databases
- **Unify your data**: Seamlessly access content from sources like code, docs, chat, emails, cloud files, and more
- **Customize retrieval**: Select between hybrid (semantic + keyword), neural, or keyword search strategies for optimal results
- **Boost recall**: Expand search queries with AI to find more comprehensive answers
- **Rerank results using AI**: Prioritize the most relevant answers with powerful language models
- **Get instant answers**: Generate clear, AI-powered responses synthesized from your data
In Sim, the Airweave integration empowers your agents to search, summarize, and extract insights from all your organizations data via a single tool. Use Airweave to drive rich, contextual knowledge retrieval within your workflows—whether answering questions, generating summaries, or supporting dynamic decision-making.
{/* MANUAL-CONTENT-END */}
## Usage Instructions
Search across your synced data sources using Airweave. Supports semantic search with hybrid, neural, or keyword retrieval strategies. Optionally generate AI-powered answers from search results.
## Tools
### `airweave_search`
Search your synced data collections using Airweave. Supports semantic search with hybrid, neural, or keyword retrieval strategies. Optionally generate AI-powered answers from search results.
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `apiKey` | string | Yes | Airweave API Key for authentication |
| `collectionId` | string | Yes | The readable ID of the collection to search |
| `query` | string | Yes | The search query text |
| `limit` | number | No | Maximum number of results to return \(default: 100\) |
| `retrievalStrategy` | string | No | Retrieval strategy: hybrid \(default\), neural, or keyword |
| `expandQuery` | boolean | No | Generate query variations to improve recall |
| `rerank` | boolean | No | Reorder results for improved relevance using LLM |
| `generateAnswer` | boolean | No | Generate a natural-language answer to the query |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `results` | array | Search results with content, scores, and metadata from your synced data |
| ↳ `entity_id` | string | Unique identifier for the search result entity |
| ↳ `source_name` | string | Name of the data source \(e.g., "GitHub", "Slack"\) |
| ↳ `md_content` | string | Markdown-formatted content of the result |
| ↳ `score` | number | Relevance score from the search |
| ↳ `metadata` | object | Additional metadata associated with the result |
| ↳ `breadcrumbs` | array | Navigation path to the result within its source |
| ↳ `url` | string | URL to the original content |
| `completion` | string | AI-generated answer to the query \(when generateAnswer is enabled\) |

511
apps/docs/content/docs/en/tools/jira.mdx
View File

@@ -43,6 +43,7 @@ Retrieve detailed information about a specific Jira issue
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `projectId` | string | No | Jira project key \(e.g., PROJ\). Optional when retrieving a single issue. |
| `issueKey` | string | Yes | Jira issue key to retrieve \(e.g., PROJ-123\) |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
@@ -50,184 +51,13 @@ Retrieve detailed information about a specific Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `id` | string | Issue ID |
| `key` | string | Issue key \(e.g., PROJ-123\) |
| `self` | string | REST API URL for this issue |
| `summary` | string | Issue summary |
| `description` | string | Issue description text \(extracted from ADF\) |
| `status` | object | Issue status |
| ↳ `id` | string | Status ID |
| ↳ `name` | string | Status name \(e.g., Open, In Progress, Done\) |
| ↳ `description` | string | Status description |
| ↳ `statusCategory` | object | Status category grouping |
| ↳ `id` | number | Status category ID |
| ↳ `key` | string | Status category key \(e.g., new, indeterminate, done\) |
| ↳ `name` | string | Status category name \(e.g., To Do, In Progress, Done\) |
| ↳ `colorName` | string | Status category color \(e.g., blue-gray, yellow, green\) |
| `issuetype` | object | Issue type |
| ↳ `id` | string | Issue type ID |
| ↳ `name` | string | Issue type name \(e.g., Task, Bug, Story, Epic\) |
| ↳ `description` | string | Issue type description |
| ↳ `subtask` | boolean | Whether this is a subtask type |
| ↳ `iconUrl` | string | URL to the issue type icon |
| `project` | object | Project the issue belongs to |
| ↳ `id` | string | Project ID |
| ↳ `key` | string | Project key \(e.g., PROJ\) |
| ↳ `name` | string | Project name |
| ↳ `projectTypeKey` | string | Project type key \(e.g., software, business\) |
| `priority` | object | Issue priority |
| ↳ `id` | string | Priority ID |
| ↳ `name` | string | Priority name \(e.g., Highest, High, Medium, Low, Lowest\) |
| ↳ `iconUrl` | string | URL to the priority icon |
| `assignee` | object | Assigned user |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `reporter` | object | Reporter user |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `creator` | object | Issue creator |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `labels` | array | Issue labels |
| `components` | array | Issue components |
| ↳ `id` | string | Component ID |
| ↳ `name` | string | Component name |
| ↳ `description` | string | Component description |
| `fixVersions` | array | Fix versions |
| ↳ `id` | string | Version ID |
| ↳ `name` | string | Version name |
| ↳ `released` | boolean | Whether the version is released |
| ↳ `releaseDate` | string | Release date \(YYYY-MM-DD\) |
| `resolution` | object | Issue resolution |
| ↳ `id` | string | Resolution ID |
| ↳ `name` | string | Resolution name \(e.g., Fixed, Duplicate, Won't Fix\) |
| ↳ `description` | string | Resolution description |
| `duedate` | string | Due date \(YYYY-MM-DD\) |
| `created` | string | ISO 8601 timestamp when the issue was created |
| `updated` | string | ISO 8601 timestamp when the issue was last updated |
| `resolutiondate` | string | ISO 8601 timestamp when the issue was resolved |
| `timetracking` | object | Time tracking information |
| ↳ `originalEstimate` | string | Original estimate in human-readable format \(e.g., 1w 2d\) |
| ↳ `remainingEstimate` | string | Remaining estimate in human-readable format |
| ↳ `timeSpent` | string | Time spent in human-readable format |
| ↳ `originalEstimateSeconds` | number | Original estimate in seconds |
| ↳ `remainingEstimateSeconds` | number | Remaining estimate in seconds |
| ↳ `timeSpentSeconds` | number | Time spent in seconds |
| `parent` | object | Parent issue \(for subtasks\) |
| ↳ `id` | string | Parent issue ID |
| ↳ `key` | string | Parent issue key |
| ↳ `summary` | string | Parent issue summary |
| `issuelinks` | array | Linked issues |
| ↳ `id` | string | Issue link ID |
| ↳ `type` | object | Link type information |
| ↳ `id` | string | Link type ID |
| ↳ `name` | string | Link type name \(e.g., Blocks, Relates\) |
| ↳ `inward` | string | Inward description \(e.g., is blocked by\) |
| ↳ `outward` | string | Outward description \(e.g., blocks\) |
| ↳ `inwardIssue` | object | Inward linked issue |
| ↳ `id` | string | Issue ID |
| ↳ `key` | string | Issue key |
| ↳ `statusName` | string | Issue status name |
| ↳ `summary` | string | Issue summary |
| ↳ `outwardIssue` | object | Outward linked issue |
| ↳ `id` | string | Issue ID |
| ↳ `key` | string | Issue key |
| ↳ `statusName` | string | Issue status name |
| ↳ `summary` | string | Issue summary |
| `subtasks` | array | Subtask issues |
| ↳ `id` | string | Subtask issue ID |
| ↳ `key` | string | Subtask issue key |
| ↳ `summary` | string | Subtask summary |
| ↳ `statusName` | string | Subtask status name |
| ↳ `issueTypeName` | string | Subtask issue type name |
| `votes` | object | Vote information |
| ↳ `votes` | number | Number of votes |
| ↳ `hasVoted` | boolean | Whether the current user has voted |
| `watches` | object | Watch information |
| ↳ `watchCount` | number | Number of watchers |
| ↳ `isWatching` | boolean | Whether the current user is watching |
| `comments` | array | Issue comments \(fetched separately\) |
| ↳ `id` | string | Comment ID |
| ↳ `body` | string | Comment body text \(extracted from ADF\) |
| ↳ `author` | object | Comment author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `updateAuthor` | object | User who last updated the comment |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `created` | string | ISO 8601 timestamp when the comment was created |
| ↳ `updated` | string | ISO 8601 timestamp when the comment was last updated |
| ↳ `visibility` | object | Comment visibility restriction |
| ↳ `type` | string | Restriction type \(e.g., role, group\) |
| ↳ `value` | string | Restriction value \(e.g., Administrators\) |
| `worklogs` | array | Issue worklogs \(fetched separately\) |
| ↳ `id` | string | Worklog ID |
| ↳ `author` | object | Worklog author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `updateAuthor` | object | User who last updated the worklog |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `comment` | string | Worklog comment text |
| ↳ `started` | string | ISO 8601 timestamp when the work started |
| ↳ `timeSpent` | string | Time spent in human-readable format \(e.g., 3h 20m\) |
| ↳ `timeSpentSeconds` | number | Time spent in seconds |
| ↳ `created` | string | ISO 8601 timestamp when the worklog was created |
| ↳ `updated` | string | ISO 8601 timestamp when the worklog was last updated |
| `attachments` | array | Issue attachments |
| ↳ `id` | string | Attachment ID |
| ↳ `filename` | string | Attachment file name |
| ↳ `mimeType` | string | MIME type of the attachment |
| ↳ `size` | number | File size in bytes |
| ↳ `content` | string | URL to download the attachment content |
| ↳ `thumbnail` | string | URL to the attachment thumbnail |
| ↳ `author` | object | Attachment author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `created` | string | ISO 8601 timestamp when the attachment was created |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key \(e.g., PROJ-123\) |
| `issue` | json | Complete raw Jira issue object from the API |
| `summary` | string | Issue summary |
| `description` | json | Issue description content |
| `created` | string | Issue creation timestamp |
| `updated` | string | Issue last updated timestamp |
| `issue` | json | Complete issue object with all fields |
### `jira_update`
@@ -238,32 +68,26 @@ Update a Jira issue
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `projectId` | string | No | Jira project key \(e.g., PROJ\). Optional when updating a single issue. |
| `issueKey` | string | Yes | Jira issue key to update \(e.g., PROJ-123\) |
| `summary` | string | No | New summary for the issue |
| `description` | string | No | New description for the issue |
| `priority` | string | No | New priority ID or name for the issue \(e.g., "High"\) |
| `assignee` | string | No | New assignee account ID for the issue |
| `labels` | json | No | Labels to set on the issue \(array of label name strings\) |
| `components` | json | No | Components to set on the issue \(array of component name strings\) |
| `duedate` | string | No | Due date for the issue \(format: YYYY-MM-DD\) |
| `fixVersions` | json | No | Fix versions to set \(array of version name strings\) |
| `environment` | string | No | Environment information for the issue |
| `customFieldId` | string | No | Custom field ID to update \(e.g., customfield_10001\) |
| `customFieldValue` | string | No | Value for the custom field |
| `notifyUsers` | boolean | No | Whether to send email notifications about this update \(default: true\) |
| `status` | string | No | New status for the issue |
| `priority` | string | No | New priority for the issue |
| `assignee` | string | No | New assignee for the issue |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Updated issue key \(e.g., PROJ-123\) |
| `summary` | string | Issue summary after update |
### `jira_write`
Create a new Jira issue
Write a Jira issue
#### Input
@@ -276,12 +100,9 @@ Create a new Jira issue
| `priority` | string | No | Priority ID or name for the issue \(e.g., "10000" or "High"\) |
| `assignee` | string | No | Assignee account ID for the issue |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
| `issueType` | string | Yes | Type of issue to create \(e.g., Task, Story, Bug, Epic, Sub-task\) |
| `parent` | json | No | Parent issue key for creating subtasks \(e.g., \{ "key": "PROJ-123" \}\) |
| `issueType` | string | Yes | Type of issue to create \(e.g., Task, Story\) |
| `labels` | array | No | Labels for the issue \(array of label names\) |
| `components` | array | No | Components for the issue \(array of component names\) |
| `duedate` | string | No | Due date for the issue \(format: YYYY-MM-DD\) |
| `fixVersions` | array | No | Fix versions for the issue \(array of version names\) |
| `reporter` | string | No | Reporter account ID for the issue |
| `environment` | string | No | Environment information for the issue |
| `customFieldId` | string | No | Custom field ID \(e.g., customfield_10001\) |
@@ -291,17 +112,15 @@ Create a new Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `id` | string | Created issue ID |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Created issue key \(e.g., PROJ-123\) |
| `self` | string | REST API URL for the created issue |
| `summary` | string | Issue summary |
| `url` | string | URL to the created issue in Jira |
| `assigneeId` | string | Account ID of the assigned user \(null if no assignee was set\) |
| `url` | string | URL to the created issue |
| `assigneeId` | string | Account ID of the assigned user \(if assigned\) |
### `jira_bulk_read`
Retrieve multiple Jira issues from a project in bulk
Retrieve multiple Jira issues in bulk
#### Input
@@ -315,30 +134,7 @@ Retrieve multiple Jira issues from a project in bulk
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `total` | number | Total number of issues in the project \(may not always be available\) |
| `issues` | array | Array of Jira issues |
| ↳ `id` | string | Issue ID |
| ↳ `key` | string | Issue key \(e.g., PROJ-123\) |
| ↳ `self` | string | REST API URL for this issue |
| ↳ `summary` | string | Issue summary |
| ↳ `description` | string | Issue description text |
| ↳ `status` | object | Issue status |
| ↳ `id` | string | Status ID |
| ↳ `name` | string | Status name |
| ↳ `issuetype` | object | Issue type |
| ↳ `id` | string | Issue type ID |
| ↳ `name` | string | Issue type name |
| ↳ `priority` | object | Issue priority |
| ↳ `id` | string | Priority ID |
| ↳ `name` | string | Priority name |
| ↳ `assignee` | object | Assigned user |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | Display name |
| ↳ `created` | string | ISO 8601 creation timestamp |
| ↳ `updated` | string | ISO 8601 last updated timestamp |
| `nextPageToken` | string | Cursor token for the next page. Null when no more results. |
| `isLast` | boolean | Whether this is the last page of results |
| `issues` | array | Array of Jira issues with ts, summary, description, created, and updated timestamps |
### `jira_delete_issue`
@@ -357,7 +153,7 @@ Delete a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Deleted issue key |
### `jira_assign_issue`
@@ -377,9 +173,9 @@ Assign a Jira issue to a user
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key that was assigned |
| `assigneeId` | string | Account ID of the assignee \(use "-1" for auto-assign, null to unassign\) |
| `assigneeId` | string | Account ID of the assignee |
### `jira_transition_issue`
@@ -393,20 +189,15 @@ Move a Jira issue between workflow statuses (e.g., To Do -> In Progress)
| `issueKey` | string | Yes | Jira issue key to transition \(e.g., PROJ-123\) |
| `transitionId` | string | Yes | ID of the transition to execute \(e.g., "11" for "To Do", "21" for "In Progress"\) |
| `comment` | string | No | Optional comment to add when transitioning the issue |
| `resolution` | string | No | Resolution name to set during transition \(e.g., "Fixed", "Won\'t Fix"\) |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key that was transitioned |
| `transitionId` | string | Applied transition ID |
| `transitionName` | string | Applied transition name |
| `toStatus` | object | Target status after transition |
| ↳ `id` | string | Status ID |
| ↳ `name` | string | Status name |
### `jira_search_issues`
@@ -418,77 +209,20 @@ Search for Jira issues using JQL (Jira Query Language)
| --------- | ---- | -------- | ----------- |
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `jql` | string | Yes | JQL query string to search for issues \(e.g., "project = PROJ AND status = Open"\) |
| `nextPageToken` | string | No | Cursor token for the next page of results. Omit for the first page. |
| `maxResults` | number | No | Maximum number of results to return per page \(default: 50\) |
| `fields` | array | No | Array of field names to return \(default: all navigable\). Use "*all" for every field. |
| `startAt` | number | No | The index of the first result to return \(for pagination\) |
| `maxResults` | number | No | Maximum number of results to return \(default: 50\) |
| `fields` | array | No | Array of field names to return \(default: \['summary', 'status', 'assignee', 'created', 'updated'\]\) |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `issues` | array | Array of matching issues |
| ↳ `id` | string | Issue ID |
| ↳ `key` | string | Issue key \(e.g., PROJ-123\) |
| ↳ `self` | string | REST API URL for this issue |
| ↳ `summary` | string | Issue summary |
| ↳ `description` | string | Issue description text \(extracted from ADF\) |
| ↳ `status` | object | Issue status |
| ↳ `id` | string | Status ID |
| ↳ `name` | string | Status name \(e.g., Open, In Progress, Done\) |
| ↳ `description` | string | Status description |
| ↳ `statusCategory` | object | Status category grouping |
| ↳ `id` | number | Status category ID |
| ↳ `key` | string | Status category key \(e.g., new, indeterminate, done\) |
| ↳ `name` | string | Status category name \(e.g., To Do, In Progress, Done\) |
| ↳ `colorName` | string | Status category color \(e.g., blue-gray, yellow, green\) |
| ↳ `issuetype` | object | Issue type |
| ↳ `id` | string | Issue type ID |
| ↳ `name` | string | Issue type name \(e.g., Task, Bug, Story, Epic\) |
| ↳ `description` | string | Issue type description |
| ↳ `subtask` | boolean | Whether this is a subtask type |
| ↳ `iconUrl` | string | URL to the issue type icon |
| ↳ `project` | object | Project the issue belongs to |
| ↳ `id` | string | Project ID |
| ↳ `key` | string | Project key \(e.g., PROJ\) |
| ↳ `name` | string | Project name |
| ↳ `projectTypeKey` | string | Project type key \(e.g., software, business\) |
| ↳ `priority` | object | Issue priority |
| ↳ `id` | string | Priority ID |
| ↳ `name` | string | Priority name \(e.g., Highest, High, Medium, Low, Lowest\) |
| ↳ `iconUrl` | string | URL to the priority icon |
| ↳ `assignee` | object | Assigned user |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `reporter` | object | Reporter user |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `labels` | array | Issue labels |
| ↳ `components` | array | Issue components |
| ↳ `id` | string | Component ID |
| ↳ `name` | string | Component name |
| ↳ `description` | string | Component description |
| ↳ `resolution` | object | Issue resolution |
| ↳ `id` | string | Resolution ID |
| ↳ `name` | string | Resolution name \(e.g., Fixed, Duplicate, Won't Fix\) |
| ↳ `description` | string | Resolution description |
| ↳ `duedate` | string | Due date \(YYYY-MM-DD\) |
| ↳ `created` | string | ISO 8601 timestamp when the issue was created |
| ↳ `updated` | string | ISO 8601 timestamp when the issue was last updated |
| `nextPageToken` | string | Cursor token for the next page. Null when no more results. |
| `isLast` | boolean | Whether this is the last page of results |
| `total` | number | Total number of matching issues \(may not always be available\) |
| `ts` | string | Timestamp of the operation |
| `total` | number | Total number of matching issues |
| `startAt` | number | Pagination start index |
| `maxResults` | number | Maximum results per page |
| `issues` | array | Array of matching issues with key, summary, status, assignee, created, updated |
### `jira_add_comment`
@@ -501,27 +235,16 @@ Add a comment to a Jira issue
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `issueKey` | string | Yes | Jira issue key to add comment to \(e.g., PROJ-123\) |
| `body` | string | Yes | Comment body text |
| `visibility` | json | No | Restrict comment visibility. Object with "type" \("role" or "group"\) and "value" \(role/group name\). |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key the comment was added to |
| `commentId` | string | Created comment ID |
| `body` | string | Comment text content |
| `author` | object | Comment author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `created` | string | ISO 8601 timestamp when the comment was created |
| `updated` | string | ISO 8601 timestamp when the comment was last updated |
### `jira_get_comments`
@@ -535,42 +258,16 @@ Get all comments from a Jira issue
| `issueKey` | string | Yes | Jira issue key to get comments from \(e.g., PROJ-123\) |
| `startAt` | number | No | Index of the first comment to return \(default: 0\) |
| `maxResults` | number | No | Maximum number of comments to return \(default: 50\) |
| `orderBy` | string | No | Sort order for comments: "-created" for newest first, "created" for oldest first |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `total` | number | Total number of comments |
| `startAt` | number | Pagination start index |
| `maxResults` | number | Maximum results per page |
| `comments` | array | Array of comments |
| ↳ `id` | string | Comment ID |
| ↳ `body` | string | Comment body text \(extracted from ADF\) |
| ↳ `author` | object | Comment author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `updateAuthor` | object | User who last updated the comment |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `created` | string | ISO 8601 timestamp when the comment was created |
| ↳ `updated` | string | ISO 8601 timestamp when the comment was last updated |
| ↳ `visibility` | object | Comment visibility restriction |
| ↳ `type` | string | Restriction type \(e.g., role, group\) |
| ↳ `value` | string | Restriction value \(e.g., Administrators\) |
| `comments` | array | Array of comments with id, author, body, created, updated |
### `jira_update_comment`
@@ -584,27 +281,16 @@ Update an existing comment on a Jira issue
| `issueKey` | string | Yes | Jira issue key containing the comment \(e.g., PROJ-123\) |
| `commentId` | string | Yes | ID of the comment to update |
| `body` | string | Yes | Updated comment text |
| `visibility` | json | No | Restrict comment visibility. Object with "type" \("role" or "group"\) and "value" \(role/group name\). |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `commentId` | string | Updated comment ID |
| `body` | string | Updated comment text |
| `author` | object | Comment author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `created` | string | ISO 8601 timestamp when the comment was created |
| `updated` | string | ISO 8601 timestamp when the comment was last updated |
### `jira_delete_comment`
@@ -623,7 +309,7 @@ Delete a comment from a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `commentId` | string | Deleted comment ID |
@@ -643,24 +329,9 @@ Get all attachments from a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `attachments` | array | Array of attachments |
| ↳ `id` | string | Attachment ID |
| ↳ `filename` | string | Attachment file name |
| ↳ `mimeType` | string | MIME type of the attachment |
| ↳ `size` | number | File size in bytes |
| ↳ `content` | string | URL to download the attachment content |
| ↳ `thumbnail` | string | URL to the attachment thumbnail |
| ↳ `author` | object | Attachment author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `created` | string | ISO 8601 timestamp when the attachment was created |
| `attachments` | array | Array of attachments with id, filename, size, mimeType, created, author |
### `jira_add_attachment`
@@ -679,19 +350,10 @@ Add attachments to a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `attachments` | array | Uploaded attachments |
| ↳ `id` | string | Attachment ID |
| ↳ `filename` | string | Attachment file name |
| ↳ `mimeType` | string | MIME type |
| ↳ `size` | number | File size in bytes |
| ↳ `content` | string | URL to download the attachment |
| `attachmentIds` | array | Array of attachment IDs |
| `files` | array | Uploaded file metadata |
| ↳ `name` | string | File name |
| ↳ `mimeType` | string | MIME type |
| ↳ `size` | number | File size in bytes |
| `attachmentIds` | json | IDs of uploaded attachments |
| `files` | file[] | Uploaded attachment files |
### `jira_delete_attachment`
@@ -709,7 +371,7 @@ Delete an attachment from a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `attachmentId` | string | Deleted attachment ID |
### `jira_add_worklog`
@@ -725,28 +387,16 @@ Add a time tracking worklog entry to a Jira issue
| `timeSpentSeconds` | number | Yes | Time spent in seconds |
| `comment` | string | No | Optional comment for the worklog entry |
| `started` | string | No | Optional start time in ISO format \(defaults to current time\) |
| `visibility` | json | No | Restrict worklog visibility. Object with "type" \("role" or "group"\) and "value" \(role/group name\). |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key the worklog was added to |
| `worklogId` | string | Created worklog ID |
| `timeSpent` | string | Time spent in human-readable format \(e.g., 3h 20m\) |
| `timeSpentSeconds` | number | Time spent in seconds |
| `author` | object | Worklog author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `started` | string | ISO 8601 timestamp when the work started |
| `created` | string | ISO 8601 timestamp when the worklog was created |
### `jira_get_worklogs`
@@ -766,35 +416,10 @@ Get all worklog entries from a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `total` | number | Total number of worklogs |
| `startAt` | number | Pagination start index |
| `maxResults` | number | Maximum results per page |
| `worklogs` | array | Array of worklogs |
| ↳ `id` | string | Worklog ID |
| ↳ `author` | object | Worklog author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `updateAuthor` | object | User who last updated the worklog |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| ↳ `comment` | string | Worklog comment text |
| ↳ `started` | string | ISO 8601 timestamp when the work started |
| ↳ `timeSpent` | string | Time spent in human-readable format \(e.g., 3h 20m\) |
| ↳ `timeSpentSeconds` | number | Time spent in seconds |
| ↳ `created` | string | ISO 8601 timestamp when the worklog was created |
| ↳ `updated` | string | ISO 8601 timestamp when the worklog was last updated |
| `worklogs` | array | Array of worklogs with id, author, timeSpentSeconds, timeSpent, comment, created, updated, started |
### `jira_update_worklog`
@@ -810,38 +435,15 @@ Update an existing worklog entry on a Jira issue
| `timeSpentSeconds` | number | No | Time spent in seconds |
| `comment` | string | No | Optional comment for the worklog entry |
| `started` | string | No | Optional start time in ISO format |
| `visibility` | json | No | Restrict worklog visibility. Object with "type" \("role" or "group"\) and "value" \(role/group name\). |
| `cloudId` | string | No | Jira Cloud ID for the instance. If not provided, it will be fetched using the domain. |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `worklogId` | string | Updated worklog ID |
| `timeSpent` | string | Human-readable time spent \(e.g., "3h 20m"\) |
| `timeSpentSeconds` | number | Time spent in seconds |
| `comment` | string | Worklog comment text |
| `author` | object | Worklog author |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `updateAuthor` | object | User who last updated the worklog |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `started` | string | Worklog start time in ISO format |
| `created` | string | Worklog creation time |
| `updated` | string | Worklog last update time |
### `jira_delete_worklog`
@@ -860,7 +462,7 @@ Delete a worklog entry from a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `worklogId` | string | Deleted worklog ID |
@@ -883,7 +485,7 @@ Create a link relationship between two Jira issues
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `inwardIssue` | string | Inward issue key |
| `outwardIssue` | string | Outward issue key |
| `linkType` | string | Type of issue link |
@@ -905,7 +507,7 @@ Delete a link between two Jira issues
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `linkId` | string | Deleted link ID |
### `jira_add_watcher`
@@ -925,7 +527,7 @@ Add a watcher to a Jira issue to receive notifications about updates
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `watcherAccountId` | string | Added watcher account ID |
@@ -946,7 +548,7 @@ Remove a watcher from a Jira issue
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `ts` | string | Timestamp of the operation |
| `issueKey` | string | Issue key |
| `watcherAccountId` | string | Removed watcher account ID |
@@ -968,15 +570,8 @@ Get Jira users. If an account ID is provided, returns a single user. Otherwise,
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | ISO 8601 timestamp of the operation |
| `users` | array | Array of Jira users |
| ↳ `accountId` | string | Atlassian account ID of the user |
| ↳ `displayName` | string | Display name of the user |
| ↳ `active` | boolean | Whether the user account is active |
| ↳ `emailAddress` | string | Email address of the user |
| ↳ `accountType` | string | Type of account \(e.g., atlassian, app, customer\) |
| ↳ `avatarUrl` | string | URL to the user avatar \(48x48\) |
| ↳ `timeZone` | string | User timezone |
| `ts` | string | Timestamp of the operation |
| `users` | json | Array of users with accountId, displayName, emailAddress, active status, and avatarUrls |
| `total` | number | Total number of users returned |
| `startAt` | number | Pagination start index |
| `maxResults` | number | Maximum results per page |

