API Reference

HASP exposes three HTTP surfaces that matter to AI Studio integrators. They are intentionally separate: Studio management (authenticated builders on the platform), agent runtime (org subdomain — discovery + A2A invocation), and AI inference (public API gateway).

1. HASP Internal API (Studio management)

Base URL: https://app.usehasp.com These routes power AI Studio in the browser. They are defined in TypeSpec (apps/platform/api/ in the HASP monorepo) and compiled to OpenAPI (apps/platform/api/openapi.yaml). All endpoints are shown as full absolute URLs; the common path prefix is /api/internal/. Authentication: Session-backed requests from signed-in org members (same auth model as the Studio UI), not api.usehasp.com API keys. Use these from your own backend only if you mirror HASP’s session or future server-to-server contract — the supported path for customers is the Studio UI plus documented public surfaces below.

Projects & structure

Method	Endpoint	Description
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects`	List projects; create a project
`GET`, `PATCH`, `DELETE`	`https://app.usehasp.com/api/internal/projects/{project_id}`	Project detail; update; archive
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects/{project_id}/apps`	Apps in the project
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects/{project_id}/workflows`	Workflows
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects/{project_id}/entities`	Entities
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects/{project_id}/webhooks`	Webhooks
`GET`, `PATCH`	`https://app.usehasp