208
apps/docs/content/docs/en/tools/jira_service_management.mdx
View File

@@ -46,7 +46,6 @@ Get all service desks from Jira Service Management
| --------- | ---- | -------- | ----------- |
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `expand` | string | No | Comma-separated fields to expand in the response |
| `start` | number | No | Start index for pagination \(e.g., 0, 50, 100\) |
| `limit` | number | No | Maximum results to return \(e.g., 10, 25, 50\) |
@@ -55,14 +54,7 @@ Get all service desks from Jira Service Management
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `serviceDesks` | array | List of service desks |
| ↳ `id` | string | Service desk ID |
| ↳ `projectId` | string | Associated Jira project ID |
| ↳ `projectName` | string | Associated project name |
| ↳ `projectKey` | string | Associated project key |
| ↳ `name` | string | Service desk name |
| ↳ `description` | string | Service desk description |
| ↳ `leadDisplayName` | string | Project lead display name |
| `serviceDesks` | json | Array of service desks |
| `total` | number | Total number of service desks |
| `isLastPage` | boolean | Whether this is the last page |
@@ -77,9 +69,6 @@ Get request types for a service desk in Jira Service Management
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `serviceDeskId` | string | Yes | Service Desk ID \(e.g., "1", "2"\) |
| `searchQuery` | string | No | Filter request types by name |
| `groupId` | string | No | Filter by request type group ID |
| `expand` | string | No | Comma-separated fields to expand in the response |
| `start` | number | No | Start index for pagination \(e.g., 0, 50, 100\) |
| `limit` | number | No | Maximum results to return \(e.g., 10, 25, 50\) |
@@ -88,16 +77,7 @@ Get request types for a service desk in Jira Service Management
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `requestTypes` | array | List of request types |
| ↳ `id` | string | Request type ID |
| ↳ `name` | string | Request type name |
| ↳ `description` | string | Request type description |
| ↳ `helpText` | string | Help text for customers |
| ↳ `issueTypeId` | string | Associated Jira issue type ID |
| ↳ `serviceDeskId` | string | Parent service desk ID |
| ↳ `groupIds` | json | Groups this request type belongs to |
| ↳ `icon` | json | Request type icon with id and links |
| ↳ `restrictionStatus` | string | OPEN or RESTRICTED |
| `requestTypes` | json | Array of request types |
| `total` | number | Total number of request types |
| `isLastPage` | boolean | Whether this is the last page |
@@ -116,9 +96,6 @@ Create a new service request in Jira Service Management
| `summary` | string | Yes | Summary/title for the service request |
| `description` | string | No | Description for the service request |
| `raiseOnBehalfOf` | string | No | Account ID of customer to raise request on behalf of |
| `requestFieldValues` | json | No | Custom field values as key-value pairs \(overrides summary/description if provided\) |
| `requestParticipants` | string | No | Comma-separated account IDs to add as request participants |
| `channel` | string | No | Channel the request originates from \(e.g., portal, email\) |
#### Output
@@ -129,9 +106,6 @@ Create a new service request in Jira Service Management
| `issueKey` | string | Created request issue key \(e.g., SD-123\) |
| `requestTypeId` | string | Request type ID |
| `serviceDeskId` | string | Service desk ID |
| `createdDate` | json | Creation date with iso8601, friendly, epochMillis |
| `currentStatus` | json | Current status with status name and category |
| `reporter` | json | Reporter user with accountId, displayName, emailAddress |
| `success` | boolean | Whether the request was created successfully |
| `url` | string | URL to the created request |
@@ -146,33 +120,12 @@ Get a single service request from Jira Service Management
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `issueIdOrKey` | string | Yes | Issue ID or key \(e.g., SD-123\) |
| `expand` | string | No | Comma-separated fields to expand: participant, status, sla, requestType, serviceDesk, attachment, comment, action |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueId` | string | Jira issue ID |
| `issueKey` | string | Issue key \(e.g., SD-123\) |
| `requestTypeId` | string | Request type ID |
| `serviceDeskId` | string | Service desk ID |
| `createdDate` | json | Creation date with iso8601, friendly, epochMillis |
| `currentStatus` | object | Current request status |
| ↳ `status` | string | Status name |
| ↳ `statusCategory` | string | Status category \(NEW, INDETERMINATE, DONE\) |
| ↳ `statusDate` | json | Status change date with iso8601, friendly, epochMillis |
| `reporter` | object | Reporter user details |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | User display name |
| ↳ `emailAddress` | string | User email address |
| ↳ `active` | boolean | Whether the account is active |
| `requestFieldValues` | array | Request field values |
| ↳ `fieldId` | string | Field identifier |
| ↳ `label` | string | Human-readable field label |
| ↳ `value` | json | Field value |
| ↳ `renderedValue` | json | HTML-rendered field value |
| `url` | string | URL to the request |
| `request` | json | The service request object |
### `jsm_get_requests`
@@ -186,11 +139,9 @@ Get multiple service requests from Jira Service Management
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `serviceDeskId` | string | No | Filter by service desk ID \(e.g., "1", "2"\) |
| `requestOwnership` | string | No | Filter by ownership: OWNED_REQUESTS, PARTICIPATED_REQUESTS, APPROVER, ALL_REQUESTS |
| `requestStatus` | string | No | Filter by status: OPEN_REQUESTS, CLOSED_REQUESTS, ALL_REQUESTS |
| `requestTypeId` | string | No | Filter by request type ID |
| `requestOwnership` | string | No | Filter by ownership: OWNED_REQUESTS, PARTICIPATED_REQUESTS, ORGANIZATION, ALL_REQUESTS |
| `requestStatus` | string | No | Filter by status: OPEN, CLOSED, ALL |
| `searchTerm` | string | No | Search term to filter requests \(e.g., "password reset", "laptop"\) |
| `expand` | string | No | Comma-separated fields to expand: participant, status, sla, requestType, serviceDesk, attachment, comment, action |
| `start` | number | No | Start index for pagination \(e.g., 0, 50, 100\) |
| `limit` | number | No | Maximum results to return \(e.g., 10, 25, 50\) |
@@ -199,27 +150,8 @@ Get multiple service requests from Jira Service Management
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `requests` | array | List of service requests |
| ↳ `issueId` | string | Jira issue ID |
| ↳ `issueKey` | string | Issue key \(e.g., SD-123\) |
| ↳ `requestTypeId` | string | Request type ID |
| ↳ `serviceDeskId` | string | Service desk ID |
| ↳ `createdDate` | json | Creation date with iso8601, friendly, epochMillis |
| ↳ `currentStatus` | object | Current request status |
| ↳ `status` | string | Status name |
| ↳ `statusCategory` | string | Status category \(NEW, INDETERMINATE, DONE\) |
| ↳ `statusDate` | json | Status change date with iso8601, friendly, epochMillis |
| ↳ `reporter` | object | Reporter user details |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | User display name |
| ↳ `emailAddress` | string | User email address |
| ↳ `active` | boolean | Whether the account is active |
| ↳ `requestFieldValues` | array | Request field values |
| ↳ `fieldId` | string | Field identifier |
| ↳ `label` | string | Human-readable field label |
| ↳ `value` | json | Field value |
| ↳ `renderedValue` | json | HTML-rendered field value |
| `total` | number | Total number of requests in current page |
| `requests` | json | Array of service requests |
| `total` | number | Total number of requests |
| `isLastPage` | boolean | Whether this is the last page |
### `jsm_add_comment`
@@ -245,12 +177,6 @@ Add a comment (public or internal) to a service request in Jira Service Manageme
| `commentId` | string | Created comment ID |
| `body` | string | Comment body text |
| `isPublic` | boolean | Whether the comment is public |
| `author` | object | Comment author |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | User display name |
| ↳ `emailAddress` | string | User email address |
| ↳ `active` | boolean | Whether the account is active |
| `createdDate` | json | Comment creation date with iso8601, friendly, epochMillis |
| `success` | boolean | Whether the comment was added successfully |
### `jsm_get_comments`
@@ -266,7 +192,6 @@ Get comments for a service request in Jira Service Management
| `issueIdOrKey` | string | Yes | Issue ID or key \(e.g., SD-123\) |
| `isPublic` | boolean | No | Filter to only public comments \(true/false\) |
| `internal` | boolean | No | Filter to only internal comments \(true/false\) |
| `expand` | string | No | Comma-separated fields to expand: renderedBody, attachment |
| `start` | number | No | Start index for pagination \(e.g., 0, 50, 100\) |
| `limit` | number | No | Maximum results to return \(e.g., 10, 25, 50\) |
@@ -276,17 +201,7 @@ Get comments for a service request in Jira Service Management
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueIdOrKey` | string | Issue ID or key |
| `comments` | array | List of comments |
| ↳ `id` | string | Comment ID |
| ↳ `body` | string | Comment body text |
| ↳ `public` | boolean | Whether the comment is public |
| ↳ `author` | object | Comment author |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | User display name |
| ↳ `emailAddress` | string | User email address |
| ↳ `active` | boolean | Whether the account is active |
| ↳ `created` | json | Creation date with iso8601, friendly, epochMillis |
| ↳ `renderedBody` | json | HTML-rendered comment body \(when expand=renderedBody\) |
| `comments` | json | Array of comments |
| `total` | number | Total number of comments |
| `isLastPage` | boolean | Whether this is the last page |
@@ -310,12 +225,7 @@ Get customers for a service desk in Jira Service Management
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `customers` | array | List of customers |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | Display name |
| ↳ `emailAddress` | string | Email address |
| ↳ `active` | boolean | Whether the account is active |
| ↳ `timeZone` | string | User timezone |
| `customers` | json | Array of customers |
| `total` | number | Total number of customers |
| `isLastPage` | boolean | Whether this is the last page |
@@ -330,8 +240,7 @@ Add customers to a service desk in Jira Service Management
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `serviceDeskId` | string | Yes | Service Desk ID \(e.g., "1", "2"\) |
| `accountIds` | string | No | Comma-separated Atlassian account IDs to add as customers |
| `emails` | string | No | Comma-separated email addresses to add as customers |
| `emails` | string | Yes | Comma-separated email addresses to add as customers |
#### Output
@@ -360,9 +269,7 @@ Get organizations for a service desk in Jira Service Management
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `organizations` | array | List of organizations |
| ↳ `id` | string | Organization ID |
| ↳ `name` | string | Organization name |
| `organizations` | json | Array of organizations |
| `total` | number | Total number of organizations |
| `isLastPage` | boolean | Whether this is the last page |
@@ -429,12 +336,7 @@ Get queues for a service desk in Jira Service Management
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `queues` | array | List of queues |
| ↳ `id` | string | Queue ID |
| ↳ `name` | string | Queue name |
| ↳ `jql` | string | JQL filter for the queue |
| ↳ `fields` | json | Fields displayed in the queue |
| ↳ `issueCount` | number | Number of issues in the queue |
| `queues` | json | Array of queues |
| `total` | number | Total number of queues |
| `isLastPage` | boolean | Whether this is the last page |
@@ -458,11 +360,7 @@ Get SLA information for a service request in Jira Service Management
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueIdOrKey` | string | Issue ID or key |
| `slas` | array | List of SLA metrics |
| ↳ `id` | string | SLA metric ID |
| ↳ `name` | string | SLA metric name |
| ↳ `completedCycles` | json | Completed SLA cycles with startTime, stopTime, breachTime, breached, goalDuration, elapsedTime, remainingTime \(each time as DateDTO, durations as DurationDTO\) |
| ↳ `ongoingCycle` | json | Ongoing SLA cycle with startTime, breachTime, breached, paused, withinCalendarHours, goalDuration, elapsedTime, remainingTime |
| `slas` | json | Array of SLA information |
| `total` | number | Total number of SLAs |
| `isLastPage` | boolean | Whether this is the last page |
@@ -477,8 +375,6 @@ Get available transitions for a service request in Jira Service Management
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `issueIdOrKey` | string | Yes | Issue ID or key \(e.g., SD-123\) |
| `start` | number | No | Start index for pagination \(e.g., 0, 50, 100\) |
| `limit` | number | No | Maximum results to return \(e.g., 10, 25, 50\) |
#### Output
@@ -486,11 +382,7 @@ Get available transitions for a service request in Jira Service Management
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueIdOrKey` | string | Issue ID or key |
| `transitions` | array | List of available transitions |
| ↳ `id` | string | Transition ID |
| ↳ `name` | string | Transition name |
| `total` | number | Total number of transitions |
| `isLastPage` | boolean | Whether this is the last page |
| `transitions` | json | Array of available transitions |
### `jsm_transition_request`
@@ -535,11 +427,7 @@ Get participants for a request in Jira Service Management
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueIdOrKey` | string | Issue ID or key |
| `participants` | array | List of participants |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | Display name |
| ↳ `emailAddress` | string | Email address |
| ↳ `active` | boolean | Whether the account is active |
| `participants` | json | Array of participants |
| `total` | number | Total number of participants |
| `isLastPage` | boolean | Whether this is the last page |
@@ -562,11 +450,7 @@ Add participants to a request in Jira Service Management
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueIdOrKey` | string | Issue ID or key |
| `participants` | array | List of added participants |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | Display name |
| ↳ `emailAddress` | string | Email address |
| ↳ `active` | boolean | Whether the account is active |
| `participants` | json | Array of added participants |
| `success` | boolean | Whether the operation succeeded |
### `jsm_get_approvals`
@@ -589,20 +473,7 @@ Get approvals for a request in Jira Service Management
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `issueIdOrKey` | string | Issue ID or key |
| `approvals` | array | List of approvals |
| ↳ `id` | string | Approval ID |
| ↳ `name` | string | Approval description |
| ↳ `finalDecision` | string | Final decision: pending, approved, or declined |
| ↳ `canAnswerApproval` | boolean | Whether current user can respond |
| ↳ `approvers` | array | List of approvers with their decisions |
| ↳ `approver` | object | Approver user details |
| ↳ `accountId` | string | Atlassian account ID |
| ↳ `displayName` | string | User display name |
| ↳ `emailAddress` | string | User email address |
| ↳ `active` | boolean | Whether the account is active |
| ↳ `approverDecision` | string | Decision: pending, approved, or declined |
| ↳ `createdDate` | json | Creation date |
| ↳ `completedDate` | json | Completion date |
| `approvals` | json | Array of approvals |
| `total` | number | Total number of approvals |
| `isLastPage` | boolean | Whether this is the last page |
@@ -628,53 +499,6 @@ Approve or decline an approval request in Jira Service Management
| `issueIdOrKey` | string | Issue ID or key |
| `approvalId` | string | Approval ID |
| `decision` | string | Decision made \(approve/decline\) |
| `id` | string | Approval ID from response |
| `name` | string | Approval description |
| `finalDecision` | string | Final approval decision: pending, approved, or declined |
| `canAnswerApproval` | boolean | Whether the current user can still respond |
| `approvers` | array | Updated list of approvers with decisions |
| ↳ `approver` | object | Approver user details |
| ↳ `accountId` | string | Approver account ID |
| ↳ `displayName` | string | Approver display name |
| ↳ `emailAddress` | string | Approver email |
| ↳ `active` | boolean | Whether the account is active |
| ↳ `approverDecision` | string | Individual approver decision |
| `createdDate` | json | Approval creation date |
| `completedDate` | json | Approval completion date |
| `approval` | json | The approval object |
| `success` | boolean | Whether the operation succeeded |
### `jsm_get_request_type_fields`
Get the fields required to create a request of a specific type in Jira Service Management
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `domain` | string | Yes | Your Jira domain \(e.g., yourcompany.atlassian.net\) |
| `cloudId` | string | No | Jira Cloud ID for the instance |
| `serviceDeskId` | string | Yes | Service Desk ID \(e.g., "1", "2"\) |
| `requestTypeId` | string | Yes | Request Type ID \(e.g., "10", "15"\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `ts` | string | Timestamp of the operation |
| `serviceDeskId` | string | Service desk ID |
| `requestTypeId` | string | Request type ID |
| `canAddRequestParticipants` | boolean | Whether participants can be added to requests of this type |
| `canRaiseOnBehalfOf` | boolean | Whether requests can be raised on behalf of another user |
| `requestTypeFields` | array | List of fields for this request type |
| ↳ `fieldId` | string | Field identifier \(e.g., summary, description, customfield_10010\) |
| ↳ `name` | string | Human-readable field name |
| ↳ `description` | string | Help text for the field |
| ↳ `required` | boolean | Whether the field is required |
| ↳ `visible` | boolean | Whether the field is visible |
| ↳ `validValues` | json | Allowed values for select fields |
| ↳ `presetValues` | json | Pre-populated values |
| ↳ `defaultValues` | json | Default values for the field |
| ↳ `jiraSchema` | json | Jira field schema with type, system, custom, customId |

2
apps/docs/content/docs/en/tools/meta.json
View File

@@ -4,7 +4,6 @@
"a2a",
"ahrefs",
"airtable",
"airweave",
"apify",
"apollo",
"arxiv",
@@ -76,7 +75,6 @@
"neo4j",
"notion",
"onedrive",
"onepassword",
"openai",
"outlook",
"parallel_ai",

260
apps/docs/content/docs/en/tools/onepassword.mdx
View File

@@ -1,260 +0,0 @@
---
title: 1Password
description: Manage secrets and items in 1Password vaults
---
import { BlockInfoCard } from "@/components/ui/block-info-card"
<BlockInfoCard
type="onepassword"
color="#E0E0E0"
/>
{/* MANUAL-CONTENT-START:intro */}
[1Password](https://1password.com) is a widely trusted password manager and secrets vault solution, allowing individuals and teams to securely store, access, and share passwords, API credentials, and sensitive information. With robust encryption, granular access controls, and seamless syncing across devices, 1Password supports teams and organizations in managing secrets efficiently and securely.
The [1Password Connect API](https://developer.1password.com/docs/connect/) allows programmatic access to vaults and items within an organization's 1Password account. This integration in Sim lets you automate secret retrieval, onboarding workflows, secret rotation, vault audits, and more, all in a secure and auditable manner.
With 1Password in your Sim workflow, you can:
- **List, search, and retrieve vaults**: Access metadata or browse available vaults for organizing secrets by project or purpose
- **Fetch items and secrets**: Get credentials, API keys, or custom secrets in real time to power your workflows securely
- **Create, update, or delete secrets**: Automate secret management, provisioning, and rotation for enhanced security practices
- **Integrate with CI/CD and automation**: Fetch credentials or tokens only when needed, reducing manual work and reducing risk
- **Ensure access controls**: Leverage role-based access and fine-grained permissions to control which agents or users can access specific secrets
By connecting Sim with 1Password, you empower your agents to securely manage secrets, reduce manual overhead, and maintain best practices for security automation, incident response, and DevOps workflows—all while ensuring secrets never leave a controlled environment.
{/* MANUAL-CONTENT-END */}
## Usage Instructions
Access and manage secrets stored in 1Password vaults using the Connect API or Service Account SDK. List vaults, retrieve items with their fields and secrets, create new items, update existing ones, delete items, and resolve secret references.
## Tools
### `onepassword_list_vaults`
List all vaults accessible by the Connect token or Service Account
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `filter` | string | No | SCIM filter expression \(e.g., name eq "My Vault"\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `vaults` | array | List of accessible vaults |
| ↳ `id` | string | Vault ID |
| ↳ `name` | string | Vault name |
| ↳ `description` | string | Vault description |
| ↳ `attributeVersion` | number | Vault attribute version |
| ↳ `contentVersion` | number | Vault content version |
| ↳ `type` | string | Vault type \(USER_CREATED, PERSONAL, EVERYONE, TRANSFER\) |
| ↳ `createdAt` | string | Creation timestamp |
| ↳ `updatedAt` | string | Last update timestamp |
### `onepassword_get_vault`
Get details of a specific vault by ID
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `id` | string | Vault ID |
| `name` | string | Vault name |
| `description` | string | Vault description |
| `attributeVersion` | number | Vault attribute version |
| `contentVersion` | number | Vault content version |
| `items` | number | Number of items in the vault |
| `type` | string | Vault type \(USER_CREATED, PERSONAL, EVERYONE, TRANSFER\) |
| `createdAt` | string | Creation timestamp |
| `updatedAt` | string | Last update timestamp |
### `onepassword_list_items`
List items in a vault. Returns summaries without field values.
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID to list items from |
| `filter` | string | No | SCIM filter expression \(e.g., title eq "API Key" or tag eq "production"\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `items` | array | List of items in the vault \(summaries without field values\) |
| ↳ `id` | string | Item ID |
| ↳ `title` | string | Item title |
| ↳ `vault` | object | Vault reference |
| ↳ `id` | string | Vault ID |
| ↳ `category` | string | Item category \(e.g., LOGIN, API_CREDENTIAL\) |
| ↳ `urls` | array | URLs associated with the item |
| ↳ `href` | string | URL |
| ↳ `label` | string | URL label |
| ↳ `primary` | boolean | Whether this is the primary URL |
| ↳ `favorite` | boolean | Whether the item is favorited |
| ↳ `tags` | array | Item tags |
| ↳ `version` | number | Item version number |
| ↳ `state` | string | Item state \(ARCHIVED or DELETED\) |
| ↳ `createdAt` | string | Creation timestamp |
| ↳ `updatedAt` | string | Last update timestamp |
| ↳ `lastEditedBy` | string | ID of the last editor |
### `onepassword_get_item`
Get full details of an item including all fields and secrets
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID |
| `itemId` | string | Yes | The item UUID to retrieve |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `response` | json | Operation response data |
### `onepassword_create_item`
Create a new item in a vault
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID to create the item in |
| `category` | string | Yes | Item category \(e.g., LOGIN, PASSWORD, API_CREDENTIAL, SECURE_NOTE, SERVER, DATABASE\) |
| `title` | string | No | Item title |
| `tags` | string | No | Comma-separated list of tags |
| `fields` | string | No | JSON array of field objects \(e.g., \[\{"label":"username","value":"admin","type":"STRING","purpose":"USERNAME"\}\]\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `response` | json | Operation response data |
### `onepassword_replace_item`
Replace an entire item with new data (full update)
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID |
| `itemId` | string | Yes | The item UUID to replace |
| `item` | string | Yes | JSON object representing the full item \(e.g., \{"vault":\{"id":"..."\},"category":"LOGIN","title":"My Item","fields":\[...\]\}\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `response` | json | Operation response data |
### `onepassword_update_item`
Update an existing item using JSON Patch operations (RFC6902)
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID |
| `itemId` | string | Yes | The item UUID to update |
| `operations` | string | Yes | JSON array of RFC6902 patch operations \(e.g., \[\{"op":"replace","path":"/title","value":"New Title"\}\]\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `response` | json | Operation response data |
### `onepassword_delete_item`
Delete an item from a vault
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: "service_account" or "connect" |
| `serviceAccountToken` | string | No | 1Password Service Account token \(for Service Account mode\) |
| `apiKey` | string | No | 1Password Connect API token \(for Connect Server mode\) |
| `serverUrl` | string | No | 1Password Connect server URL \(for Connect Server mode\) |
| `vaultId` | string | Yes | The vault UUID |
| `itemId` | string | Yes | The item UUID to delete |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `success` | boolean | Whether the item was successfully deleted |
### `onepassword_resolve_secret`
Resolve a secret reference (op://vault/item/field) to its value. Service Account mode only.
#### Input
| Parameter | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `connectionMode` | string | No | Connection mode: must be "service_account" for this operation |
| `serviceAccountToken` | string | Yes | 1Password Service Account token |
| `secretReference` | string | Yes | Secret reference URI \(e.g., op://vault-name/item-name/field-name or op://vault-name/item-name/section-name/field-name\) |
#### Output
| Parameter | Type | Description |
| --------- | ---- | ----------- |
| `value` | string | The resolved secret value |
| `reference` | string | The original secret reference URI |

BIN
apps/docs/public/static/skills/add-skill.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
apps/docs/public/static/skills/manage-skills.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 56 KiB

6
apps/sim/app/.well-known/oauth-authorization-server/[...issuer]/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpAuthorizationServerMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpAuthorizationServerMetadataResponse(request)
}

6
apps/sim/app/.well-known/oauth-authorization-server/api/mcp/copilot/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpAuthorizationServerMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpAuthorizationServerMetadataResponse(request)
}

6
apps/sim/app/.well-known/oauth-authorization-server/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpAuthorizationServerMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpAuthorizationServerMetadataResponse(request)
}

6
apps/sim/app/.well-known/oauth-protected-resource/api/mcp/copilot/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpProtectedResourceMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpProtectedResourceMetadataResponse(request)
}

6
apps/sim/app/.well-known/oauth-protected-resource/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpProtectedResourceMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpProtectedResourceMetadataResponse(request)
}

10
apps/sim/app/api/a2a/agents/[agentId]/route.ts
View File

@@ -5,7 +5,7 @@ import { eq } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { generateAgentCard, generateSkillsFromWorkflow } from '@/lib/a2a/agent-card'
import type { AgentCapabilities, AgentSkill } from '@/lib/a2a/types'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { getRedisClient } from '@/lib/core/config/redis'
import { loadWorkflowFromNormalizedTables } from '@/lib/workflows/persistence/utils'
import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'
@@ -40,7 +40,7 @@ export async function GET(request: NextRequest, { params }: { params: Promise<Ro
}
if (!agent.agent.isPublished) {
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success) {
return NextResponse.json({ error: 'Agent not published' }, { status: 404 })
}
@@ -81,7 +81,7 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<Ro
const { agentId } = await params
try {
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
@@ -151,7 +151,7 @@ export async function DELETE(request: NextRequest, { params }: { params: Promise
const { agentId } = await params
try {
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
@@ -189,7 +189,7 @@ export async function POST(request: NextRequest, { params }: { params: Promise<R
const { agentId } = await params
try {
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || !auth.userId) {
logger.warn('A2A agent publish auth failed:', { error: auth.error, hasUserId: !!auth.userId })
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })

6
apps/sim/app/api/a2a/agents/route.ts
View File

@@ -13,7 +13,7 @@ import { v4 as uuidv4 } from 'uuid'
import { generateSkillsFromWorkflow } from '@/lib/a2a/agent-card'
import { A2A_DEFAULT_CAPABILITIES } from '@/lib/a2a/constants'
import { sanitizeAgentName } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { loadWorkflowFromNormalizedTables } from '@/lib/workflows/persistence/utils'
import { hasValidStartBlockInState } from '@/lib/workflows/triggers/trigger-utils'
import { getWorkspaceById } from '@/lib/workspaces/permissions/utils'
@@ -27,7 +27,7 @@ export const dynamic = 'force-dynamic'
*/
export async function GET(request: NextRequest) {
try {
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
@@ -87,7 +87,7 @@ export async function GET(request: NextRequest) {
*/
export async function POST(request: NextRequest) {
try {
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}

4
apps/sim/app/api/auth/oauth/credentials/route.ts
View File

@@ -5,7 +5,7 @@ import { and, eq } from 'drizzle-orm'
import { jwtDecode } from 'jwt-decode'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
import { evaluateScopeCoverage, type OAuthProvider, parseProvider } from '@/lib/oauth'
import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -81,7 +81,7 @@ export async function GET(request: NextRequest) {
const { provider: providerParam, workflowId, credentialId } = parseResult.data
// Authenticate requester (supports session, API key, internal JWT)
const authResult = await checkSessionOrInternalAuth(request)
const authResult = await checkHybridAuth(request)
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthenticated credentials request rejected`)
return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })

48
apps/sim/app/api/auth/oauth/token/route.test.ts
View File

@@ -12,7 +12,7 @@ describe('OAuth Token API Routes', () => {
const mockRefreshTokenIfNeeded = vi.fn()
const mockGetOAuthToken = vi.fn()
const mockAuthorizeCredentialUse = vi.fn()
const mockCheckSessionOrInternalAuth = vi.fn()
const mockCheckHybridAuth = vi.fn()
const mockLogger = createMockLogger()
@@ -42,7 +42,7 @@ describe('OAuth Token API Routes', () => {
}))
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: mockCheckSessionOrInternalAuth,
checkHybridAuth: mockCheckHybridAuth,
}))
})
@@ -235,7 +235,7 @@ describe('OAuth Token API Routes', () => {
describe('credentialAccountUserId + providerId path', () => {
it('should reject unauthenticated requests', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: false,
error: 'Authentication required',
})
@@ -255,8 +255,30 @@ describe('OAuth Token API Routes', () => {
expect(mockGetOAuthToken).not.toHaveBeenCalled()
})
it('should reject API key authentication', async () => {
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'api_key',
userId: 'test-user-id',
})
const req = createMockRequest('POST', {
credentialAccountUserId: 'test-user-id',
providerId: 'google',
})
const { POST } = await import('@/app/api/auth/oauth/token/route')
const response = await POST(req)
const data = await response.json()
expect(response.status).toBe(401)
expect(data).toHaveProperty('error', 'User not authenticated')
expect(mockGetOAuthToken).not.toHaveBeenCalled()
})
it('should reject internal JWT authentication', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'internal_jwt',
userId: 'test-user-id',
@@ -278,7 +300,7 @@ describe('OAuth Token API Routes', () => {
})
it('should reject requests for other users credentials', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'attacker-user-id',
@@ -300,7 +322,7 @@ describe('OAuth Token API Routes', () => {
})
it('should allow session-authenticated users to access their own credentials', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'test-user-id',
@@ -323,7 +345,7 @@ describe('OAuth Token API Routes', () => {
})
it('should return 404 when credential not found for user', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'test-user-id',
@@ -351,7 +373,7 @@ describe('OAuth Token API Routes', () => {
*/
describe('GET handler', () => {
it('should return access token successfully', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'test-user-id',
@@ -380,7 +402,7 @@ describe('OAuth Token API Routes', () => {
expect(response.status).toBe(200)
expect(data).toHaveProperty('accessToken', 'fresh-token')
expect(mockCheckSessionOrInternalAuth).toHaveBeenCalled()
expect(mockCheckHybridAuth).toHaveBeenCalled()
expect(mockGetCredential).toHaveBeenCalledWith(mockRequestId, 'credential-id', 'test-user-id')
expect(mockRefreshTokenIfNeeded).toHaveBeenCalled()
})
@@ -399,7 +421,7 @@ describe('OAuth Token API Routes', () => {
})
it('should handle authentication failure', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: false,
error: 'Authentication required',
})
@@ -418,7 +440,7 @@ describe('OAuth Token API Routes', () => {
})
it('should handle credential not found', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'test-user-id',
@@ -439,7 +461,7 @@ describe('OAuth Token API Routes', () => {
})
it('should handle missing access token', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'test-user-id',
@@ -465,7 +487,7 @@ describe('OAuth Token API Routes', () => {
})
it('should handle token refresh failure', async () => {
mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
mockCheckHybridAuth.mockResolvedValueOnce({
success: true,
authType: 'session',
userId: 'test-user-id',

6
apps/sim/app/api/auth/oauth/token/route.ts
View File

@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { authorizeCredentialUse } from '@/lib/auth/credential-access'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
import { getCredential, getOAuthToken, refreshTokenIfNeeded } from '@/app/api/auth/oauth/utils'
@@ -71,7 +71,7 @@ export async function POST(request: NextRequest) {
providerId,
})
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || auth.authType !== 'session' || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized request for credentialAccountUserId path`, {
success: auth.success,
@@ -187,7 +187,7 @@ export async function GET(request: NextRequest) {
const { credentialId } = parseResult.data
// For GET requests, we only support session-based authentication
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const auth = await checkHybridAuth(request, { requireWorkflowId: false })
if (!auth.success || auth.authType !== 'session' || !auth.userId) {
return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })
}

16
apps/sim/app/api/billing/update-cost/route.ts
View File

@@ -18,7 +18,6 @@ const UpdateCostSchema = z.object({
model: z.string().min(1, 'Model is required'),
inputTokens: z.number().min(0).default(0),
outputTokens: z.number().min(0).default(0),
source: z.enum(['copilot', 'mcp_copilot']).default('copilot'),
})
/**
@@ -76,14 +75,12 @@ export async function POST(req: NextRequest) {
)
}
const { userId, cost, model, inputTokens, outputTokens, source } = validation.data
const isMcp = source === 'mcp_copilot'
const { userId, cost, model, inputTokens, outputTokens } = validation.data
logger.info(`[${requestId}] Processing cost update`, {
userId,
cost,
model,
source,
})
// Check if user stats record exists (same as ExecutionLogger)
@@ -99,7 +96,7 @@ export async function POST(req: NextRequest) {
return NextResponse.json({ error: 'User stats record not found' }, { status: 500 })
}
const updateFields: Record<string, unknown> = {
const updateFields = {
totalCost: sql`total_cost + ${cost}`,
currentPeriodCost: sql`current_period_cost + ${cost}`,
totalCopilotCost: sql`total_copilot_cost + ${cost}`,
@@ -108,24 +105,17 @@ export async function POST(req: NextRequest) {
lastActive: new Date(),
}
// Also increment MCP-specific counters when source is mcp_copilot
if (isMcp) {
updateFields.totalMcpCopilotCost = sql`total_mcp_copilot_cost + ${cost}`
updateFields.currentPeriodMcpCopilotCost = sql`current_period_mcp_copilot_cost + ${cost}`
}
await db.update(userStats).set(updateFields).where(eq(userStats.userId, userId))
logger.info(`[${requestId}] Updated user stats record`, {
userId,
addedCost: cost,
source,
})
// Log usage for complete audit trail
await logModelUsage({
userId,
source: isMcp ? 'mcp_copilot' : 'copilot',
source: 'copilot',
model,
inputTokens,
outputTokens,

5
apps/sim/app/api/copilot/api-keys/generate/route.ts
View File

@@ -1,7 +1,7 @@
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { getSession } from '@/lib/auth'
import { SIM_AGENT_API_URL } from '@/lib/copilot/constants'
import { SIM_AGENT_API_URL_DEFAULT } from '@/lib/copilot/constants'
import { env } from '@/lib/core/config/env'
const GenerateApiKeySchema = z.object({
@@ -17,6 +17,9 @@ export async function POST(req: NextRequest) {
const userId = session.user.id
// Move environment variable access inside the function
const SIM_AGENT_API_URL = env.SIM_AGENT_API_URL || SIM_AGENT_API_URL_DEFAULT
const body = await req.json().catch(() => ({}))
const validationResult = GenerateApiKeySchema.safeParse(body)

1
apps/sim/app/api/copilot/api-keys/route.test.ts
View File

@@ -19,7 +19,6 @@ describe('Copilot API Keys API Route', () => {
vi.doMock('@/lib/copilot/constants', () => ({
SIM_AGENT_API_URL_DEFAULT: 'https://agent.sim.example.com',
SIM_AGENT_API_URL: 'https://agent.sim.example.com',
}))
vi.doMock('@/lib/core/config/env', async () => {

6
apps/sim/app/api/copilot/api-keys/route.ts
View File

@@ -1,6 +1,6 @@
import { type NextRequest, NextResponse } from 'next/server'
import { getSession } from '@/lib/auth'
import { SIM_AGENT_API_URL } from '@/lib/copilot/constants'
import { SIM_AGENT_API_URL_DEFAULT } from '@/lib/copilot/constants'
import { env } from '@/lib/core/config/env'
export async function GET(request: NextRequest) {
@@ -12,6 +12,8 @@ export async function GET(request: NextRequest) {
const userId = session.user.id
const SIM_AGENT_API_URL = env.SIM_AGENT_API_URL || SIM_AGENT_API_URL_DEFAULT
const res = await fetch(`${SIM_AGENT_API_URL}/api/validate-key/get-api-keys`, {
method: 'POST',
headers: {
@@ -66,6 +68,8 @@ export async function DELETE(request: NextRequest) {
return NextResponse.json({ error: 'id is required' }, { status: 400 })
}
const SIM_AGENT_API_URL = env.SIM_AGENT_API_URL || SIM_AGENT_API_URL_DEFAULT
const res = await fetch(`${SIM_AGENT_API_URL}/api/validate-key/delete`, {
method: 'POST',
headers: {

897
apps/sim/app/api/copilot/chat/route.ts
View File

File diff suppressed because it is too large Load Diff

130
apps/sim/app/api/copilot/chat/stream/route.ts
View File

@@ -1,130 +0,0 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import {
getStreamMeta,
readStreamEvents,
type StreamMeta,
} from '@/lib/copilot/orchestrator/stream-buffer'
import { authenticateCopilotRequestSessionOnly } from '@/lib/copilot/request-helpers'
import { SSE_HEADERS } from '@/lib/core/utils/sse'
const logger = createLogger('CopilotChatStreamAPI')
const POLL_INTERVAL_MS = 250
const MAX_STREAM_MS = 10 * 60 * 1000
function encodeEvent(event: Record<string, any>): Uint8Array {
return new TextEncoder().encode(`data: ${JSON.stringify(event)}\n\n`)
}
export async function GET(request: NextRequest) {
const { userId: authenticatedUserId, isAuthenticated } =
await authenticateCopilotRequestSessionOnly()
if (!isAuthenticated || !authenticatedUserId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
const url = new URL(request.url)
const streamId = url.searchParams.get('streamId') || ''
const fromParam = url.searchParams.get('from') || '0'
const fromEventId = Number(fromParam || 0)
// If batch=true, return buffered events as JSON instead of SSE
const batchMode = url.searchParams.get('batch') === 'true'
const toParam = url.searchParams.get('to')
const toEventId = toParam ? Number(toParam) : undefined
if (!streamId) {
return NextResponse.json({ error: 'streamId is required' }, { status: 400 })
}
const meta = (await getStreamMeta(streamId)) as StreamMeta | null
logger.info('[Resume] Stream lookup', {
streamId,
fromEventId,
toEventId,
batchMode,
hasMeta: !!meta,
metaStatus: meta?.status,
})
if (!meta) {
return NextResponse.json({ error: 'Stream not found' }, { status: 404 })
}
if (meta.userId && meta.userId !== authenticatedUserId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 403 })
}
// Batch mode: return all buffered events as JSON
if (batchMode) {
const events = await readStreamEvents(streamId, fromEventId)
const filteredEvents = toEventId ? events.filter((e) => e.eventId <= toEventId) : events
logger.info('[Resume] Batch response', {
streamId,
fromEventId,
toEventId,
eventCount: filteredEvents.length,
})
return NextResponse.json({
success: true,
events: filteredEvents,
status: meta.status,
})
}
const startTime = Date.now()
const stream = new ReadableStream({
async start(controller) {
let lastEventId = Number.isFinite(fromEventId) ? fromEventId : 0
const flushEvents = async () => {
const events = await readStreamEvents(streamId, lastEventId)
if (events.length > 0) {
logger.info('[Resume] Flushing events', {
streamId,
fromEventId: lastEventId,
eventCount: events.length,
})
}
for (const entry of events) {
lastEventId = entry.eventId
const payload = {
...entry.event,
eventId: entry.eventId,
streamId: entry.streamId,
}
controller.enqueue(encodeEvent(payload))
}
}
try {
await flushEvents()
while (Date.now() - startTime < MAX_STREAM_MS) {
const currentMeta = await getStreamMeta(streamId)
if (!currentMeta) break
await flushEvents()
if (currentMeta.status === 'complete' || currentMeta.status === 'error') {
break
}
if (request.signal.aborted) {
break
}
await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS))
}
} catch (error) {
logger.warn('Stream replay failed', {
streamId,
error: error instanceof Error ? error.message : String(error),
})
} finally {
controller.close()
}
},
})
return new Response(stream, { headers: SSE_HEADERS })
}

7
apps/sim/app/api/copilot/confirm/route.test.ts
View File

@@ -139,6 +139,7 @@ describe('Copilot Confirm API Route', () => {
status: 'success',
})
expect(mockRedisExists).toHaveBeenCalled()
expect(mockRedisSet).toHaveBeenCalled()
})
@@ -255,11 +256,11 @@ describe('Copilot Confirm API Route', () => {
expect(responseData.error).toBe('Failed to update tool call status or tool call not found')
})
it('should return 400 when Redis set fails', async () => {
it('should return 400 when tool call is not found in Redis', async () => {
const authMocks = mockAuth()
authMocks.setAuthenticated()
mockRedisSet.mockRejectedValueOnce(new Error('Redis set failed'))
mockRedisExists.mockResolvedValue(0)
const req = createMockRequest('POST', {
toolCallId: 'non-existent-tool',
@@ -278,7 +279,7 @@ describe('Copilot Confirm API Route', () => {
const authMocks = mockAuth()
authMocks.setAuthenticated()
mockRedisSet.mockRejectedValueOnce(new Error('Redis connection failed'))
mockRedisExists.mockRejectedValue(new Error('Redis connection failed'))
const req = createMockRequest('POST', {
toolCallId: 'tool-call-123',

49
apps/sim/app/api/copilot/confirm/route.ts
View File

@@ -1,7 +1,6 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { REDIS_TOOL_CALL_PREFIX, REDIS_TOOL_CALL_TTL_SECONDS } from '@/lib/copilot/constants'
import {
authenticateCopilotRequestSessionOnly,
createBadRequestResponse,
@@ -24,8 +23,7 @@ const ConfirmationSchema = z.object({
})
/**
* Write the user's tool decision to Redis. The server-side orchestrator's
* waitForToolDecision() polls Redis for this value.
* Update tool call status in Redis
*/
async function updateToolCallStatus(
toolCallId: string,
@@ -34,24 +32,57 @@ async function updateToolCallStatus(
): Promise<boolean> {
const redis = getRedisClient()
if (!redis) {
logger.warn('Redis client not available for tool confirmation')
logger.warn('updateToolCallStatus: Redis client not available')
return false
}
try {
const key = `${REDIS_TOOL_CALL_PREFIX}${toolCallId}`
const payload = {
const key = `tool_call:${toolCallId}`
const timeout = 600000 // 10 minutes timeout for user confirmation
const pollInterval = 100 // Poll every 100ms
const startTime = Date.now()
logger.info('Polling for tool call in Redis', { toolCallId, key, timeout })
// Poll until the key exists or timeout
while (Date.now() - startTime < timeout) {
const exists = await redis.exists(key)
if (exists) {
break
}
// Wait before next poll
await new Promise((resolve) => setTimeout(resolve, pollInterval))
}
// Final check if key exists after polling
const exists = await redis.exists(key)
if (!exists) {
logger.warn('Tool call not found in Redis after polling timeout', {
toolCallId,
key,
timeout,
pollDuration: Date.now() - startTime,
})
return false
}
// Store both status and message as JSON
const toolCallData = {
status,
message: message || null,
timestamp: new Date().toISOString(),
}
await redis.set(key, JSON.stringify(payload), 'EX', REDIS_TOOL_CALL_TTL_SECONDS)
await redis.set(key, JSON.stringify(toolCallData), 'EX', 86400) // Keep 24 hour expiry
return true
} catch (error) {
logger.error('Failed to update tool call status', {
logger.error('Failed to update tool call status in Redis', {
toolCallId,
status,
error: error instanceof Error ? error.message : String(error),
message,
error: error instanceof Error ? error.message : 'Unknown error',
})
return false
}

28
apps/sim/app/api/copilot/credentials/route.ts
View File

@@ -1,28 +0,0 @@
import { type NextRequest, NextResponse } from 'next/server'
import { authenticateCopilotRequestSessionOnly } from '@/lib/copilot/request-helpers'
import { routeExecution } from '@/lib/copilot/tools/server/router'
/**
* GET /api/copilot/credentials
* Returns connected OAuth credentials for the authenticated user.
* Used by the copilot store for credential masking.
*/
export async function GET(_req: NextRequest) {
const { userId, isAuthenticated } = await authenticateCopilotRequestSessionOnly()
if (!isAuthenticated || !userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
try {
const result = await routeExecution('get_credentials', {}, { userId })
return NextResponse.json({ success: true, result })
} catch (error) {
return NextResponse.json(
{
success: false,
error: error instanceof Error ? error.message : 'Failed to load credentials',
},
{ status: 500 }
)
}
}

54
apps/sim/app/api/copilot/execute-copilot-server-tool/route.ts Normal file
View File

@@ -0,0 +1,54 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import {
authenticateCopilotRequestSessionOnly,
createBadRequestResponse,
createInternalServerErrorResponse,
createRequestTracker,
createUnauthorizedResponse,
} from '@/lib/copilot/request-helpers'
import { routeExecution } from '@/lib/copilot/tools/server/router'
const logger = createLogger('ExecuteCopilotServerToolAPI')
const ExecuteSchema = z.object({
toolName: z.string(),
payload: z.unknown().optional(),
})
export async function POST(req: NextRequest) {
const tracker = createRequestTracker()
try {
const { userId, isAuthenticated } = await authenticateCopilotRequestSessionOnly()
if (!isAuthenticated || !userId) {
return createUnauthorizedResponse()
}
const body = await req.json()
try {
const preview = JSON.stringify(body).slice(0, 300)
logger.debug(`[${tracker.requestId}] Incoming request body preview`, { preview })
} catch {}
const { toolName, payload } = ExecuteSchema.parse(body)
logger.info(`[${tracker.requestId}] Executing server tool`, { toolName })
const result = await routeExecution(toolName, payload, { userId })
try {
const resultPreview = JSON.stringify(result).slice(0, 300)
logger.debug(`[${tracker.requestId}] Server tool result preview`, { toolName, resultPreview })
} catch {}
return NextResponse.json({ success: true, result })
} catch (error) {
if (error instanceof z.ZodError) {
logger.debug(`[${tracker.requestId}] Zod validation error`, { issues: error.issues })
return createBadRequestResponse('Invalid request body for execute-copilot-server-tool')
}
logger.error(`[${tracker.requestId}] Failed to execute server tool:`, error)
const errorMessage = error instanceof Error ? error.message : 'Failed to execute server tool'
return createInternalServerErrorResponse(errorMessage)
}
}

247
apps/sim/app/api/copilot/execute-tool/route.ts Normal file
View File

@@ -0,0 +1,247 @@
import { db } from '@sim/db'
import { account, workflow } from '@sim/db/schema'
import { createLogger } from '@sim/logger'
import { and, eq } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { getSession } from '@/lib/auth'
import {
createBadRequestResponse,
createInternalServerErrorResponse,
createRequestTracker,
createUnauthorizedResponse,
} from '@/lib/copilot/request-helpers'
import { generateRequestId } from '@/lib/core/utils/request'
import { getEffectiveDecryptedEnv } from '@/lib/environment/utils'
import { refreshTokenIfNeeded } from '@/app/api/auth/oauth/utils'
import { resolveEnvVarReferences } from '@/executor/utils/reference-validation'
import { executeTool } from '@/tools'
import { getTool, resolveToolId } from '@/tools/utils'
const logger = createLogger('CopilotExecuteToolAPI')
const ExecuteToolSchema = z.object({
toolCallId: z.string(),
toolName: z.string(),
arguments: z.record(z.any()).optional().default({}),
workflowId: z.string().optional(),
})
export async function POST(req: NextRequest) {
const tracker = createRequestTracker()
try {
const session = await getSession()
if (!session?.user?.id) {
return createUnauthorizedResponse()
}
const userId = session.user.id
const body = await req.json()
try {
const preview = JSON.stringify(body).slice(0, 300)
logger.debug(`[${tracker.requestId}] Incoming execute-tool request`, { preview })
} catch {}
const { toolCallId, toolName, arguments: toolArgs, workflowId } = ExecuteToolSchema.parse(body)
const resolvedToolName = resolveToolId(toolName)
logger.info(`[${tracker.requestId}] Executing tool`, {
toolCallId,
toolName,
resolvedToolName,
workflowId,
hasArgs: Object.keys(toolArgs).length > 0,
})
const toolConfig = getTool(resolvedToolName)
if (!toolConfig) {
// Find similar tool names to help debug
const { tools: allTools } = await import('@/tools/registry')
const allToolNames = Object.keys(allTools)
const prefix = toolName.split('_').slice(0, 2).join('_')
const similarTools = allToolNames
.filter((name) => name.startsWith(`${prefix.split('_')[0]}_`))
.slice(0, 10)
logger.warn(`[${tracker.requestId}] Tool not found in registry`, {
toolName,
prefix,
similarTools,
totalToolsInRegistry: allToolNames.length,
})
return NextResponse.json(
{
success: false,
error: `Tool not found: ${toolName}. Similar tools: ${similarTools.join(', ')}`,
toolCallId,
},
{ status: 404 }
)
}
// Get the workspaceId from the workflow (env vars are stored at workspace level)
let workspaceId: string | undefined
if (workflowId) {
const workflowResult = await db
.select({ workspaceId: workflow.workspaceId })
.from(workflow)
.where(eq(workflow.id, workflowId))
.limit(1)
workspaceId = workflowResult[0]?.workspaceId ?? undefined
}
// Get decrypted environment variables early so we can resolve all {{VAR}} references
const decryptedEnvVars = await getEffectiveDecryptedEnv(userId, workspaceId)
logger.info(`[${tracker.requestId}] Fetched environment variables`, {
workflowId,
workspaceId,
envVarCount: Object.keys(decryptedEnvVars).length,
envVarKeys: Object.keys(decryptedEnvVars),
})
// Build execution params starting with LLM-provided arguments
// Resolve all {{ENV_VAR}} references in the arguments (deep for nested objects)
const executionParams: Record<string, any> = resolveEnvVarReferences(
toolArgs,
decryptedEnvVars,
{ deep: true }
) as Record<string, any>
logger.info(`[${tracker.requestId}] Resolved env var references in arguments`, {
toolName,
originalArgKeys: Object.keys(toolArgs),
resolvedArgKeys: Object.keys(executionParams),
})
// Resolve OAuth access token if required
if (toolConfig.oauth?.required && toolConfig.oauth.provider) {
const provider = toolConfig.oauth.provider
logger.info(`[${tracker.requestId}] Resolving OAuth token`, { provider })
try {
// Find the account for this provider and user
const accounts = await db
.select()
.from(account)
.where(and(eq(account.providerId, provider), eq(account.userId, userId)))
.limit(1)
if (accounts.length > 0) {
const acc = accounts[0]
const requestId = generateRequestId()
const { accessToken } = await refreshTokenIfNeeded(requestId, acc as any, acc.id)
if (accessToken) {
executionParams.accessToken = accessToken
logger.info(`[${tracker.requestId}] OAuth token resolved`, { provider })
} else {
logger.warn(`[${tracker.requestId}] No access token available`, { provider })
return NextResponse.json(
{
success: false,
error: `OAuth token not available for ${provider}. Please reconnect your account.`,
toolCallId,
},
{ status: 400 }
)
}
} else {
logger.warn(`[${tracker.requestId}] No account found for provider`, { provider })
return NextResponse.json(
{
success: false,
error: `No ${provider} account connected. Please connect your account first.`,
toolCallId,
},
{ status: 400 }
)
}
} catch (error) {
logger.error(`[${tracker.requestId}] Failed to resolve OAuth token`, {
provider,
error: error instanceof Error ? error.message : String(error),
})
return NextResponse.json(
{
success: false,
error: `Failed to get OAuth token for ${provider}`,
toolCallId,
},
{ status: 500 }
)
}
}
// Check if tool requires an API key that wasn't resolved via {{ENV_VAR}} reference
const needsApiKey = toolConfig.params?.apiKey?.required
if (needsApiKey && !executionParams.apiKey) {
logger.warn(`[${tracker.requestId}] No API key found for tool`, { toolName })
return NextResponse.json(
{
success: false,
error: `API key not provided for ${toolName}. Use {{YOUR_API_KEY_ENV_VAR}} to reference your environment variable.`,
toolCallId,
},
{ status: 400 }
)
}
// Add execution context
executionParams._context = {
workflowId,
userId,
}
// Special handling for function_execute - inject environment variables
if (toolName === 'function_execute') {
executionParams.envVars = decryptedEnvVars
executionParams.workflowVariables = {} // No workflow variables in copilot context
executionParams.blockData = {} // No block data in copilot context
executionParams.blockNameMapping = {} // No block mapping in copilot context
executionParams.language = executionParams.language || 'javascript'
executionParams.timeout = executionParams.timeout || 30000
logger.info(`[${tracker.requestId}] Injected env vars for function_execute`, {
envVarCount: Object.keys(decryptedEnvVars).length,
})
}
// Execute the tool
logger.info(`[${tracker.requestId}] Executing tool with resolved credentials`, {
toolName,
hasAccessToken: !!executionParams.accessToken,
hasApiKey: !!executionParams.apiKey,
})
const result = await executeTool(resolvedToolName, executionParams)
logger.info(`[${tracker.requestId}] Tool execution complete`, {
toolName,
success: result.success,
hasOutput: !!result.output,
})
return NextResponse.json({
success: true,
toolCallId,
result: {
success: result.success,
output: result.output,
error: result.error,
},
})
} catch (error) {
if (error instanceof z.ZodError) {
logger.debug(`[${tracker.requestId}] Zod validation error`, { issues: error.issues })
return createBadRequestResponse('Invalid request body for execute-tool')
}
logger.error(`[${tracker.requestId}] Failed to execute tool:`, error)
const errorMessage = error instanceof Error ? error.message : 'Failed to execute tool'
return createInternalServerErrorResponse(errorMessage)
}
}

1
apps/sim/app/api/copilot/stats/route.test.ts
View File

@@ -40,7 +40,6 @@ describe('Copilot Stats API Route', () => {
vi.doMock('@/lib/copilot/constants', () => ({
SIM_AGENT_API_URL_DEFAULT: 'https://agent.sim.example.com',
SIM_AGENT_API_URL: 'https://agent.sim.example.com',
}))
vi.doMock('@/lib/core/config/env', async () => {

4
apps/sim/app/api/copilot/stats/route.ts
View File

@@ -1,6 +1,6 @@
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { SIM_AGENT_API_URL } from '@/lib/copilot/constants'
import { SIM_AGENT_API_URL_DEFAULT } from '@/lib/copilot/constants'
import {
authenticateCopilotRequestSessionOnly,
createBadRequestResponse,
@@ -10,6 +10,8 @@ import {
} from '@/lib/copilot/request-helpers'
import { env } from '@/lib/core/config/env'
const SIM_AGENT_API_URL = env.SIM_AGENT_API_URL || SIM_AGENT_API_URL_DEFAULT
const BodySchema = z.object({
messageId: z.string(),
diffCreated: z.boolean(),

123
apps/sim/app/api/copilot/tools/mark-complete/route.ts Normal file
View File

@@ -0,0 +1,123 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { SIM_AGENT_API_URL_DEFAULT } from '@/lib/copilot/constants'
import {
authenticateCopilotRequestSessionOnly,
createBadRequestResponse,
createInternalServerErrorResponse,
createRequestTracker,
createUnauthorizedResponse,
} from '@/lib/copilot/request-helpers'
import { env } from '@/lib/core/config/env'
const logger = createLogger('CopilotMarkToolCompleteAPI')
const SIM_AGENT_API_URL = env.SIM_AGENT_API_URL || SIM_AGENT_API_URL_DEFAULT
const MarkCompleteSchema = z.object({
id: z.string(),
name: z.string(),
status: z.number().int(),
message: z.any().optional(),
data: z.any().optional(),
})
/**
* POST /api/copilot/tools/mark-complete
* Proxy to Sim Agent: POST /api/tools/mark-complete
*/
export async function POST(req: NextRequest) {
const tracker = createRequestTracker()
try {
const { userId, isAuthenticated } = await authenticateCopilotRequestSessionOnly()
if (!isAuthenticated || !userId) {
return createUnauthorizedResponse()
}
const body = await req.json()
// Log raw body shape for diagnostics (avoid dumping huge payloads)
try {
const bodyPreview = JSON.stringify(body).slice(0, 300)
logger.debug(`[${tracker.requestId}] Incoming mark-complete raw body preview`, {
preview: `${bodyPreview}${bodyPreview.length === 300 ? '...' : ''}`,
})
} catch {}
const parsed = MarkCompleteSchema.parse(body)
const messagePreview = (() => {
try {
const s =
typeof parsed.message === 'string' ? parsed.message : JSON.stringify(parsed.message)
return s ? `${s.slice(0, 200)}${s.length > 200 ? '...' : ''}` : undefined
} catch {
return undefined
}
})()
logger.info(`[${tracker.requestId}] Forwarding tool mark-complete`, {
userId,
toolCallId: parsed.id,
toolName: parsed.name,
status: parsed.status,
hasMessage: parsed.message !== undefined,
hasData: parsed.data !== undefined,
messagePreview,
agentUrl: `${SIM_AGENT_API_URL}/api/tools/mark-complete`,
})
const agentRes = await fetch(`${SIM_AGENT_API_URL}/api/tools/mark-complete`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
...(env.COPILOT_API_KEY ? { 'x-api-key': env.COPILOT_API_KEY } : {}),
},
body: JSON.stringify(parsed),
})
// Attempt to parse agent response JSON
let agentJson: any = null
let agentText: string | null = null
try {
agentJson = await agentRes.json()
} catch (_) {
try {
agentText = await agentRes.text()
} catch {}
}
logger.info(`[${tracker.requestId}] Agent responded to mark-complete`, {
status: agentRes.status,
ok: agentRes.ok,
responseJsonPreview: agentJson ? JSON.stringify(agentJson).slice(0, 300) : undefined,
responseTextPreview: agentText ? agentText.slice(0, 300) : undefined,
})
if (agentRes.ok) {
return NextResponse.json({ success: true })
}
const errorMessage =
agentJson?.error || agentText || `Agent responded with status ${agentRes.status}`
const status = agentRes.status >= 500 ? 500 : 400
logger.warn(`[${tracker.requestId}] Mark-complete failed`, {
status,
error: errorMessage,
})
return NextResponse.json({ success: false, error: errorMessage }, { status })
} catch (error) {
if (error instanceof z.ZodError) {
logger.warn(`[${tracker.requestId}] Invalid mark-complete request body`, {
issues: error.issues,
})
return createBadRequestResponse('Invalid request body for mark-complete')
}
logger.error(`[${tracker.requestId}] Failed to proxy mark-complete:`, error)
return createInternalServerErrorResponse('Failed to mark tool as complete')
}
}

1
apps/sim/app/api/copilot/user-models/route.ts
View File

@@ -28,7 +28,6 @@ const DEFAULT_ENABLED_MODELS: Record<CopilotModelId, boolean> = {
'claude-4-sonnet': false,
'claude-4.5-haiku': true,
'claude-4.5-sonnet': true,
'claude-4.6-opus': true,
'claude-4.5-opus': true,
'claude-4.1-opus': false,
'gemini-3-pro': true,

2
apps/sim/app/api/files/delete/route.test.ts
View File

@@ -29,7 +29,7 @@ function setupFileApiMocks(
}
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: authenticated,
userId: authenticated ? 'test-user-id' : undefined,
error: authenticated ? undefined : 'Unauthorized',

4
apps/sim/app/api/files/delete/route.ts
View File

@@ -1,7 +1,7 @@
import { createLogger } from '@sim/logger'
import type { NextRequest } from 'next/server'
import { NextResponse } from 'next/server'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import type { StorageContext } from '@/lib/uploads/config'
import { deleteFile, hasCloudStorage } from '@/lib/uploads/core/storage-service'
import { extractStorageKey, inferContextFromKey } from '@/lib/uploads/utils/file-utils'
@@ -24,7 +24,7 @@ const logger = createLogger('FilesDeleteAPI')
*/
export async function POST(request: NextRequest) {
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn('Unauthorized file delete request', {

4
apps/sim/app/api/files/download/route.ts
View File

@@ -1,6 +1,6 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import type { StorageContext } from '@/lib/uploads/config'
import { hasCloudStorage } from '@/lib/uploads/core/storage-service'
import { verifyFileAccess } from '@/app/api/files/authorization'
@@ -12,7 +12,7 @@ export const dynamic = 'force-dynamic'
export async function POST(request: NextRequest) {
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn('Unauthorized download URL request', {

2
apps/sim/app/api/files/parse/route.test.ts
View File

@@ -35,7 +35,7 @@ function setupFileApiMocks(
}
vi.doMock('@/lib/auth/hybrid', () => ({
checkInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: authenticated,
userId: authenticated ? 'test-user-id' : undefined,
error: authenticated ? undefined : 'Unauthorized',

4
apps/sim/app/api/files/parse/route.ts
View File

@@ -5,7 +5,7 @@ import path from 'path'
import { createLogger } from '@sim/logger'
import binaryExtensionsList from 'binary-extensions'
import { type NextRequest, NextResponse } from 'next/server'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import {
secureFetchWithPinnedIP,
validateUrlWithDNS,
@@ -66,7 +66,7 @@ export async function POST(request: NextRequest) {
const startTime = Date.now()
try {
const authResult = await checkInternalAuth(request, { requireWorkflowId: true })
const authResult = await checkHybridAuth(request, { requireWorkflowId: true })
if (!authResult.success) {
logger.warn('Unauthorized file parse request', {

10
apps/sim/app/api/files/serve/[...path]/route.test.ts
View File

@@ -55,7 +55,7 @@ describe('File Serve API Route', () => {
})
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: true,
userId: 'test-user-id',
}),
@@ -165,7 +165,7 @@ describe('File Serve API Route', () => {
}))
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: true,
userId: 'test-user-id',
}),
@@ -226,7 +226,7 @@ describe('File Serve API Route', () => {
}))
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: true,
userId: 'test-user-id',
}),
@@ -291,7 +291,7 @@ describe('File Serve API Route', () => {
}))
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: true,
userId: 'test-user-id',
}),
@@ -350,7 +350,7 @@ describe('File Serve API Route', () => {
for (const test of contentTypeTests) {
it(`should serve ${test.ext} file with correct content type`, async () => {
vi.doMock('@/lib/auth/hybrid', () => ({
checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
checkHybridAuth: vi.fn().mockResolvedValue({
success: true,
userId: 'test-user-id',
}),

4
apps/sim/app/api/files/serve/[...path]/route.ts
View File

@@ -2,7 +2,7 @@ import { readFile } from 'fs/promises'
import { createLogger } from '@sim/logger'
import type { NextRequest } from 'next/server'
import { NextResponse } from 'next/server'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { CopilotFiles, isUsingCloudStorage } from '@/lib/uploads'
import type { StorageContext } from '@/lib/uploads/config'
import { downloadFile } from '@/lib/uploads/core/storage-service'
@@ -49,7 +49,7 @@ export async function GET(
return await handleLocalFilePublic(fullPath)
}
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn('Unauthorized file access attempt', {

2
apps/sim/app/api/function/execute/route.ts
View File

@@ -845,8 +845,6 @@ export async function POST(req: NextRequest) {
contextVariables,
timeoutMs: timeout,
requestId,
ownerKey: `user:${auth.userId}`,
ownerWeight: 1,
})
const executionTime = Date.now() - startTime

33
apps/sim/app/api/guardrails/validate/route.ts
View File

@@ -23,16 +23,7 @@ export async function POST(request: NextRequest) {
topK,
model,
apiKey,
azureEndpoint,
azureApiVersion,
vertexProject,
vertexLocation,
vertexCredential,
bedrockAccessKeyId,
bedrockSecretKey,
bedrockRegion,
workflowId,
workspaceId,
piiEntityTypes,
piiMode,
piiLanguage,
@@ -119,18 +110,7 @@ export async function POST(request: NextRequest) {
topK,
model,
apiKey,
{
azureEndpoint,
azureApiVersion,
vertexProject,
vertexLocation,
vertexCredential,
bedrockAccessKeyId,
bedrockSecretKey,
bedrockRegion,
},
workflowId,
workspaceId,
piiEntityTypes,
piiMode,
piiLanguage,
@@ -198,18 +178,7 @@ async function executeValidation(
topK: string | undefined,
model: string,
apiKey: string | undefined,
providerCredentials: {
azureEndpoint?: string
azureApiVersion?: string
vertexProject?: string
vertexLocation?: string
vertexCredential?: string
bedrockAccessKeyId?: string
bedrockSecretKey?: string
bedrockRegion?: string
},
workflowId: string | undefined,
workspaceId: string | undefined,
piiEntityTypes: string[] | undefined,
piiMode: string | undefined,
piiLanguage: string | undefined,
@@ -250,9 +219,7 @@ async function executeValidation(
topK: topK ? Number.parseInt(topK) : 10, // Default topK is 10
model: model,
apiKey,
providerCredentials,
workflowId,
workspaceId,
requestId,
})
}

22
apps/sim/app/api/knowledge/[id]/tag-definitions/route.ts
View File

@@ -2,7 +2,7 @@ import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { SUPPORTED_FIELD_TYPES } from '@/lib/knowledge/constants'
import { createTagDefinition, getTagDefinitions } from '@/lib/knowledge/tags/service'
import { checkKnowledgeBaseAccess } from '@/app/api/knowledge/utils'
@@ -19,11 +19,19 @@ export async function GET(req: NextRequest, { params }: { params: Promise<{ id:
try {
logger.info(`[${requestId}] Getting tag definitions for knowledge base ${knowledgeBaseId}`)
const auth = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
const auth = await checkHybridAuth(req, { requireWorkflowId: false })
if (!auth.success) {
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
// Only allow session and internal JWT auth (not API key)
if (auth.authType === 'api_key') {
return NextResponse.json(
{ error: 'API key auth not supported for this endpoint' },
{ status: 401 }
)
}
// For session auth, verify KB access. Internal JWT is trusted.
if (auth.authType === 'session' && auth.userId) {
const accessCheck = await checkKnowledgeBaseAccess(knowledgeBaseId, auth.userId)
@@ -56,11 +64,19 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
try {
logger.info(`[${requestId}] Creating tag definition for knowledge base ${knowledgeBaseId}`)
const auth = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
const auth = await checkHybridAuth(req, { requireWorkflowId: false })
if (!auth.success) {
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
// Only allow session and internal JWT auth (not API key)
if (auth.authType === 'api_key') {
return NextResponse.json(
{ error: 'API key auth not supported for this endpoint' },
{ status: 401 }
)
}
// For session auth, verify KB access. Internal JWT is trusted.
if (auth.authType === 'session' && auth.userId) {
const accessCheck = await checkKnowledgeBaseAccess(knowledgeBaseId, auth.userId)

4
apps/sim/app/api/logs/execution/[executionId]/route.ts
View File

@@ -8,7 +8,7 @@ import {
import { createLogger } from '@sim/logger'
import { and, eq, inArray } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
import type { TraceSpan, WorkflowExecutionLog } from '@/lib/logs/types'
@@ -23,7 +23,7 @@ export async function GET(
try {
const { executionId } = await params
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized execution data access attempt for: ${executionId}`)
return NextResponse.json(

6
apps/sim/app/api/mcp/copilot/.well-known/oauth-authorization-server/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpAuthorizationServerMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpAuthorizationServerMetadataResponse(request)
}

6
apps/sim/app/api/mcp/copilot/.well-known/oauth-protected-resource/route.ts
View File

@@ -1,6 +0,0 @@
import type { NextRequest, NextResponse } from 'next/server'
import { createMcpProtectedResourceMetadataResponse } from '@/lib/mcp/oauth-discovery'
export async function GET(request: NextRequest): Promise<NextResponse> {
return createMcpProtectedResourceMetadataResponse(request)
}

793
apps/sim/app/api/mcp/copilot/route.ts
View File

@@ -1,793 +0,0 @@
import { randomUUID } from 'node:crypto'
import { Server } from '@modelcontextprotocol/sdk/server/index.js'
import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js'
import {
CallToolRequestSchema,
type CallToolResult,
ErrorCode,
type JSONRPCError,
ListToolsRequestSchema,
type ListToolsResult,
McpError,
type RequestId,
} from '@modelcontextprotocol/sdk/types.js'
import { db } from '@sim/db'
import { userStats } from '@sim/db/schema'
import { createLogger } from '@sim/logger'
import { eq, sql } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { getHighestPrioritySubscription } from '@/lib/billing/core/subscription'
import { getCopilotModel } from '@/lib/copilot/config'
import {
ORCHESTRATION_TIMEOUT_MS,
SIM_AGENT_API_URL,
SIM_AGENT_VERSION,
} from '@/lib/copilot/constants'
import { orchestrateCopilotStream } from '@/lib/copilot/orchestrator'
import { orchestrateSubagentStream } from '@/lib/copilot/orchestrator/subagent'
import {
executeToolServerSide,
prepareExecutionContext,
} from '@/lib/copilot/orchestrator/tool-executor'
import { DIRECT_TOOL_DEFS, SUBAGENT_TOOL_DEFS } from '@/lib/copilot/tools/mcp/definitions'
import { env } from '@/lib/core/config/env'
import { RateLimiter } from '@/lib/core/rate-limiter'
import { resolveWorkflowIdForUser } from '@/lib/workflows/utils'
const logger = createLogger('CopilotMcpAPI')
const mcpRateLimiter = new RateLimiter()
export const dynamic = 'force-dynamic'
export const runtime = 'nodejs'
export const maxDuration = 300
interface CopilotKeyAuthResult {
success: boolean
userId?: string
error?: string
}
/**
* Validates a copilot API key by forwarding it to the Go copilot service's
* `/api/validate-key` endpoint. Returns the associated userId on success.
*/
async function authenticateCopilotApiKey(apiKey: string): Promise<CopilotKeyAuthResult> {
try {
const internalSecret = env.INTERNAL_API_SECRET
if (!internalSecret) {
logger.error('INTERNAL_API_SECRET not configured')
return { success: false, error: 'Server configuration error' }
}
const res = await fetch(`${SIM_AGENT_API_URL}/api/validate-key`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'x-api-key': internalSecret,
},
body: JSON.stringify({ targetApiKey: apiKey }),
signal: AbortSignal.timeout(10_000),
})
if (!res.ok) {
const body = await res.json().catch(() => null)
const upstream = (body as Record<string, unknown>)?.message
const status = res.status
if (status === 401 || status === 403) {
return {
success: false,
error: `Invalid Copilot API key. Generate a new key in Settings → Copilot and set it in the x-api-key header.`,
}
}
if (status === 402) {
return {
success: false,
error: `Usage limit exceeded for this Copilot API key. Upgrade your plan or wait for your quota to reset.`,
}
}
return { success: false, error: String(upstream ?? 'Copilot API key validation failed') }
}
const data = (await res.json()) as { ok?: boolean; userId?: string }
if (!data.ok || !data.userId) {
return {
success: false,
error: 'Invalid Copilot API key. Generate a new key in Settings → Copilot.',
}
}
return { success: true, userId: data.userId }
} catch (error) {
logger.error('Copilot API key validation failed', { error })
return {
success: false,
error:
'Could not validate Copilot API key — the authentication service is temporarily unreachable. This is NOT a problem with the API key itself; please retry shortly.',
}
}
}
/**
* MCP Server instructions that guide LLMs on how to use the Sim copilot tools.
* This is included in the initialize response to help external LLMs understand
* the workflow lifecycle and best practices.
*/
const MCP_SERVER_INSTRUCTIONS = `
## Sim Workflow Copilot
Sim is a workflow automation platform. Workflows are visual pipelines of connected blocks (Agent, Function, Condition, API, integrations, etc.). The Agent block is the core — an LLM with tools, memory, structured output, and knowledge bases.
### Workflow Lifecycle (Happy Path)
1. \`list_workspaces\` → know where to work
2. \`create_workflow(name, workspaceId)\` → get a workflowId
3. \`sim_build(request, workflowId)\` → plan and build in one pass
4. \`sim_test(request, workflowId)\` → verify it works
5. \`sim_deploy("deploy as api", workflowId)\` → make it accessible externally (optional)
For fine-grained control, use \`sim_plan\`\`sim_edit\` instead of \`sim_build\`. Pass the plan object from sim_plan EXACTLY as-is to sim_edit's context.plan field.
### Working with Existing Workflows
When the user refers to a workflow by name or description ("the email one", "my Slack bot"):
1. Use \`sim_discovery\` to find it by functionality
2. Or use \`list_workflows\` and match by name
3. Then pass the workflowId to other tools
### Organization
- \`rename_workflow\` — rename a workflow
- \`move_workflow\` — move a workflow into a folder (or root with null)
- \`move_folder\` — nest a folder inside another (or root with null)
- \`create_folder(name, parentId)\` — create nested folder hierarchies
### Key Rules
- You can test workflows immediately after building — deployment is only needed for external access (API, chat, MCP).
- All copilot tools (build, plan, edit, deploy, test, debug) require workflowId.
- If the user reports errors → use \`sim_debug\` first, don't guess.
- Variable syntax: \`<blockname.field>\` for block outputs, \`{{ENV_VAR}}\` for env vars.
`
type HeaderMap = Record<string, string | string[] | undefined>
function createError(id: RequestId, code: ErrorCode | number, message: string): JSONRPCError {
return {
jsonrpc: '2.0',
id,
error: { code, message },
}
}
function normalizeRequestHeaders(request: NextRequest): HeaderMap {
const headers: HeaderMap = {}
request.headers.forEach((value, key) => {
headers[key.toLowerCase()] = value
})
return headers
}
function readHeader(headers: HeaderMap | undefined, name: string): string | undefined {
if (!headers) return undefined
const value = headers[name.toLowerCase()]
if (Array.isArray(value)) {
return value[0]
}
return value
}
class NextResponseCapture {
private _status = 200
private _headers = new Headers()
private _controller: ReadableStreamDefaultController<Uint8Array> | null = null
private _pendingChunks: Uint8Array[] = []
private _closeHandlers: Array<() => void> = []
private _errorHandlers: Array<(error: Error) => void> = []
private _headersWritten = false
private _ended = false
private _headersPromise: Promise<void>
private _resolveHeaders: (() => void) | null = null
private _endedPromise: Promise<void>
private _resolveEnded: (() => void) | null = null
readonly readable: ReadableStream<Uint8Array>
constructor() {
this._headersPromise = new Promise<void>((resolve) => {
this._resolveHeaders = resolve
})
this._endedPromise = new Promise<void>((resolve) => {
this._resolveEnded = resolve
})
this.readable = new ReadableStream<Uint8Array>({
start: (controller) => {
this._controller = controller
if (this._pendingChunks.length > 0) {
for (const chunk of this._pendingChunks) {
controller.enqueue(chunk)
}
this._pendingChunks = []
}
},
cancel: () => {
this._ended = true
this._resolveEnded?.()
this.triggerCloseHandlers()
},
})
}
private markHeadersWritten(): void {
if (this._headersWritten) return
this._headersWritten = true
this._resolveHeaders?.()
}
private triggerCloseHandlers(): void {
for (const handler of this._closeHandlers) {
try {
handler()
} catch (error) {
this.triggerErrorHandlers(error instanceof Error ? error : new Error(String(error)))
}
}
}
private triggerErrorHandlers(error: Error): void {
for (const errorHandler of this._errorHandlers) {
errorHandler(error)
}
}
private normalizeChunk(chunk: unknown): Uint8Array | null {
if (typeof chunk === 'string') {
return new TextEncoder().encode(chunk)
}
if (chunk instanceof Uint8Array) {
return chunk
}
if (chunk === undefined || chunk === null) {
return null
}
return new TextEncoder().encode(String(chunk))
}
writeHead(status: number, headers?: Record<string, string | number | string[]>): this {
this._status = status
if (headers) {
Object.entries(headers).forEach(([key, value]) => {
if (Array.isArray(value)) {
this._headers.set(key, value.join(', '))
} else {
this._headers.set(key, String(value))
}
})
}
this.markHeadersWritten()
return this
}
flushHeaders(): this {
this.markHeadersWritten()
return this
}
write(chunk: unknown): boolean {
const normalized = this.normalizeChunk(chunk)
if (!normalized) return true
this.markHeadersWritten()
if (this._controller) {
try {
this._controller.enqueue(normalized)
} catch (error) {
this.triggerErrorHandlers(error instanceof Error ? error : new Error(String(error)))
}
} else {
this._pendingChunks.push(normalized)
}
return true
}
end(chunk?: unknown): this {
if (chunk !== undefined) this.write(chunk)
this.markHeadersWritten()
if (this._ended) return this
this._ended = true
this._resolveEnded?.()
if (this._controller) {
try {
this._controller.close()
} catch (error) {
this.triggerErrorHandlers(error instanceof Error ? error : new Error(String(error)))
}
}
this.triggerCloseHandlers()
return this
}
async waitForHeaders(timeoutMs = 30000): Promise<void> {
if (this._headersWritten) return
await Promise.race([
this._headersPromise,
new Promise<void>((resolve) => {
setTimeout(resolve, timeoutMs)
}),
])
}
async waitForEnd(timeoutMs = 30000): Promise<void> {
if (this._ended) return
await Promise.race([
this._endedPromise,
new Promise<void>((resolve) => {
setTimeout(resolve, timeoutMs)
}),
])
}
on(event: 'close' | 'error', handler: (() => void) | ((error: Error) => void)): this {
if (event === 'close') {
this._closeHandlers.push(handler as () => void)
}
if (event === 'error') {
this._errorHandlers.push(handler as (error: Error) => void)
}
return this
}
toNextResponse(): NextResponse {
return new NextResponse(this.readable, {
status: this._status,
headers: this._headers,
})
}
}
function buildMcpServer(abortSignal?: AbortSignal): Server {
const server = new Server(
{
name: 'sim-copilot',
version: '1.0.0',
},
{
capabilities: { tools: {} },
instructions: MCP_SERVER_INSTRUCTIONS,
}
)
server.setRequestHandler(ListToolsRequestSchema, async () => {
const directTools = DIRECT_TOOL_DEFS.map((tool) => ({
name: tool.name,
description: tool.description,
inputSchema: tool.inputSchema,
}))
const subagentTools = SUBAGENT_TOOL_DEFS.map((tool) => ({
name: tool.name,
description: tool.description,
inputSchema: tool.inputSchema,
}))
const result: ListToolsResult = {
tools: [...directTools, ...subagentTools],
}
return result
})
server.setRequestHandler(CallToolRequestSchema, async (request, extra) => {
const headers = (extra.requestInfo?.headers || {}) as HeaderMap
const apiKeyHeader = readHeader(headers, 'x-api-key')
if (!apiKeyHeader) {
return {
content: [
{
type: 'text' as const,
text: 'AUTHENTICATION ERROR: No Copilot API key provided. The user must set their Copilot API key in the x-api-key header. They can generate one in the Sim app under Settings → Copilot. Do NOT retry — this will fail until the key is configured.',
},
],
isError: true,
}
}
const authResult = await authenticateCopilotApiKey(apiKeyHeader)
if (!authResult.success || !authResult.userId) {
logger.warn('MCP copilot key auth failed', { method: request.method })
return {
content: [
{
type: 'text' as const,
text: `AUTHENTICATION ERROR: ${authResult.error} Do NOT retry — this will fail until the user fixes their Copilot API key.`,
},
],
isError: true,
}
}
const rateLimitResult = await mcpRateLimiter.checkRateLimitWithSubscription(
authResult.userId,
await getHighestPrioritySubscription(authResult.userId),
'api-endpoint',
false
)
if (!rateLimitResult.allowed) {
return {
content: [
{
type: 'text' as const,
text: `RATE LIMIT: Too many requests. Please wait and retry after ${rateLimitResult.resetAt.toISOString()}.`,
},
],
isError: true,
}
}
const params = request.params as
| { name?: string; arguments?: Record<string, unknown> }
| undefined
if (!params?.name) {
throw new McpError(ErrorCode.InvalidParams, 'Tool name required')
}
const result = await handleToolsCall(
{
name: params.name,
arguments: params.arguments,
},
authResult.userId,
abortSignal
)
trackMcpCopilotCall(authResult.userId)
return result
})
return server
}
async function handleMcpRequestWithSdk(
request: NextRequest,
parsedBody: unknown
): Promise<NextResponse> {
const server = buildMcpServer(request.signal)
const transport = new StreamableHTTPServerTransport({
sessionIdGenerator: undefined,
enableJsonResponse: true,
})
const responseCapture = new NextResponseCapture()
const requestAdapter = {
method: request.method,
headers: normalizeRequestHeaders(request),
}
await server.connect(transport)
try {
await transport.handleRequest(requestAdapter as any, responseCapture as any, parsedBody)
await responseCapture.waitForHeaders()
// Must exceed the longest possible tool execution (build = 5 min).
// Using ORCHESTRATION_TIMEOUT_MS + 60 s buffer so the orchestrator can
// finish or time-out on its own before the transport is torn down.
await responseCapture.waitForEnd(ORCHESTRATION_TIMEOUT_MS + 60_000)
return responseCapture.toNextResponse()
} finally {
await server.close().catch(() => {})
await transport.close().catch(() => {})
}
}
export async function GET() {
// Return 405 to signal that server-initiated SSE notifications are not
// supported. Without this, clients like mcp-remote will repeatedly
// reconnect trying to open an SSE stream, flooding the logs with GETs.
return new NextResponse(null, { status: 405 })
}
export async function POST(request: NextRequest) {
try {
let parsedBody: unknown
try {
parsedBody = await request.json()
} catch {
return NextResponse.json(createError(0, ErrorCode.ParseError, 'Invalid JSON body'), {
status: 400,
})
}
return await handleMcpRequestWithSdk(request, parsedBody)
} catch (error) {
logger.error('Error handling MCP request', { error })
return NextResponse.json(createError(0, ErrorCode.InternalError, 'Internal error'), {
status: 500,
})
}
}
export async function DELETE(request: NextRequest) {
void request
return NextResponse.json(createError(0, -32000, 'Method not allowed.'), { status: 405 })
}
/**
* Increment MCP copilot call counter in userStats (fire-and-forget).
*/
function trackMcpCopilotCall(userId: string): void {
db.update(userStats)
.set({
totalMcpCopilotCalls: sql`total_mcp_copilot_calls + 1`,
lastActive: new Date(),
})
.where(eq(userStats.userId, userId))
.then(() => {})
.catch((error) => {
logger.error('Failed to track MCP copilot call', { error, userId })
})
}
async function handleToolsCall(
params: { name: string; arguments?: Record<string, unknown> },
userId: string,
abortSignal?: AbortSignal
): Promise<CallToolResult> {
const args = params.arguments || {}
const directTool = DIRECT_TOOL_DEFS.find((tool) => tool.name === params.name)
if (directTool) {
return handleDirectToolCall(directTool, args, userId)
}
const subagentTool = SUBAGENT_TOOL_DEFS.find((tool) => tool.name === params.name)
if (subagentTool) {
return handleSubagentToolCall(subagentTool, args, userId, abortSignal)
}
throw new McpError(ErrorCode.MethodNotFound, `Tool not found: ${params.name}`)
}
async function handleDirectToolCall(
toolDef: (typeof DIRECT_TOOL_DEFS)[number],
args: Record<string, unknown>,
userId: string
): Promise<CallToolResult> {
try {
const execContext = await prepareExecutionContext(userId, (args.workflowId as string) || '')
const toolCall = {
id: randomUUID(),
name: toolDef.toolId,
status: 'pending' as const,
params: args as Record<string, any>,
startTime: Date.now(),
}
const result = await executeToolServerSide(toolCall, execContext)
return {
content: [
{
type: 'text',
text: JSON.stringify(result.output ?? result, null, 2),
},
],
isError: !result.success,
}
} catch (error) {
logger.error('Direct tool execution failed', { tool: toolDef.name, error })
return {
content: [
{
type: 'text',
text: `Tool execution failed: ${error instanceof Error ? error.message : String(error)}`,
},
],
isError: true,
}
}
}
/**
* Build mode uses the main chat orchestrator with the 'fast' command instead of
* the subagent endpoint. In Go, 'build' is not a registered subagent — it's a mode
* (ModeFast) on the main chat processor that bypasses subagent orchestration and
* executes all tools directly.
*/
async function handleBuildToolCall(
args: Record<string, unknown>,
userId: string,
abortSignal?: AbortSignal
): Promise<CallToolResult> {
try {
const requestText = (args.request as string) || JSON.stringify(args)
const { model } = getCopilotModel('chat')
const workflowId = args.workflowId as string | undefined
const resolved = workflowId ? { workflowId } : await resolveWorkflowIdForUser(userId)
if (!resolved?.workflowId) {
return {
content: [
{
type: 'text',
text: JSON.stringify(
{
success: false,
error: 'workflowId is required for build. Call create_workflow first.',
},
null,
2
),
},
],
isError: true,
}
}
const chatId = randomUUID()
const requestPayload = {
message: requestText,
workflowId: resolved.workflowId,
userId,
model,
mode: 'agent',
commands: ['fast'],
messageId: randomUUID(),
version: SIM_AGENT_VERSION,
headless: true,
chatId,
source: 'mcp',
}
const result = await orchestrateCopilotStream(requestPayload, {
userId,
workflowId: resolved.workflowId,
chatId,
autoExecuteTools: true,
timeout: 300000,
interactive: false,
abortSignal,
})
const responseData = {
success: result.success,
content: result.content,
toolCalls: result.toolCalls,
error: result.error,
}
return {
content: [{ type: 'text', text: JSON.stringify(responseData, null, 2) }],
isError: !result.success,
}
} catch (error) {
logger.error('Build tool call failed', { error })
return {
content: [
{
type: 'text',
text: `Build failed: ${error instanceof Error ? error.message : String(error)}`,
},
],
isError: true,
}
}
}
async function handleSubagentToolCall(
toolDef: (typeof SUBAGENT_TOOL_DEFS)[number],
args: Record<string, unknown>,
userId: string,
abortSignal?: AbortSignal
): Promise<CallToolResult> {
if (toolDef.agentId === 'build') {
return handleBuildToolCall(args, userId, abortSignal)
}
try {
const requestText =
(args.request as string) ||
(args.message as string) ||
(args.error as string) ||
JSON.stringify(args)
const context = (args.context as Record<string, unknown>) || {}
if (args.plan && !context.plan) {
context.plan = args.plan
}
const { model } = getCopilotModel('chat')
const result = await orchestrateSubagentStream(
toolDef.agentId,
{
message: requestText,
workflowId: args.workflowId,
workspaceId: args.workspaceId,
context,
model,
headless: true,
source: 'mcp',
},
{
userId,
workflowId: args.workflowId as string | undefined,
workspaceId: args.workspaceId as string | undefined,
abortSignal,
}
)
let responseData: unknown
if (result.structuredResult) {
responseData = {
success: result.structuredResult.success ?? result.success,
type: result.structuredResult.type,
summary: result.structuredResult.summary,
data: result.structuredResult.data,
}
} else if (result.error) {
responseData = {
success: false,
error: result.error,
errors: result.errors,
}
} else {
responseData = {
success: result.success,
content: result.content,
}
}
return {
content: [
{
type: 'text',
text: JSON.stringify(responseData, null, 2),
},
],
isError: !result.success,
}
} catch (error) {
logger.error('Subagent tool call failed', {
tool: toolDef.name,
agentId: toolDef.agentId,
error,
})
return {
content: [
{
type: 'text',
text: `Subagent call failed: ${error instanceof Error ? error.message : String(error)}`,
},
],
isError: true,
}
}
}

98
apps/sim/app/api/mcp/events/route.test.ts
View File

@@ -1,98 +0,0 @@
/**
* Tests for MCP SSE events endpoint
*
* @vitest-environment node
*/
import { createMockRequest, mockAuth, mockConsoleLogger } from '@sim/testing'
import { beforeEach, describe, expect, it, vi } from 'vitest'
mockConsoleLogger()
const auth = mockAuth()
const mockGetUserEntityPermissions = vi.fn()
vi.doMock('@/lib/workspaces/permissions/utils', () => ({
getUserEntityPermissions: mockGetUserEntityPermissions,
}))
vi.doMock('@/lib/mcp/connection-manager', () => ({
mcpConnectionManager: null,
}))
vi.doMock('@/lib/mcp/pubsub', () => ({
mcpPubSub: null,
}))
const { GET } = await import('./route')
describe('MCP Events SSE Endpoint', () => {
beforeEach(() => {
vi.clearAllMocks()
})
it('returns 401 when session is missing', async () => {
auth.setUnauthenticated()
const request = createMockRequest(
'GET',
undefined,
{},
'http://localhost:3000/api/mcp/events?workspaceId=ws-123'
)
const response = await GET(request as any)
expect(response.status).toBe(401)
const text = await response.text()
expect(text).toBe('Unauthorized')
})
it('returns 400 when workspaceId is missing', async () => {
auth.setAuthenticated()
const request = createMockRequest('GET', undefined, {}, 'http://localhost:3000/api/mcp/events')
const response = await GET(request as any)
expect(response.status).toBe(400)
const text = await response.text()
expect(text).toBe('Missing workspaceId query parameter')
})
it('returns 403 when user lacks workspace access', async () => {
auth.setAuthenticated()
mockGetUserEntityPermissions.mockResolvedValue(null)
const request = createMockRequest(
'GET',
undefined,
{},
'http://localhost:3000/api/mcp/events?workspaceId=ws-123'
)
const response = await GET(request as any)
expect(response.status).toBe(403)
const text = await response.text()
expect(text).toBe('Access denied to workspace')
expect(mockGetUserEntityPermissions).toHaveBeenCalledWith('user-123', 'workspace', 'ws-123')
})
it('returns SSE stream when authorized', async () => {
auth.setAuthenticated()
mockGetUserEntityPermissions.mockResolvedValue({ read: true })
const request = createMockRequest(
'GET',
undefined,
{},
'http://localhost:3000/api/mcp/events?workspaceId=ws-123'
)
const response = await GET(request as any)
expect(response.status).toBe(200)
expect(response.headers.get('Content-Type')).toBe('text/event-stream')
expect(response.headers.get('Cache-Control')).toBe('no-cache')
expect(response.headers.get('Connection')).toBe('keep-alive')
})
})

111
apps/sim/app/api/mcp/events/route.ts
View File

@@ -1,111 +0,0 @@
/**
* SSE endpoint for MCP tool-change events.
*
* Pushes `tools_changed` events to the browser when:
* - An external MCP server sends `notifications/tools/list_changed` (via connection manager)
* - A workflow CRUD route modifies workflow MCP server tools (via pub/sub)
*
* Auth is handled via session cookies (EventSource sends cookies automatically).
*/
import { createLogger } from '@sim/logger'
import type { NextRequest } from 'next/server'
import { getSession } from '@/lib/auth'
import { SSE_HEADERS } from '@/lib/core/utils/sse'
import { mcpConnectionManager } from '@/lib/mcp/connection-manager'
import { mcpPubSub } from '@/lib/mcp/pubsub'
import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
const logger = createLogger('McpEventsSSE')
export const dynamic = 'force-dynamic'
const HEARTBEAT_INTERVAL_MS = 30_000
export async function GET(request: NextRequest) {
const session = await getSession()
if (!session?.user?.id) {
return new Response('Unauthorized', { status: 401 })
}
const { searchParams } = new URL(request.url)
const workspaceId = searchParams.get('workspaceId')
if (!workspaceId) {
return new Response('Missing workspaceId query parameter', { status: 400 })
}
const permissions = await getUserEntityPermissions(session.user.id, 'workspace', workspaceId)
if (!permissions) {
return new Response('Access denied to workspace', { status: 403 })
}
const encoder = new TextEncoder()
const unsubscribers: Array<() => void> = []
const stream = new ReadableStream({
start(controller) {
const send = (eventName: string, data: Record<string, unknown>) => {
try {
controller.enqueue(
encoder.encode(`event: ${eventName}\ndata: ${JSON.stringify(data)}\n\n`)
)
} catch {
// Stream already closed
}
}
// Subscribe to external MCP server tool changes
if (mcpConnectionManager) {
const unsub = mcpConnectionManager.subscribe((event) => {
if (event.workspaceId !== workspaceId) return
send('tools_changed', {
source: 'external',
serverId: event.serverId,
timestamp: event.timestamp,
})
})
unsubscribers.push(unsub)
}
// Subscribe to workflow CRUD tool changes
if (mcpPubSub) {
const unsub = mcpPubSub.onWorkflowToolsChanged((event) => {
if (event.workspaceId !== workspaceId) return
send('tools_changed', {
source: 'workflow',
serverId: event.serverId,
timestamp: Date.now(),
})
})
unsubscribers.push(unsub)
}
// Heartbeat to keep the connection alive
const heartbeat = setInterval(() => {
try {
controller.enqueue(encoder.encode(': heartbeat\n\n'))
} catch {
clearInterval(heartbeat)
}
}, HEARTBEAT_INTERVAL_MS)
unsubscribers.push(() => clearInterval(heartbeat))
// Cleanup when client disconnects
request.signal.addEventListener('abort', () => {
for (const unsub of unsubscribers) {
unsub()
}
try {
controller.close()
} catch {
// Already closed
}
logger.info(`SSE connection closed for workspace ${workspaceId}`)
})
logger.info(`SSE connection opened for workspace ${workspaceId}`)
},
})
return new Response(stream, { headers: SSE_HEADERS })
}

3
apps/sim/app/api/mcp/workflow-servers/[id]/route.ts
View File

@@ -4,7 +4,6 @@ import { createLogger } from '@sim/logger'
import { and, eq } from 'drizzle-orm'
import type { NextRequest } from 'next/server'
import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
import { mcpPubSub } from '@/lib/mcp/pubsub'
import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
const logger = createLogger('WorkflowMcpServerAPI')
@@ -147,8 +146,6 @@ export const DELETE = withMcpAuth<RouteParams>('admin')(
logger.info(`[${requestId}] Successfully deleted workflow MCP server: ${serverId}`)
mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })
return createMcpSuccessResponse({ message: `Server ${serverId} deleted successfully` })
} catch (error) {
logger.error(`[${requestId}] Error deleting workflow MCP server:`, error)

5
apps/sim/app/api/mcp/workflow-servers/[id]/tools/[toolId]/route.ts
View File

@@ -4,7 +4,6 @@ import { createLogger } from '@sim/logger'
import { and, eq } from 'drizzle-orm'
import type { NextRequest } from 'next/server'
import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
import { mcpPubSub } from '@/lib/mcp/pubsub'
import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
import { sanitizeToolName } from '@/lib/mcp/workflow-tool-schema'
@@ -116,8 +115,6 @@ export const PATCH = withMcpAuth<RouteParams>('write')(
logger.info(`[${requestId}] Successfully updated tool ${toolId}`)
mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })
return createMcpSuccessResponse({ tool: updatedTool })
} catch (error) {
logger.error(`[${requestId}] Error updating tool:`, error)
@@ -163,8 +160,6 @@ export const DELETE = withMcpAuth<RouteParams>('write')(
logger.info(`[${requestId}] Successfully deleted tool ${toolId}`)
mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })
return createMcpSuccessResponse({ message: `Tool ${toolId} deleted successfully` })
} catch (error) {
logger.error(`[${requestId}] Error deleting tool:`, error)

3
apps/sim/app/api/mcp/workflow-servers/[id]/tools/route.ts
View File

@@ -4,7 +4,6 @@ import { createLogger } from '@sim/logger'
import { and, eq } from 'drizzle-orm'
import type { NextRequest } from 'next/server'
import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
import { mcpPubSub } from '@/lib/mcp/pubsub'
import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
import { sanitizeToolName } from '@/lib/mcp/workflow-tool-schema'
import { hasValidStartBlock } from '@/lib/workflows/triggers/trigger-utils.server'
@@ -189,8 +188,6 @@ export const POST = withMcpAuth<RouteParams>('write')(
`[${requestId}] Successfully added tool ${toolName} (workflow: ${body.workflowId}) to server ${serverId}`
)
mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })
return createMcpSuccessResponse({ tool }, 201)
} catch (error) {
logger.error(`[${requestId}] Error adding tool:`, error)

5
apps/sim/app/api/mcp/workflow-servers/route.ts
View File

@@ -4,7 +4,6 @@ import { createLogger } from '@sim/logger'
import { eq, inArray, sql } from 'drizzle-orm'
import type { NextRequest } from 'next/server'
import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
import { mcpPubSub } from '@/lib/mcp/pubsub'
import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
import { sanitizeToolName } from '@/lib/mcp/workflow-tool-schema'
import { hasValidStartBlock } from '@/lib/workflows/triggers/trigger-utils.server'
@@ -175,10 +174,6 @@ export const POST = withMcpAuth('write')(
`[${requestId}] Added ${addedTools.length} tools to server ${serverId}:`,
addedTools.map((t) => t.toolName)
)
if (addedTools.length > 0) {
mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })
}
}
logger.info(

4
apps/sim/app/api/memory/[id]/route.ts
View File

@@ -4,7 +4,7 @@ import { createLogger } from '@sim/logger'
import { and, eq } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'
@@ -36,7 +36,7 @@ async function validateMemoryAccess(
requestId: string,
action: 'read' | 'write'
): Promise<{ userId: string } | { error: NextResponse }> {
const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized memory ${action} attempt`)
return {

8
apps/sim/app/api/memory/route.ts
View File

@@ -3,7 +3,7 @@ import { memory } from '@sim/db/schema'
import { createLogger } from '@sim/logger'
import { and, eq, isNull, like } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'
@@ -16,7 +16,7 @@ export async function GET(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkInternalAuth(request)
const authResult = await checkHybridAuth(request)
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized memory access attempt`)
return NextResponse.json(
@@ -89,7 +89,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkInternalAuth(request)
const authResult = await checkHybridAuth(request)
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized memory creation attempt`)
return NextResponse.json(
@@ -228,7 +228,7 @@ export async function DELETE(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkInternalAuth(request)
const authResult = await checkHybridAuth(request)
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized memory deletion attempt`)
return NextResponse.json(

1
apps/sim/app/api/permission-groups/[id]/route.ts
View File

@@ -24,7 +24,6 @@ const configSchema = z.object({
hideFilesTab: z.boolean().optional(),
disableMcpTools: z.boolean().optional(),
disableCustomTools: z.boolean().optional(),
disableSkills: z.boolean().optional(),
hideTemplates: z.boolean().optional(),
disableInvitations: z.boolean().optional(),
hideDeployApi: z.boolean().optional(),

1
apps/sim/app/api/permission-groups/route.ts
View File

@@ -25,7 +25,6 @@ const configSchema = z.object({
hideFilesTab: z.boolean().optional(),
disableMcpTools: z.boolean().optional(),
disableCustomTools: z.boolean().optional(),
disableSkills: z.boolean().optional(),
hideTemplates: z.boolean().optional(),
disableInvitations: z.boolean().optional(),
hideDeployApi: z.boolean().optional(),

182
apps/sim/app/api/skills/route.ts
View File

@@ -1,182 +0,0 @@
import { db } from '@sim/db'
import { skill } from '@sim/db/schema'
import { createLogger } from '@sim/logger'
import { and, desc, eq } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
import { upsertSkills } from '@/lib/workflows/skills/operations'
import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
const logger = createLogger('SkillsAPI')
const SkillSchema = z.object({
skills: z.array(
z.object({
id: z.string().optional(),
name: z
.string()
.min(1, 'Skill name is required')
.max(64)
.regex(/^[a-z0-9]+(-[a-z0-9]+)*$/, 'Name must be kebab-case (e.g. my-skill)'),
description: z.string().min(1, 'Description is required').max(1024),
content: z.string().min(1, 'Content is required').max(50000, 'Content is too large'),
})
),
workspaceId: z.string().optional(),
})
/** GET - Fetch all skills for a workspace */
export async function GET(request: NextRequest) {
const requestId = generateRequestId()
const searchParams = request.nextUrl.searchParams
const workspaceId = searchParams.get('workspaceId')
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized skills access attempt`)
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
const userId = authResult.userId
if (!workspaceId) {
logger.warn(`[${requestId}] Missing workspaceId`)
return NextResponse.json({ error: 'workspaceId is required' }, { status: 400 })
}
const userPermission = await getUserEntityPermissions(userId, 'workspace', workspaceId)
if (!userPermission) {
logger.warn(`[${requestId}] User ${userId} does not have access to workspace ${workspaceId}`)
return NextResponse.json({ error: 'Access denied' }, { status: 403 })
}
const result = await db
.select()
.from(skill)
.where(eq(skill.workspaceId, workspaceId))
.orderBy(desc(skill.createdAt))
return NextResponse.json({ data: result }, { status: 200 })
} catch (error) {
logger.error(`[${requestId}] Error fetching skills:`, error)
return NextResponse.json({ error: 'Failed to fetch skills' }, { status: 500 })
}
}
/** POST - Create or update skills */
export async function POST(req: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized skills update attempt`)
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
const userId = authResult.userId
const body = await req.json()
try {
const { skills, workspaceId } = SkillSchema.parse(body)
if (!workspaceId) {
logger.warn(`[${requestId}] Missing workspaceId in request body`)
return NextResponse.json({ error: 'workspaceId is required' }, { status: 400 })
}
const userPermission = await getUserEntityPermissions(userId, 'workspace', workspaceId)
if (!userPermission || (userPermission !== 'admin' && userPermission !== 'write')) {
logger.warn(
`[${requestId}] User ${userId} does not have write permission for workspace ${workspaceId}`
)
return NextResponse.json({ error: 'Write permission required' }, { status: 403 })
}
const resultSkills = await upsertSkills({
skills,
workspaceId,
userId,
requestId,
})
return NextResponse.json({ success: true, data: resultSkills })
} catch (validationError) {
if (validationError instanceof z.ZodError) {
logger.warn(`[${requestId}] Invalid skills data`, {
errors: validationError.errors,
})
return NextResponse.json(
{ error: 'Invalid request data', details: validationError.errors },
{ status: 400 }
)
}
if (validationError instanceof Error && validationError.message.includes('already exists')) {
return NextResponse.json({ error: validationError.message }, { status: 409 })
}
throw validationError
}
} catch (error) {
logger.error(`[${requestId}] Error updating skills`, error)
return NextResponse.json({ error: 'Failed to update skills' }, { status: 500 })
}
}
/** DELETE - Delete a skill by ID */
export async function DELETE(request: NextRequest) {
const requestId = generateRequestId()
const searchParams = request.nextUrl.searchParams
const skillId = searchParams.get('id')
const workspaceId = searchParams.get('workspaceId')
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
if (!authResult.success || !authResult.userId) {
logger.warn(`[${requestId}] Unauthorized skill deletion attempt`)
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
const userId = authResult.userId
if (!skillId) {
logger.warn(`[${requestId}] Missing skill ID for deletion`)
return NextResponse.json({ error: 'Skill ID is required' }, { status: 400 })
}
if (!workspaceId) {
logger.warn(`[${requestId}] Missing workspaceId for deletion`)
return NextResponse.json({ error: 'workspaceId is required' }, { status: 400 })
}
const userPermission = await getUserEntityPermissions(userId, 'workspace', workspaceId)
if (!userPermission || (userPermission !== 'admin' && userPermission !== 'write')) {
logger.warn(
`[${requestId}] User ${userId} does not have write permission for workspace ${workspaceId}`
)
return NextResponse.json({ error: 'Write permission required' }, { status: 403 })
}
const existingSkill = await db.select().from(skill).where(eq(skill.id, skillId)).limit(1)
if (existingSkill.length === 0) {
logger.warn(`[${requestId}] Skill not found: ${skillId}`)
return NextResponse.json({ error: 'Skill not found' }, { status: 404 })
}
if (existingSkill[0].workspaceId !== workspaceId) {
logger.warn(`[${requestId}] Skill ${skillId} does not belong to workspace ${workspaceId}`)
return NextResponse.json({ error: 'Skill not found' }, { status: 404 })
}
await db.delete(skill).where(and(eq(skill.id, skillId), eq(skill.workspaceId, workspaceId)))
logger.info(`[${requestId}] Deleted skill: ${skillId}`)
return NextResponse.json({ success: true })
} catch (error) {
logger.error(`[${requestId}] Error deleting skill:`, error)
return NextResponse.json({ error: 'Failed to delete skill' }, { status: 500 })
}
}

4
apps/sim/app/api/tools/a2a/cancel-task/route.ts
View File

@@ -3,7 +3,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
const logger = createLogger('A2ACancelTaskAPI')
@@ -20,7 +20,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(`[${requestId}] Unauthorized A2A cancel task attempt`)

4
apps/sim/app/api/tools/a2a/delete-push-notification/route.ts
View File

@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
export const dynamic = 'force-dynamic'
@@ -20,7 +20,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(

4
apps/sim/app/api/tools/a2a/get-agent-card/route.ts
View File

@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
export const dynamic = 'force-dynamic'
@@ -18,7 +18,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(`[${requestId}] Unauthorized A2A get agent card attempt: ${authResult.error}`)

4
apps/sim/app/api/tools/a2a/get-push-notification/route.ts
View File

@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
export const dynamic = 'force-dynamic'
@@ -19,7 +19,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(

4
apps/sim/app/api/tools/a2a/get-task/route.ts
View File

@@ -3,7 +3,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
export const dynamic = 'force-dynamic'
@@ -21,7 +21,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(`[${requestId}] Unauthorized A2A get task attempt: ${authResult.error}`)

4
apps/sim/app/api/tools/a2a/resubscribe/route.ts
View File

@@ -10,7 +10,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient, extractTextContent, isTerminalState } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { generateRequestId } from '@/lib/core/utils/request'
const logger = createLogger('A2AResubscribeAPI')
@@ -27,7 +27,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(`[${requestId}] Unauthorized A2A resubscribe attempt`)

4
apps/sim/app/api/tools/a2a/send-message/route.ts
View File

@@ -3,7 +3,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient, extractTextContent, isTerminalState } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
import { generateRequestId } from '@/lib/core/utils/request'
@@ -32,7 +32,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(`[${requestId}] Unauthorized A2A send message attempt: ${authResult.error}`)

4
apps/sim/app/api/tools/a2a/set-push-notification/route.ts
View File

@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { createA2AClient } from '@/lib/a2a/utils'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
import { generateRequestId } from '@/lib/core/utils/request'
@@ -22,7 +22,7 @@ export async function POST(request: NextRequest) {
const requestId = generateRequestId()
try {
const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
if (!authResult.success) {
logger.warn(`[${requestId}] Unauthorized A2A set push notification attempt`, {

16
apps/sim/app/api/tools/jira/add-attachment/route.ts
View File

@@ -90,24 +90,16 @@ export async function POST(request: NextRequest) {
)
}
const jiraAttachments = await response.json()
const attachmentsList = Array.isArray(jiraAttachments) ? jiraAttachments : []
const attachmentIds = attachmentsList.map((att: any) => att.id).filter(Boolean)
const attachments = attachmentsList.map((att: any) => ({
id: att.id ?? '',
filename: att.filename ?? '',
mimeType: att.mimeType ?? '',
size: att.size ?? 0,
content: att.content ?? '',
}))
const attachments = await response.json()
const attachmentIds = Array.isArray(attachments)
? attachments.map((attachment) => attachment.id).filter(Boolean)
: []
return NextResponse.json({
success: true,
output: {
ts: new Date().toISOString(),
issueKey: validatedData.issueKey,
attachments,
attachmentIds,
files: filesOutput,
},

111
apps/sim/app/api/tools/jira/issue/route.ts Normal file
View File

@@ -0,0 +1,111 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { validateJiraCloudId, validateJiraIssueKey } from '@/lib/core/security/input-validation'
import { getJiraCloudId } from '@/tools/jira/utils'
export const dynamic = 'force-dynamic'
const logger = createLogger('JiraIssueAPI')
export async function POST(request: NextRequest) {
try {
const auth = await checkSessionOrInternalAuth(request)
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
const { domain, accessToken, issueId, cloudId: providedCloudId } = await request.json()
if (!domain) {
logger.error('Missing domain in request')
return NextResponse.json({ error: 'Domain is required' }, { status: 400 })
}
if (!accessToken) {
logger.error('Missing access token in request')
return NextResponse.json({ error: 'Access token is required' }, { status: 400 })
}
if (!issueId) {
logger.error('Missing issue ID in request')
return NextResponse.json({ error: 'Issue ID is required' }, { status: 400 })
}
const cloudId = providedCloudId || (await getJiraCloudId(domain, accessToken))
logger.info('Using cloud ID:', cloudId)
const cloudIdValidation = validateJiraCloudId(cloudId, 'cloudId')
if (!cloudIdValidation.isValid) {
return NextResponse.json({ error: cloudIdValidation.error }, { status: 400 })
}
const issueIdValidation = validateJiraIssueKey(issueId, 'issueId')
if (!issueIdValidation.isValid) {
return NextResponse.json({ error: issueIdValidation.error }, { status: 400 })
}
const url = `https://api.atlassian.com/ex/jira/${cloudId}/rest/api/3/issue/${issueId}`
logger.info('Fetching Jira issue from:', url)
const response = await fetch(url, {
method: 'GET',
headers: {
Authorization: `Bearer ${accessToken}`,
Accept: 'application/json',
},
})
if (!response.ok) {
logger.error('Jira API error:', {
status: response.status,
statusText: response.statusText,
})
let errorMessage
try {
const errorData = await response.json()
logger.error('Error details:', errorData)
errorMessage = errorData.message || `Failed to fetch issue (${response.status})`
} catch (_e) {
errorMessage = `Failed to fetch issue: ${response.status} ${response.statusText}`
}
return NextResponse.json({ error: errorMessage }, { status: response.status })
}
const data = await response.json()
logger.info('Successfully fetched issue:', data.key)
const issueInfo: any = {
id: data.key,
name: data.fields.summary,
mimeType: 'jira/issue',
url: `https://${domain}/browse/${data.key}`,
modifiedTime: data.fields.updated,
webViewLink: `https://${domain}/browse/${data.key}`,
status: data.fields.status?.name,
description: data.fields.description,
priority: data.fields.priority?.name,
assignee: data.fields.assignee?.displayName,
reporter: data.fields.reporter?.displayName,
project: {
key: data.fields.project?.key,
name: data.fields.project?.name,
},
}
return NextResponse.json({
issue: issueInfo,
cloudId,
})
} catch (error) {
logger.error('Error processing request:', error)
return NextResponse.json(
{
error: 'Failed to retrieve Jira issue',
details: (error as Error).message,
},
{ status: 500 }
)
}
}

82
apps/sim/app/api/tools/jira/update/route.ts
View File

@@ -16,16 +16,9 @@ const jiraUpdateSchema = z.object({
summary: z.string().optional(),
title: z.string().optional(),
description: z.string().optional(),
status: z.string().optional(),
priority: z.string().optional(),
assignee: z.string().optional(),
labels: z.array(z.string()).optional(),
components: z.array(z.string()).optional(),
duedate: z.string().optional(),
fixVersions: z.array(z.string()).optional(),
environment: z.string().optional(),
customFieldId: z.string().optional(),
customFieldValue: z.string().optional(),
notifyUsers: z.boolean().optional(),
cloudId: z.string().optional(),
})
@@ -52,16 +45,9 @@ export async function PUT(request: NextRequest) {
summary,
title,
description,
status,
priority,
assignee,
labels,
components,
duedate,
fixVersions,
environment,
customFieldId,
customFieldValue,
notifyUsers,
cloudId: providedCloudId,
} = validation.data
@@ -78,8 +64,7 @@ export async function PUT(request: NextRequest) {
return NextResponse.json({ error: issueKeyValidation.error }, { status: 400 })
}
const notifyParam = notifyUsers === false ? '?notifyUsers=false' : ''
const url = `https://api.atlassian.com/ex/jira/${cloudId}/rest/api/3/issue/${issueKey}${notifyParam}`
const url = `https://api.atlassian.com/ex/jira/${cloudId}/rest/api/3/issue/${issueKey}`
logger.info('Updating Jira issue at:', url)
@@ -108,65 +93,24 @@ export async function PUT(request: NextRequest) {
}
}
if (status !== undefined && status !== null && status !== '') {
fields.status = {
name: status,
}
}
if (priority !== undefined && priority !== null && priority !== '') {
const isNumericId = /^\d+$/.test(priority)
fields.priority = isNumericId ? { id: priority } : { name: priority }
fields.priority = {
name: priority,
}
}
if (assignee !== undefined && assignee !== null && assignee !== '') {
fields.assignee = {
accountId: assignee,
id: assignee,
}
}
if (labels !== undefined && labels !== null && labels.length > 0) {
fields.labels = labels
}
if (components !== undefined && components !== null && components.length > 0) {
fields.components = components.map((name) => ({ name }))
}
if (duedate !== undefined && duedate !== null && duedate !== '') {
fields.duedate = duedate
}
if (fixVersions !== undefined && fixVersions !== null && fixVersions.length > 0) {
fields.fixVersions = fixVersions.map((name) => ({ name }))
}
if (environment !== undefined && environment !== null && environment !== '') {
fields.environment = {
type: 'doc',
version: 1,
content: [
{
type: 'paragraph',
content: [
{
type: 'text',
text: environment,
},
],
},
],
}
}
if (
customFieldId !== undefined &&
customFieldId !== null &&
customFieldId !== '' &&
customFieldValue !== undefined &&
customFieldValue !== null &&
customFieldValue !== ''
) {
const fieldId = customFieldId.startsWith('customfield_')
? customFieldId
: `customfield_${customFieldId}`
fields[fieldId] = customFieldValue
}
const requestBody = { fields }
const response = await fetch(url, {

31
apps/sim/app/api/tools/jira/write/route.ts
View File

@@ -32,8 +32,6 @@ export async function POST(request: NextRequest) {
environment,
customFieldId,
customFieldValue,
components,
fixVersions,
} = await request.json()
if (!domain) {
@@ -75,9 +73,10 @@ export async function POST(request: NextRequest) {
logger.info('Creating Jira issue at:', url)
const isNumericProjectId = /^\d+$/.test(projectId)
const fields: Record<string, any> = {
project: isNumericProjectId ? { id: projectId } : { key: projectId },
project: {
id: projectId,
},
issuetype: {
name: normalizedIssueType,
},
@@ -115,31 +114,13 @@ export async function POST(request: NextRequest) {
fields.labels = labels
}
if (
components !== undefined &&
components !== null &&
Array.isArray(components) &&
components.length > 0
) {
fields.components = components.map((name: string) => ({ name }))
}
if (duedate !== undefined && duedate !== null && duedate !== '') {
fields.duedate = duedate
}
if (
fixVersions !== undefined &&
fixVersions !== null &&
Array.isArray(fixVersions) &&
fixVersions.length > 0
) {
fields.fixVersions = fixVersions.map((name: string) => ({ name }))
}
if (reporter !== undefined && reporter !== null && reporter !== '') {
fields.reporter = {
accountId: reporter,
id: reporter,
}
}
@@ -239,10 +220,8 @@ export async function POST(request: NextRequest) {
success: true,
output: {
ts: new Date().toISOString(),
id: responseData.id || '',
issueKey: issueKey,
self: responseData.self || '',
summary: responseData.fields?.summary || summary || 'Issue created',
summary: responseData.fields?.summary || 'Issue created',
success: true,
url: `https://${domain}/browse/${issueKey}`,
...(assigneeId && { assigneeId }),

20
apps/sim/app/api/tools/jsm/approvals/route.ts
View File

@@ -165,26 +165,8 @@ export async function POST(request: NextRequest) {
issueIdOrKey,
approvalId,
decision,
id: data.id ?? null,
name: data.name ?? null,
finalDecision: data.finalDecision ?? null,
canAnswerApproval: data.canAnswerApproval ?? null,
approvers: (data.approvers ?? []).map((a: Record<string, unknown>) => {
const approver = a.approver as Record<string, unknown> | undefined
return {
approver: {
accountId: approver?.accountId ?? null,
displayName: approver?.displayName ?? null,
emailAddress: approver?.emailAddress ?? null,
active: approver?.active ?? null,
},
approverDecision: a.approverDecision ?? null,
}
}),
createdDate: data.createdDate ?? null,
completedDate: data.completedDate ?? null,
approval: data,
success: true,
approval: data,
},
})
}

8
apps/sim/app/api/tools/jsm/comment/route.ts
View File

@@ -95,14 +95,6 @@ export async function POST(request: NextRequest) {
commentId: data.id,
body: data.body,
isPublic: data.public,
author: data.author
? {
accountId: data.author.accountId ?? null,
displayName: data.author.displayName ?? null,
emailAddress: data.author.emailAddress ?? null,
}
: null,
createdDate: data.created ?? null,
success: true,
},
})

6
apps/sim/app/api/tools/jsm/comments/route.ts
View File

@@ -23,7 +23,6 @@ export async function POST(request: NextRequest) {
issueIdOrKey,
isPublic,
internal,
expand,
start,
limit,
} = body
@@ -58,9 +57,8 @@ export async function POST(request: NextRequest) {
const baseUrl = getJsmApiBaseUrl(cloudId)
const params = new URLSearchParams()
if (isPublic !== undefined) params.append('public', String(isPublic))
if (internal !== undefined) params.append('internal', String(internal))
if (expand) params.append('expand', expand)
if (isPublic) params.append('public', isPublic)
if (internal) params.append('internal', internal)
if (start) params.append('start', start)
if (limit) params.append('limit', limit)

22
apps/sim/app/api/tools/jsm/customers/route.ts
View File

@@ -24,7 +24,6 @@ export async function POST(request: NextRequest) {
query,
start,
limit,
accountIds,
emails,
} = body
@@ -57,27 +56,24 @@ export async function POST(request: NextRequest) {
const baseUrl = getJsmApiBaseUrl(cloudId)
const rawIds = accountIds || emails
const parsedAccountIds = rawIds
? typeof rawIds === 'string'
? rawIds
const parsedEmails = emails
? typeof emails === 'string'
? emails
.split(',')
.map((id: string) => id.trim())
.filter((id: string) => id)
: Array.isArray(rawIds)
? rawIds
: []
.map((email: string) => email.trim())
.filter((email: string) => email)
: emails
: []
const isAddOperation = parsedAccountIds.length > 0
const isAddOperation = parsedEmails.length > 0
if (isAddOperation) {
const url = `${baseUrl}/servicedesk/${serviceDeskId}/customer`
logger.info('Adding customers to:', url, { accountIds: parsedAccountIds })
logger.info('Adding customers to:', url, { emails: parsedEmails })
const requestBody: Record<string, unknown> = {
accountIds: parsedAccountIds,
usernames: parsedEmails,
}
const response = await fetch(url, {

62
apps/sim/app/api/tools/jsm/request/route.ts
View File

@@ -31,9 +31,6 @@ export async function POST(request: NextRequest) {
description,
raiseOnBehalfOf,
requestFieldValues,
requestParticipants,
channel,
expand,
} = body
if (!domain) {
@@ -83,19 +80,6 @@ export async function POST(request: NextRequest) {
if (raiseOnBehalfOf) {
requestBody.raiseOnBehalfOf = raiseOnBehalfOf
}
if (requestParticipants) {
requestBody.requestParticipants = Array.isArray(requestParticipants)
? requestParticipants
: typeof requestParticipants === 'string'
? requestParticipants
.split(',')
.map((id: string) => id.trim())
.filter(Boolean)
: []
}
if (channel) {
requestBody.channel = channel
}
const response = await fetch(url, {
method: 'POST',
@@ -127,21 +111,6 @@ export async function POST(request: NextRequest) {
issueKey: data.issueKey,
requestTypeId: data.requestTypeId,
serviceDeskId: data.serviceDeskId,
createdDate: data.createdDate ?? null,
currentStatus: data.currentStatus
? {
status: data.currentStatus.status ?? null,
statusCategory: data.currentStatus.statusCategory ?? null,
statusDate: data.currentStatus.statusDate ?? null,
}
: null,
reporter: data.reporter
? {
accountId: data.reporter.accountId ?? null,
displayName: data.reporter.displayName ?? null,
emailAddress: data.reporter.emailAddress ?? null,
}
: null,
success: true,
url: `https://${domain}/browse/${data.issueKey}`,
},
@@ -157,10 +126,7 @@ export async function POST(request: NextRequest) {
return NextResponse.json({ error: issueIdOrKeyValidation.error }, { status: 400 })
}
const params = new URLSearchParams()
if (expand) params.append('expand', expand)
const url = `${baseUrl}/request/${issueIdOrKey}${params.toString() ? `?${params.toString()}` : ''}`
const url = `${baseUrl}/request/${issueIdOrKey}`
logger.info('Fetching request from:', url)
@@ -189,32 +155,6 @@ export async function POST(request: NextRequest) {
success: true,
output: {
ts: new Date().toISOString(),
issueId: data.issueId ?? null,
issueKey: data.issueKey ?? null,
requestTypeId: data.requestTypeId ?? null,
serviceDeskId: data.serviceDeskId ?? null,
createdDate: data.createdDate ?? null,
currentStatus: data.currentStatus
? {
status: data.currentStatus.status ?? null,
statusCategory: data.currentStatus.statusCategory ?? null,
statusDate: data.currentStatus.statusDate ?? null,
}
: null,
reporter: data.reporter
? {
accountId: data.reporter.accountId ?? null,
displayName: data.reporter.displayName ?? null,
emailAddress: data.reporter.emailAddress ?? null,
active: data.reporter.active ?? true,
}
: null,
requestFieldValues: (data.requestFieldValues ?? []).map((fv: Record<string, unknown>) => ({
fieldId: fv.fieldId ?? null,
label: fv.label ?? null,
value: fv.value ?? null,
})),
url: `https://${domain}/browse/${data.issueKey}`,
request: data,
},
})

40
apps/sim/app/api/tools/jsm/requests/route.ts
View File

@@ -1,11 +1,7 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
validateAlphanumericId,
validateEnum,
validateJiraCloudId,
} from '@/lib/core/security/input-validation'
import { validateAlphanumericId, validateJiraCloudId } from '@/lib/core/security/input-validation'
import { getJiraCloudId, getJsmApiBaseUrl, getJsmHeaders } from '@/tools/jsm/utils'
export const dynamic = 'force-dynamic'
@@ -27,9 +23,7 @@ export async function POST(request: NextRequest) {
serviceDeskId,
requestOwnership,
requestStatus,
requestTypeId,
searchTerm,
expand,
start,
limit,
} = body
@@ -58,45 +52,17 @@ export async function POST(request: NextRequest) {
}
}
const VALID_REQUEST_OWNERSHIP = [
'OWNED_REQUESTS',
'PARTICIPATED_REQUESTS',
'APPROVER',
'ALL_REQUESTS',
] as const
const VALID_REQUEST_STATUS = ['OPEN_REQUESTS', 'CLOSED_REQUESTS', 'ALL_REQUESTS'] as const
if (requestOwnership) {
const ownershipValidation = validateEnum(
requestOwnership,
VALID_REQUEST_OWNERSHIP,
'requestOwnership'
)
if (!ownershipValidation.isValid) {
return NextResponse.json({ error: ownershipValidation.error }, { status: 400 })
}
}
if (requestStatus) {
const statusValidation = validateEnum(requestStatus, VALID_REQUEST_STATUS, 'requestStatus')
if (!statusValidation.isValid) {
return NextResponse.json({ error: statusValidation.error }, { status: 400 })
}
}
const baseUrl = getJsmApiBaseUrl(cloudId)
const params = new URLSearchParams()
if (serviceDeskId) params.append('serviceDeskId', serviceDeskId)
if (requestOwnership) {
if (requestOwnership && requestOwnership !== 'ALL_REQUESTS') {
params.append('requestOwnership', requestOwnership)
}
if (requestStatus) {
if (requestStatus && requestStatus !== 'ALL') {
params.append('requestStatus', requestStatus)
}
if (requestTypeId) params.append('requestTypeId', requestTypeId)
if (searchTerm) params.append('searchTerm', searchTerm)
if (expand) params.append('expand', expand)
if (start) params.append('start', start)
if (limit) params.append('limit', limit)

119
apps/sim/app/api/tools/jsm/requesttypefields/route.ts
View File

@@ -1,119 +0,0 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import { validateAlphanumericId, validateJiraCloudId } from '@/lib/core/security/input-validation'
import { getJiraCloudId, getJsmApiBaseUrl, getJsmHeaders } from '@/tools/jsm/utils'
export const dynamic = 'force-dynamic'
const logger = createLogger('JsmRequestTypeFieldsAPI')
export async function POST(request: NextRequest) {
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const { domain, accessToken, cloudId: cloudIdParam, serviceDeskId, requestTypeId } = body
if (!domain) {
logger.error('Missing domain in request')
return NextResponse.json({ error: 'Domain is required' }, { status: 400 })
}
if (!accessToken) {
logger.error('Missing access token in request')
return NextResponse.json({ error: 'Access token is required' }, { status: 400 })
}
if (!serviceDeskId) {
logger.error('Missing serviceDeskId in request')
return NextResponse.json({ error: 'Service Desk ID is required' }, { status: 400 })
}
if (!requestTypeId) {
logger.error('Missing requestTypeId in request')
return NextResponse.json({ error: 'Request Type ID is required' }, { status: 400 })
}
const cloudId = cloudIdParam || (await getJiraCloudId(domain, accessToken))
const cloudIdValidation = validateJiraCloudId(cloudId, 'cloudId')
if (!cloudIdValidation.isValid) {
return NextResponse.json({ error: cloudIdValidation.error }, { status: 400 })
}
const serviceDeskIdValidation = validateAlphanumericId(serviceDeskId, 'serviceDeskId')
if (!serviceDeskIdValidation.isValid) {
return NextResponse.json({ error: serviceDeskIdValidation.error }, { status: 400 })
}
const requestTypeIdValidation = validateAlphanumericId(requestTypeId, 'requestTypeId')
if (!requestTypeIdValidation.isValid) {
return NextResponse.json({ error: requestTypeIdValidation.error }, { status: 400 })
}
const baseUrl = getJsmApiBaseUrl(cloudId)
const url = `${baseUrl}/servicedesk/${serviceDeskId}/requesttype/${requestTypeId}/field`
logger.info('Fetching request type fields from:', url)
const response = await fetch(url, {
method: 'GET',
headers: getJsmHeaders(accessToken),
})
if (!response.ok) {
const errorText = await response.text()
logger.error('JSM API error:', {
status: response.status,
statusText: response.statusText,
error: errorText,
})
return NextResponse.json(
{ error: `JSM API error: ${response.status} ${response.statusText}`, details: errorText },
{ status: response.status }
)
}
const data = await response.json()
return NextResponse.json({
success: true,
output: {
ts: new Date().toISOString(),
serviceDeskId,
requestTypeId,
canAddRequestParticipants: data.canAddRequestParticipants ?? false,
canRaiseOnBehalfOf: data.canRaiseOnBehalfOf ?? false,
requestTypeFields: (data.requestTypeFields ?? []).map((field: Record<string, unknown>) => ({
fieldId: field.fieldId ?? null,
name: field.name ?? null,
description: field.description ?? null,
required: field.required ?? false,
visible: field.visible ?? true,
validValues: field.validValues ?? [],
presetValues: field.presetValues ?? [],
defaultValues: field.defaultValues ?? [],
jiraSchema: field.jiraSchema ?? null,
})),
},
})
} catch (error) {
logger.error('Error fetching request type fields:', {
error: error instanceof Error ? error.message : String(error),
stack: error instanceof Error ? error.stack : undefined,
})
return NextResponse.json(
{
error: error instanceof Error ? error.message : 'Internal server error',
success: false,
},
{ status: 500 }
)
}
}

15
apps/sim/app/api/tools/jsm/requesttypes/route.ts
View File

@@ -16,17 +16,7 @@ export async function POST(request: NextRequest) {
try {
const body = await request.json()
const {
domain,
accessToken,
cloudId: cloudIdParam,
serviceDeskId,
searchQuery,
groupId,
expand,
start,
limit,
} = body
const { domain, accessToken, cloudId: cloudIdParam, serviceDeskId, start, limit } = body
if (!domain) {
logger.error('Missing domain in request')
@@ -58,9 +48,6 @@ export async function POST(request: NextRequest) {
const baseUrl = getJsmApiBaseUrl(cloudId)
const params = new URLSearchParams()
if (searchQuery) params.append('searchQuery', searchQuery)
if (groupId) params.append('groupId', groupId)
if (expand) params.append('expand', expand)
if (start) params.append('start', start)
if (limit) params.append('limit', limit)

3
apps/sim/app/api/tools/jsm/servicedesks/route.ts
View File

@@ -16,7 +16,7 @@ export async function POST(request: NextRequest) {
try {
const body = await request.json()
const { domain, accessToken, cloudId: cloudIdParam, expand, start, limit } = body
const { domain, accessToken, cloudId: cloudIdParam, start, limit } = body
if (!domain) {
logger.error('Missing domain in request')
@@ -38,7 +38,6 @@ export async function POST(request: NextRequest) {
const baseUrl = getJsmApiBaseUrl(cloudId)
const params = new URLSearchParams()
if (expand) params.append('expand', expand)
if (start) params.append('start', start)
if (limit) params.append('limit', limit)

10
apps/sim/app/api/tools/jsm/transitions/route.ts
View File

@@ -16,7 +16,7 @@ export async function POST(request: NextRequest) {
try {
const body = await request.json()
const { domain, accessToken, cloudId: cloudIdParam, issueIdOrKey, start, limit } = body
const { domain, accessToken, cloudId: cloudIdParam, issueIdOrKey } = body
if (!domain) {
logger.error('Missing domain in request')
@@ -47,11 +47,7 @@ export async function POST(request: NextRequest) {
const baseUrl = getJsmApiBaseUrl(cloudId)
const params = new URLSearchParams()
if (start) params.append('start', start)
if (limit) params.append('limit', limit)
const url = `${baseUrl}/request/${issueIdOrKey}/transition${params.toString() ? `?${params.toString()}` : ''}`
const url = `${baseUrl}/request/${issueIdOrKey}/transition`
logger.info('Fetching transitions from:', url)
@@ -82,8 +78,6 @@ export async function POST(request: NextRequest) {
ts: new Date().toISOString(),
issueIdOrKey,
transitions: data.values || [],
total: data.size || 0,
isLastPage: data.isLastPage ?? true,
},
})
} catch (error) {

113
apps/sim/app/api/tools/onepassword/create-item/route.ts
View File

@@ -1,113 +0,0 @@
import { randomUUID } from 'crypto'
import type { ItemCreateParams } from '@1password/sdk'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkItem,
resolveCredentials,
toSdkCategory,
toSdkFieldType,
} from '../utils'
const logger = createLogger('OnePasswordCreateItemAPI')
const CreateItemSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
category: z.string().min(1, 'Category is required'),
title: z.string().nullish(),
tags: z.string().nullish(),
fields: z.string().nullish(),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password create-item attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = CreateItemSchema.parse(body)
const creds = resolveCredentials(params)
logger.info(`[${requestId}] Creating item in vault ${params.vaultId} (${creds.mode} mode)`)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const parsedTags = params.tags
? params.tags
.split(',')
.map((t) => t.trim())
.filter(Boolean)
: undefined
const parsedFields = params.fields
? (JSON.parse(params.fields) as Array<Record<string, any>>).map((f) => ({
id: f.id || randomUUID().slice(0, 8),
title: f.label || f.title || '',
fieldType: toSdkFieldType(f.type || 'STRING'),
value: f.value || '',
sectionId: f.section?.id ?? f.sectionId,
}))
: undefined
const item = await client.items.create({
vaultId: params.vaultId,
category: toSdkCategory(params.category),
title: params.title || '',
tags: parsedTags,
fields: parsedFields,
} as ItemCreateParams)
return NextResponse.json(normalizeSdkItem(item))
}
const connectBody: Record<string, unknown> = {
vault: { id: params.vaultId },
category: params.category,
}
if (params.title) connectBody.title = params.title
if (params.tags) connectBody.tags = params.tags.split(',').map((t) => t.trim())
if (params.fields) connectBody.fields = JSON.parse(params.fields)
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}/items`,
method: 'POST',
body: connectBody,
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to create item' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Create item failed:`, error)
return NextResponse.json({ error: `Failed to create item: ${message}` }, { status: 500 })
}
}

70
apps/sim/app/api/tools/onepassword/delete-item/route.ts
View File

@@ -1,70 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import { connectRequest, createOnePasswordClient, resolveCredentials } from '../utils'
const logger = createLogger('OnePasswordDeleteItemAPI')
const DeleteItemSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
itemId: z.string().min(1, 'Item ID is required'),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password delete-item attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = DeleteItemSchema.parse(body)
const creds = resolveCredentials(params)
logger.info(
`[${requestId}] Deleting item ${params.itemId} from vault ${params.vaultId} (${creds.mode} mode)`
)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
await client.items.delete(params.vaultId, params.itemId)
return NextResponse.json({ success: true })
}
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}/items/${params.itemId}`,
method: 'DELETE',
})
if (!response.ok) {
const data = await response.json().catch(() => ({}))
return NextResponse.json(
{ error: (data as Record<string, string>).message || 'Failed to delete item' },
{ status: response.status }
)
}
return NextResponse.json({ success: true })
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Delete item failed:`, error)
return NextResponse.json({ error: `Failed to delete item: ${message}` }, { status: 500 })
}
}

75
apps/sim/app/api/tools/onepassword/get-item/route.ts
View File

@@ -1,75 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkItem,
resolveCredentials,
} from '../utils'
const logger = createLogger('OnePasswordGetItemAPI')
const GetItemSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
itemId: z.string().min(1, 'Item ID is required'),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password get-item attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = GetItemSchema.parse(body)
const creds = resolveCredentials(params)
logger.info(
`[${requestId}] Getting item ${params.itemId} from vault ${params.vaultId} (${creds.mode} mode)`
)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const item = await client.items.get(params.vaultId, params.itemId)
return NextResponse.json(normalizeSdkItem(item))
}
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}/items/${params.itemId}`,
method: 'GET',
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to get item' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Get item failed:`, error)
return NextResponse.json({ error: `Failed to get item: ${message}` }, { status: 500 })
}
}

78
apps/sim/app/api/tools/onepassword/get-vault/route.ts
View File

@@ -1,78 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkVault,
resolveCredentials,
} from '../utils'
const logger = createLogger('OnePasswordGetVaultAPI')
const GetVaultSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password get-vault attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = GetVaultSchema.parse(body)
const creds = resolveCredentials(params)
logger.info(`[${requestId}] Getting 1Password vault ${params.vaultId} (${creds.mode} mode)`)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const vaults = await client.vaults.list()
const vault = vaults.find((v) => v.id === params.vaultId)
if (!vault) {
return NextResponse.json({ error: 'Vault not found' }, { status: 404 })
}
return NextResponse.json(normalizeSdkVault(vault))
}
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}`,
method: 'GET',
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to get vault' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Get vault failed:`, error)
return NextResponse.json({ error: `Failed to get vault: ${message}` }, { status: 500 })
}
}

87
apps/sim/app/api/tools/onepassword/list-items/route.ts
View File

@@ -1,87 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkItemOverview,
resolveCredentials,
} from '../utils'
const logger = createLogger('OnePasswordListItemsAPI')
const ListItemsSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
filter: z.string().nullish(),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password list-items attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = ListItemsSchema.parse(body)
const creds = resolveCredentials(params)
logger.info(`[${requestId}] Listing items in vault ${params.vaultId} (${creds.mode} mode)`)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const items = await client.items.list(params.vaultId)
const normalized = items.map(normalizeSdkItemOverview)
if (params.filter) {
const filterLower = params.filter.toLowerCase()
const filtered = normalized.filter(
(item) =>
item.title?.toLowerCase().includes(filterLower) ||
item.id?.toLowerCase().includes(filterLower)
)
return NextResponse.json(filtered)
}
return NextResponse.json(normalized)
}
const query = params.filter ? `filter=${encodeURIComponent(params.filter)}` : undefined
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}/items`,
method: 'GET',
query,
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to list items' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] List items failed:`, error)
return NextResponse.json({ error: `Failed to list items: ${message}` }, { status: 500 })
}
}

85
apps/sim/app/api/tools/onepassword/list-vaults/route.ts
View File

@@ -1,85 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkVault,
resolveCredentials,
} from '../utils'
const logger = createLogger('OnePasswordListVaultsAPI')
const ListVaultsSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
filter: z.string().nullish(),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password list-vaults attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = ListVaultsSchema.parse(body)
const creds = resolveCredentials(params)
logger.info(`[${requestId}] Listing 1Password vaults (${creds.mode} mode)`)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const vaults = await client.vaults.list()
const normalized = vaults.map(normalizeSdkVault)
if (params.filter) {
const filterLower = params.filter.toLowerCase()
const filtered = normalized.filter(
(v) =>
v.name?.toLowerCase().includes(filterLower) || v.id?.toLowerCase().includes(filterLower)
)
return NextResponse.json(filtered)
}
return NextResponse.json(normalized)
}
const query = params.filter ? `filter=${encodeURIComponent(params.filter)}` : undefined
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: '/v1/vaults',
method: 'GET',
query,
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to list vaults' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] List vaults failed:`, error)
return NextResponse.json({ error: `Failed to list vaults: ${message}` }, { status: 500 })
}
}

117
apps/sim/app/api/tools/onepassword/replace-item/route.ts
View File

@@ -1,117 +0,0 @@
import { randomUUID } from 'crypto'
import type { Item } from '@1password/sdk'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkItem,
resolveCredentials,
toSdkCategory,
toSdkFieldType,
} from '../utils'
const logger = createLogger('OnePasswordReplaceItemAPI')
const ReplaceItemSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
itemId: z.string().min(1, 'Item ID is required'),
item: z.string().min(1, 'Item JSON is required'),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password replace-item attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = ReplaceItemSchema.parse(body)
const creds = resolveCredentials(params)
const itemData = JSON.parse(params.item)
logger.info(
`[${requestId}] Replacing item ${params.itemId} in vault ${params.vaultId} (${creds.mode} mode)`
)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const existing = await client.items.get(params.vaultId, params.itemId)
const sdkItem = {
...existing,
id: params.itemId,
title: itemData.title || existing.title,
category: itemData.category ? toSdkCategory(itemData.category) : existing.category,
vaultId: params.vaultId,
fields: itemData.fields
? (itemData.fields as Array<Record<string, any>>).map((f) => ({
id: f.id || randomUUID().slice(0, 8),
title: f.label || f.title || '',
fieldType: toSdkFieldType(f.type || 'STRING'),
value: f.value || '',
sectionId: f.section?.id ?? f.sectionId,
}))
: existing.fields,
sections: itemData.sections
? (itemData.sections as Array<Record<string, any>>).map((s) => ({
id: s.id || '',
title: s.label || s.title || '',
}))
: existing.sections,
notes: itemData.notes ?? existing.notes,
tags: itemData.tags ?? existing.tags,
websites:
itemData.urls || itemData.websites
? (itemData.urls ?? itemData.websites ?? []).map((u: Record<string, any>) => ({
url: u.href || u.url || '',
label: u.label || '',
autofillBehavior: 'AnywhereOnWebsite' as const,
}))
: existing.websites,
} as Item
const result = await client.items.put(sdkItem)
return NextResponse.json(normalizeSdkItem(result))
}
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}/items/${params.itemId}`,
method: 'PUT',
body: itemData,
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to replace item' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Replace item failed:`, error)
return NextResponse.json({ error: `Failed to replace item: ${message}` }, { status: 500 })
}
}

59
apps/sim/app/api/tools/onepassword/resolve-secret/route.ts
View File

@@ -1,59 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import { createOnePasswordClient, resolveCredentials } from '../utils'
const logger = createLogger('OnePasswordResolveSecretAPI')
const ResolveSecretSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
secretReference: z.string().min(1, 'Secret reference is required'),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password resolve-secret attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = ResolveSecretSchema.parse(body)
const creds = resolveCredentials(params)
if (creds.mode !== 'service_account') {
return NextResponse.json(
{ error: 'Resolve Secret is only available in Service Account mode' },
{ status: 400 }
)
}
logger.info(`[${requestId}] Resolving secret reference (service_account mode)`)
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const secret = await client.secrets.resolve(params.secretReference)
return NextResponse.json({
value: secret,
reference: params.secretReference,
})
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Resolve secret failed:`, error)
return NextResponse.json({ error: `Failed to resolve secret: ${message}` }, { status: 500 })
}
}

136
apps/sim/app/api/tools/onepassword/update-item/route.ts
View File

@@ -1,136 +0,0 @@
import { randomUUID } from 'crypto'
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkInternalAuth } from '@/lib/auth/hybrid'
import {
connectRequest,
createOnePasswordClient,
normalizeSdkItem,
resolveCredentials,
} from '../utils'
const logger = createLogger('OnePasswordUpdateItemAPI')
const UpdateItemSchema = z.object({
connectionMode: z.enum(['service_account', 'connect']).nullish(),
serviceAccountToken: z.string().nullish(),
serverUrl: z.string().nullish(),
apiKey: z.string().nullish(),
vaultId: z.string().min(1, 'Vault ID is required'),
itemId: z.string().min(1, 'Item ID is required'),
operations: z.string().min(1, 'Patch operations are required'),
})
export async function POST(request: NextRequest) {
const requestId = randomUUID().slice(0, 8)
const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
logger.warn(`[${requestId}] Unauthorized 1Password update-item attempt`)
return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}
try {
const body = await request.json()
const params = UpdateItemSchema.parse(body)
const creds = resolveCredentials(params)
const ops = JSON.parse(params.operations) as JsonPatchOperation[]
logger.info(
`[${requestId}] Updating item ${params.itemId} in vault ${params.vaultId} (${creds.mode} mode)`
)
if (creds.mode === 'service_account') {
const client = await createOnePasswordClient(creds.serviceAccountToken!)
const item = await client.items.get(params.vaultId, params.itemId)
for (const op of ops) {
applyPatch(item, op)
}
const result = await client.items.put(item)
return NextResponse.json(normalizeSdkItem(result))
}
const response = await connectRequest({
serverUrl: creds.serverUrl!,
apiKey: creds.apiKey!,
path: `/v1/vaults/${params.vaultId}/items/${params.itemId}`,
method: 'PATCH',
body: ops,
})
const data = await response.json()
if (!response.ok) {
return NextResponse.json(
{ error: data.message || 'Failed to update item' },
{ status: response.status }
)
}
return NextResponse.json(data)
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: 'Invalid request data', details: error.errors },
{ status: 400 }
)
}
const message = error instanceof Error ? error.message : 'Unknown error'
logger.error(`[${requestId}] Update item failed:`, error)
return NextResponse.json({ error: `Failed to update item: ${message}` }, { status: 500 })
}
}
interface JsonPatchOperation {
op: 'add' | 'remove' | 'replace'
path: string
value?: unknown
}
/** Apply a single RFC6902 JSON Patch operation to a mutable object. */
// eslint-disable-next-line @typescript-eslint/no-explicit-any
function applyPatch(item: Record<string, any>, op: JsonPatchOperation) {
const segments = op.path.split('/').filter(Boolean)
if (segments.length === 1) {
const key = segments[0]
if (op.op === 'replace' || op.op === 'add') {
item[key] = op.value
} else if (op.op === 'remove') {
delete item[key]
}
return
}
let target = item
for (let i = 0; i < segments.length - 1; i++) {
const seg = segments[i]
if (Array.isArray(target)) {
target = target[Number(seg)]
} else {
target = target[seg]
}
if (target === undefined || target === null) return
}
const lastSeg = segments[segments.length - 1]
if (op.op === 'replace' || op.op === 'add') {
if (Array.isArray(target) && lastSeg === '-') {
target.push(op.value)
} else if (Array.isArray(target)) {
target[Number(lastSeg)] = op.value
} else {
target[lastSeg] = op.value
}
} else if (op.op === 'remove') {
if (Array.isArray(target)) {
target.splice(Number(lastSeg), 1)
} else {
delete target[lastSeg]
}
}
}

357
apps/sim/app/api/tools/onepassword/utils.ts
View File

@@ -1,357 +0,0 @@
import type {
Item,
ItemCategory,
ItemField,
ItemFieldType,
ItemOverview,
ItemSection,
VaultOverview,
Website,
} from '@1password/sdk'
/** Connect-format field type strings returned by normalization. */
type ConnectFieldType =
| 'STRING'
| 'CONCEALED'
| 'EMAIL'
| 'URL'
| 'OTP'
| 'PHONE'
| 'DATE'
| 'MONTH_YEAR'
| 'MENU'
| 'ADDRESS'
| 'REFERENCE'
| 'SSHKEY'
| 'CREDIT_CARD_NUMBER'
| 'CREDIT_CARD_TYPE'
/** Connect-format category strings returned by normalization. */
type ConnectCategory =
| 'LOGIN'
| 'PASSWORD'
| 'API_CREDENTIAL'
| 'SECURE_NOTE'
| 'SERVER'
| 'DATABASE'
| 'CREDIT_CARD'
| 'IDENTITY'
| 'SSH_KEY'
| 'DOCUMENT'
| 'SOFTWARE_LICENSE'
| 'EMAIL_ACCOUNT'
| 'MEMBERSHIP'
| 'PASSPORT'
| 'REWARD_PROGRAM'
| 'DRIVER_LICENSE'
| 'BANK_ACCOUNT'
| 'MEDICAL_RECORD'
| 'OUTDOOR_LICENSE'
| 'WIRELESS_ROUTER'
| 'SOCIAL_SECURITY_NUMBER'
| 'CUSTOM'
/** Normalized vault shape matching the Connect API response. */
export interface NormalizedVault {
id: string
name: string
description: null
attributeVersion: number
contentVersion: number
items: number
type: string
createdAt: string | null
updatedAt: string | null
}
/** Normalized item overview shape matching the Connect API response. */
export interface NormalizedItemOverview {
id: string
title: string
vault: { id: string }
category: ConnectCategory
urls: Array<{ href: string; label: string | null; primary: boolean }>
favorite: boolean
tags: string[]
version: number
state: string | null
createdAt: string | null
updatedAt: string | null
lastEditedBy: null
}
/** Normalized field shape matching the Connect API response. */
export interface NormalizedField {
id: string
label: string
type: ConnectFieldType
purpose: string
value: string | null
section: { id: string } | null
generate: boolean
recipe: null
entropy: null
}
/** Normalized full item shape matching the Connect API response. */
export interface NormalizedItem extends NormalizedItemOverview {
fields: NormalizedField[]
sections: Array<{ id: string; label: string }>
}
/**
* SDK field type string values → Connect field type mapping.
* Uses string literals instead of enum imports to avoid loading the WASM module at build time.
*/
const SDK_TO_CONNECT_FIELD_TYPE: Record<string, ConnectFieldType> = {
Text: 'STRING',
Concealed: 'CONCEALED',
Email: 'EMAIL',
Url: 'URL',
Totp: 'OTP',
Phone: 'PHONE',
Date: 'DATE',
MonthYear: 'MONTH_YEAR',
Menu: 'MENU',
Address: 'ADDRESS',
Reference: 'REFERENCE',
SshKey: 'SSHKEY',
CreditCardNumber: 'CREDIT_CARD_NUMBER',
CreditCardType: 'CREDIT_CARD_TYPE',
}
/** SDK category string values → Connect category mapping. */
const SDK_TO_CONNECT_CATEGORY: Record<string, ConnectCategory> = {
Login: 'LOGIN',
Password: 'PASSWORD',
ApiCredentials: 'API_CREDENTIAL',
SecureNote: 'SECURE_NOTE',
Server: 'SERVER',
Database: 'DATABASE',
CreditCard: 'CREDIT_CARD',
Identity: 'IDENTITY',
SshKey: 'SSH_KEY',
Document: 'DOCUMENT',
SoftwareLicense: 'SOFTWARE_LICENSE',
Email: 'EMAIL_ACCOUNT',
Membership: 'MEMBERSHIP',
Passport: 'PASSPORT',
Rewards: 'REWARD_PROGRAM',
DriverLicense: 'DRIVER_LICENSE',
BankAccount: 'BANK_ACCOUNT',
MedicalRecord: 'MEDICAL_RECORD',
OutdoorLicense: 'OUTDOOR_LICENSE',
Router: 'WIRELESS_ROUTER',
SocialSecurityNumber: 'SOCIAL_SECURITY_NUMBER',
CryptoWallet: 'CUSTOM',
Person: 'CUSTOM',
Unsupported: 'CUSTOM',
}
/** Connect category → SDK category string mapping. */
const CONNECT_TO_SDK_CATEGORY: Record<string, `${ItemCategory}`> = {
LOGIN: 'Login',
PASSWORD: 'Password',
API_CREDENTIAL: 'ApiCredentials',
SECURE_NOTE: 'SecureNote',
SERVER: 'Server',
DATABASE: 'Database',
CREDIT_CARD: 'CreditCard',
IDENTITY: 'Identity',
SSH_KEY: 'SshKey',
DOCUMENT: 'Document',
SOFTWARE_LICENSE: 'SoftwareLicense',
EMAIL_ACCOUNT: 'Email',
MEMBERSHIP: 'Membership',
PASSPORT: 'Passport',
REWARD_PROGRAM: 'Rewards',
DRIVER_LICENSE: 'DriverLicense',
BANK_ACCOUNT: 'BankAccount',
MEDICAL_RECORD: 'MedicalRecord',
OUTDOOR_LICENSE: 'OutdoorLicense',
WIRELESS_ROUTER: 'Router',
SOCIAL_SECURITY_NUMBER: 'SocialSecurityNumber',
}
/** Connect field type → SDK field type string mapping. */
const CONNECT_TO_SDK_FIELD_TYPE: Record<string, `${ItemFieldType}`> = {
STRING: 'Text',
CONCEALED: 'Concealed',
EMAIL: 'Email',
URL: 'Url',
OTP: 'Totp',
TOTP: 'Totp',
PHONE: 'Phone',
DATE: 'Date',
MONTH_YEAR: 'MonthYear',
MENU: 'Menu',
ADDRESS: 'Address',
REFERENCE: 'Reference',
SSHKEY: 'SshKey',
CREDIT_CARD_NUMBER: 'CreditCardNumber',
CREDIT_CARD_TYPE: 'CreditCardType',
}
export type ConnectionMode = 'service_account' | 'connect'
export interface CredentialParams {
connectionMode?: ConnectionMode | null
serviceAccountToken?: string | null
serverUrl?: string | null
apiKey?: string | null
}
export interface ResolvedCredentials {
mode: ConnectionMode
serviceAccountToken?: string
serverUrl?: string
apiKey?: string
}
/** Determine which backend to use based on provided credentials. */
export function resolveCredentials(params: CredentialParams): ResolvedCredentials {
const mode = params.connectionMode ?? (params.serviceAccountToken ? 'service_account' : 'connect')
if (mode === 'service_account') {
if (!params.serviceAccountToken) {
throw new Error('Service Account token is required for Service Account mode')
}
return { mode, serviceAccountToken: params.serviceAccountToken }
}
if (!params.serverUrl || !params.apiKey) {
throw new Error('Server URL and Connect token are required for Connect Server mode')
}
return { mode, serverUrl: params.serverUrl, apiKey: params.apiKey }
}
/**
* Create a 1Password SDK client from a service account token.
* Uses dynamic import to avoid loading the WASM module at build time.
*/
export async function createOnePasswordClient(serviceAccountToken: string) {
const { createClient } = await import('@1password/sdk')
return createClient({
auth: serviceAccountToken,
integrationName: 'Sim Studio',
integrationVersion: '1.0.0',
})
}
/** Proxy a request to the 1Password Connect Server. */
export async function connectRequest(options: {
serverUrl: string
apiKey: string
path: string
method: string
body?: unknown
query?: string
}): Promise<Response> {
const base = options.serverUrl.replace(/\/$/, '')
const queryStr = options.query ? `?${options.query}` : ''
const url = `${base}${options.path}${queryStr}`
const headers: Record<string, string> = {
Authorization: `Bearer ${options.apiKey}`,
}
if (options.body) {
headers['Content-Type'] = 'application/json'
}
return fetch(url, {
method: options.method,
headers,
body: options.body ? JSON.stringify(options.body) : undefined,
})
}
/** Normalize an SDK VaultOverview to match Connect API vault shape. */
export function normalizeSdkVault(vault: VaultOverview): NormalizedVault {
return {
id: vault.id,
name: vault.title,
description: null,
attributeVersion: 0,
contentVersion: 0,
items: 0,
type: 'USER_CREATED',
createdAt:
vault.createdAt instanceof Date ? vault.createdAt.toISOString() : (vault.createdAt ?? null),
updatedAt:
vault.updatedAt instanceof Date ? vault.updatedAt.toISOString() : (vault.updatedAt ?? null),
}
}
/** Normalize an SDK ItemOverview to match Connect API item summary shape. */
export function normalizeSdkItemOverview(item: ItemOverview): NormalizedItemOverview {
return {
id: item.id,
title: item.title,
vault: { id: item.vaultId },
category: SDK_TO_CONNECT_CATEGORY[item.category] ?? 'CUSTOM',
urls: (item.websites ?? []).map((w: Website) => ({
href: w.url,
label: w.label ?? null,
primary: false,
})),
favorite: false,
tags: item.tags ?? [],
version: 0,
state: item.state === 'archived' ? 'ARCHIVED' : null,
createdAt:
item.createdAt instanceof Date ? item.createdAt.toISOString() : (item.createdAt ?? null),
updatedAt:
item.updatedAt instanceof Date ? item.updatedAt.toISOString() : (item.updatedAt ?? null),
lastEditedBy: null,
}
}
/** Normalize a full SDK Item to match Connect API FullItem shape. */
export function normalizeSdkItem(item: Item): NormalizedItem {
return {
id: item.id,
title: item.title,
vault: { id: item.vaultId },
category: SDK_TO_CONNECT_CATEGORY[item.category] ?? 'CUSTOM',
urls: (item.websites ?? []).map((w: Website) => ({
href: w.url,
label: w.label ?? null,
primary: false,
})),
favorite: false,
tags: item.tags ?? [],
version: item.version ?? 0,
state: null,
fields: (item.fields ?? []).map((field: ItemField) => ({
id: field.id,
label: field.title,
type: SDK_TO_CONNECT_FIELD_TYPE[field.fieldType] ?? 'STRING',
purpose: '',
value: field.value ?? null,
section: field.sectionId ? { id: field.sectionId } : null,
generate: false,
recipe: null,
entropy: null,
})),
sections: (item.sections ?? []).map((section: ItemSection) => ({
id: section.id,
label: section.title,
})),
createdAt:
item.createdAt instanceof Date ? item.createdAt.toISOString() : (item.createdAt ?? null),
updatedAt:
item.updatedAt instanceof Date ? item.updatedAt.toISOString() : (item.updatedAt ?? null),
lastEditedBy: null,
}
}
/** Convert a Connect-style category string to the SDK category string. */
export function toSdkCategory(category: string): `${ItemCategory}` {
return CONNECT_TO_SDK_CATEGORY[category] ?? 'Login'
}
/** Convert a Connect-style field type string to the SDK field type string. */
export function toSdkFieldType(type: string): `${ItemFieldType}` {
return CONNECT_TO_SDK_FIELD_TYPE[type] ?? 'Text'
}

4
apps/sim/app/api/users/me/usage-logs/route.ts
View File

@@ -1,7 +1,7 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
import { checkHybridAuth } from '@/lib/auth/hybrid'
import { getUserUsageLogs, type UsageLogSource } from '@/lib/billing/core/usage-log'
const logger = createLogger('UsageLogsAPI')
@@ -20,7 +20,7 @@ const QuerySchema = z.object({
*/
export async function GET(req: NextRequest) {
try {
const auth = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
const auth = await checkHybridAuth(req, { requireWorkflowId: false })
if (!auth.success || !auth.userId) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })

114
apps/sim/app/api/v1/copilot/chat/route.ts
View File

@@ -1,114 +0,0 @@
import { createLogger } from '@sim/logger'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { getCopilotModel } from '@/lib/copilot/config'
import { SIM_AGENT_VERSION } from '@/lib/copilot/constants'
import { COPILOT_REQUEST_MODES } from '@/lib/copilot/models'
import { orchestrateCopilotStream } from '@/lib/copilot/orchestrator'
import { resolveWorkflowIdForUser } from '@/lib/workflows/utils'
import { authenticateV1Request } from '@/app/api/v1/auth'
const logger = createLogger('CopilotHeadlessAPI')
const RequestSchema = z.object({
message: z.string().min(1, 'message is required'),
workflowId: z.string().optional(),
workflowName: z.string().optional(),
chatId: z.string().optional(),
mode: z.enum(COPILOT_REQUEST_MODES).optional().default('agent'),
model: z.string().optional(),
autoExecuteTools: z.boolean().optional().default(true),
timeout: z.number().optional().default(300000),
})
/**
* POST /api/v1/copilot/chat
* Headless copilot endpoint for server-side orchestration.
*
* workflowId is optional - if not provided:
* - If workflowName is provided, finds that workflow
* - Otherwise uses the user's first workflow as context
* - The copilot can still operate on any workflow using list_user_workflows
*/
export async function POST(req: NextRequest) {
const auth = await authenticateV1Request(req)
if (!auth.authenticated || !auth.userId) {
return NextResponse.json(
{ success: false, error: auth.error || 'Unauthorized' },
{ status: 401 }
)
}
try {
const body = await req.json()
const parsed = RequestSchema.parse(body)
const defaults = getCopilotModel('chat')
const selectedModel = parsed.model || defaults.model
// Resolve workflow ID
const resolved = await resolveWorkflowIdForUser(
auth.userId,
parsed.workflowId,
parsed.workflowName
)
if (!resolved) {
return NextResponse.json(
{
success: false,
error: 'No workflows found. Create a workflow first or provide a valid workflowId.',
},
{ status: 400 }
)
}
// Transform mode to transport mode (same as client API)
// build and agent both map to 'agent' on the backend
const effectiveMode = parsed.mode === 'agent' ? 'build' : parsed.mode
const transportMode = effectiveMode === 'build' ? 'agent' : effectiveMode
// Always generate a chatId - required for artifacts system to work with subagents
const chatId = parsed.chatId || crypto.randomUUID()
const requestPayload = {
message: parsed.message,
workflowId: resolved.workflowId,
userId: auth.userId,
model: selectedModel,
mode: transportMode,
messageId: crypto.randomUUID(),
version: SIM_AGENT_VERSION,
headless: true,
chatId,
}
const result = await orchestrateCopilotStream(requestPayload, {
userId: auth.userId,
workflowId: resolved.workflowId,
chatId,
autoExecuteTools: parsed.autoExecuteTools,
timeout: parsed.timeout,
interactive: false,
})
return NextResponse.json({
success: result.success,
content: result.content,
toolCalls: result.toolCalls,
chatId: result.chatId || chatId, // Return the chatId for conversation continuity
conversationId: result.conversationId,
error: result.error,
})
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ success: false, error: 'Invalid request', details: error.errors },
{ status: 400 }
)
}
logger.error('Headless copilot request failed', {
error: error instanceof Error ? error.message : String(error),
})
return NextResponse.json({ success: false, error: 'Internal server error' }, { status: 500 })
}
}

87
apps/sim/app/api/workflows/[id]/execute/route.ts
View File

@@ -33,11 +33,7 @@ import { createHttpResponseFromBlock, workflowHasResponseBlock } from '@/lib/wor
import { executeWorkflowJob, type WorkflowExecutionPayload } from '@/background/workflow-execution'
import { normalizeName } from '@/executor/constants'
import { ExecutionSnapshot } from '@/executor/execution/snapshot'
import type {
ExecutionMetadata,
IterationContext,
SerializableExecutionState,
} from '@/executor/execution/types'
import type { ExecutionMetadata, IterationContext } from '@/executor/execution/types'
import type { NormalizedBlockOutput, StreamingExecution } from '@/executor/types'
import { hasExecutionResult } from '@/executor/utils/errors'
import { Serializer } from '@/serializer'
@@ -66,23 +62,20 @@ const ExecuteWorkflowSchema = z.object({
runFromBlock: z
.object({
startBlockId: z.string().min(1, 'Start block ID is required'),
sourceSnapshot: z
.object({
blockStates: z.record(z.any()),
executedBlocks: z.array(z.string()),
blockLogs: z.array(z.any()),
decisions: z.object({
router: z.record(z.string()),
condition: z.record(z.string()),
}),
completedLoops: z.array(z.string()),
loopExecutions: z.record(z.any()).optional(),
parallelExecutions: z.record(z.any()).optional(),
parallelBlockMapping: z.record(z.any()).optional(),
activeExecutionPath: z.array(z.string()),
})
.optional(),
executionId: z.string().optional(),
sourceSnapshot: z.object({
blockStates: z.record(z.any()),
executedBlocks: z.array(z.string()),
blockLogs: z.array(z.any()),
decisions: z.object({
router: z.record(z.string()),
condition: z.record(z.string()),
}),
completedLoops: z.array(z.string()),
loopExecutions: z.record(z.any()).optional(),
parallelExecutions: z.record(z.any()).optional(),
parallelBlockMapping: z.record(z.any()).optional(),
activeExecutionPath: z.array(z.string()),
}),
})
.optional(),
})
@@ -276,47 +269,9 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
base64MaxBytes,
workflowStateOverride,
stopAfterBlockId,
runFromBlock: rawRunFromBlock,
runFromBlock,
} = validation.data
// Resolve runFromBlock snapshot from executionId if needed
let resolvedRunFromBlock:
| { startBlockId: string; sourceSnapshot: SerializableExecutionState }
| undefined
if (rawRunFromBlock) {
if (rawRunFromBlock.sourceSnapshot) {
resolvedRunFromBlock = {
startBlockId: rawRunFromBlock.startBlockId,
sourceSnapshot: rawRunFromBlock.sourceSnapshot as SerializableExecutionState,
}
} else if (rawRunFromBlock.executionId) {
const { getExecutionState, getLatestExecutionState } = await import(
'@/lib/workflows/executor/execution-state'
)
const snapshot =
rawRunFromBlock.executionId === 'latest'
? await getLatestExecutionState(workflowId)
: await getExecutionState(rawRunFromBlock.executionId)
if (!snapshot) {
return NextResponse.json(
{
error: `No execution state found for ${rawRunFromBlock.executionId === 'latest' ? 'workflow' : `execution ${rawRunFromBlock.executionId}`}. Run the full workflow first.`,
},
{ status: 400 }
)
}
resolvedRunFromBlock = {
startBlockId: rawRunFromBlock.startBlockId,
sourceSnapshot: snapshot,
}
} else {
return NextResponse.json(
{ error: 'runFromBlock requires either sourceSnapshot or executionId' },
{ status: 400 }
)
}
}
// For API key and internal JWT auth, the entire body is the input (except for our control fields)
// For session auth, the input is explicitly provided in the input field
const input =
@@ -370,11 +325,6 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
requestId
)
// Client-side sessions and personal API keys bill/permission-check the
// authenticated user, not the workspace billed account.
const useAuthenticatedUserAsActor =
isClientSession || (auth.authType === 'api_key' && auth.apiKeyType === 'personal')
const preprocessResult = await preprocessExecution({
workflowId,
userId,
@@ -384,7 +334,6 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
checkDeployment: !shouldUseDraftState,
loggingSession,
useDraftState: shouldUseDraftState,
useAuthenticatedUserAsActor,
})
if (!preprocessResult.success) {
@@ -541,7 +490,7 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
includeFileBase64,
base64MaxBytes,
stopAfterBlockId,
runFromBlock: resolvedRunFromBlock,
runFromBlock,
abortSignal: timeoutController.signal,
})
@@ -882,7 +831,7 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
includeFileBase64,
base64MaxBytes,
stopAfterBlockId,
runFromBlock: resolvedRunFromBlock,
runFromBlock,
})
if (result.status === 'paused') {

18
apps/sim/app/workspace/[workspaceId]/logs/components/log-details/components/file-download/file-download.tsx
View File

@@ -74,7 +74,8 @@ function FileCard({ file, isExecutionFile = false, workspaceId }: FileCardProps)
}
if (isExecutionFile) {
const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
const serveUrl =
file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
window.open(serveUrl, '_blank')
logger.info(`Opened execution file serve URL: ${serveUrl}`)
} else {
@@ -87,12 +88,16 @@ function FileCard({ file, isExecutionFile = false, workspaceId }: FileCardProps)
logger.warn(
`Could not construct viewer URL for file: ${file.name}, falling back to serve URL`
)
const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
const serveUrl =
file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
window.open(serveUrl, '_blank')
}
}
} catch (error) {
logger.error(`Failed to download file ${file.name}:`, error)
if (file.url) {
window.open(file.url, '_blank')
}
} finally {
setIsDownloading(false)
}
@@ -193,7 +198,8 @@ export function FileDownload({
}
if (isExecutionFile) {
const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
const serveUrl =
file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
window.open(serveUrl, '_blank')
logger.info(`Opened execution file serve URL: ${serveUrl}`)
} else {
@@ -206,12 +212,16 @@ export function FileDownload({
logger.warn(
`Could not construct viewer URL for file: ${file.name}, falling back to serve URL`
)
const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
const serveUrl =
file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
window.open(serveUrl, '_blank')
}
}
} catch (error) {
logger.error(`Failed to download file ${file.name}:`, error)
if (file.url) {
window.open(file.url, '_blank')
}
} finally {
setIsDownloading(false)
}

2
apps/sim/app/workspace/[workspaceId]/logs/components/logs-toolbar/components/notifications/components/workflow-selector/workflow-selector.tsx
View File

@@ -89,7 +89,7 @@ export function WorkflowSelector({
onMouseDown={(e) => handleRemove(e, w.id)}
>
{w.name}
<X className='!text-[var(--text-primary)] h-4 w-4 flex-shrink-0 opacity-50' />
<X className='h-3 w-3' />
</Badge>
))}
{selectedWorkflows.length > 2 && (

56
apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/chat/components/output-select/output-select.tsx
View File

@@ -4,8 +4,11 @@ import type React from 'react'
import { useMemo } from 'react'
import { RepeatIcon, SplitIcon } from 'lucide-react'
import { Combobox, type ComboboxOptionGroup } from '@/components/emcn'
import { getEffectiveBlockOutputs } from '@/lib/workflows/blocks/block-outputs'
import { hasTriggerCapability } from '@/lib/workflows/triggers/trigger-utils'
import {
extractFieldsFromSchema,
parseResponseFormatSafely,
} from '@/lib/core/utils/response-format'
import { getToolOutputs } from '@/lib/workflows/blocks/block-outputs'
import { getBlock } from '@/blocks'
import { useWorkflowDiffStore } from '@/stores/workflow-diff/store'
import { useSubBlockStore } from '@/stores/workflows/subblock/store'
@@ -121,26 +124,41 @@ export function OutputSelect({
: `block-${block.id}`
const blockConfig = getBlock(block.type)
const isTriggerCapable = blockConfig ? hasTriggerCapability(blockConfig) : false
const effectiveTriggerMode = Boolean(block.triggerMode && isTriggerCapable)
const responseFormatValue =
shouldUseBaseline && baselineWorkflow
? baselineWorkflow.blocks?.[block.id]?.subBlocks?.responseFormat?.value
: subBlockValues?.[block.id]?.responseFormat
const responseFormat = parseResponseFormatSafely(responseFormatValue, block.id)
let outputsToProcess: Record<string, unknown> = {}
const rawSubBlockValues =
shouldUseBaseline && baselineWorkflow
? baselineWorkflow.blocks?.[block.id]?.subBlocks
: subBlockValues?.[block.id]
const subBlocks: Record<string, { value: unknown }> = {}
if (rawSubBlockValues && typeof rawSubBlockValues === 'object') {
for (const [key, val] of Object.entries(rawSubBlockValues)) {
// Handle both { value: ... } and raw value formats
subBlocks[key] = val && typeof val === 'object' && 'value' in val ? val : { value: val }
}
}
outputsToProcess = getEffectiveBlockOutputs(block.type, subBlocks, {
triggerMode: effectiveTriggerMode,
preferToolOutputs: !effectiveTriggerMode,
}) as Record<string, unknown>
if (responseFormat) {
const schemaFields = extractFieldsFromSchema(responseFormat)
if (schemaFields.length > 0) {
schemaFields.forEach((field) => {
outputsToProcess[field.name] = { type: field.type }
})
} else {
outputsToProcess = blockConfig?.outputs || {}
}
} else {
// Build subBlocks object for tool selector
const rawSubBlockValues =
shouldUseBaseline && baselineWorkflow
? baselineWorkflow.blocks?.[block.id]?.subBlocks
: subBlockValues?.[block.id]
const subBlocks: Record<string, { value: unknown }> = {}
if (rawSubBlockValues && typeof rawSubBlockValues === 'object') {
for (const [key, val] of Object.entries(rawSubBlockValues)) {
// Handle both { value: ... } and raw value formats
subBlocks[key] = val && typeof val === 'object' && 'value' in val ? val : { value: val }
}
}
const toolOutputs = blockConfig ? getToolOutputs(blockConfig, subBlocks) : {}
outputsToProcess =
Object.keys(toolOutputs).length > 0 ? toolOutputs : blockConfig?.outputs || {}
}
if (Object.keys(outputsToProcess).length === 0) return

Some files were not shown because too many files have changed in this diff Show More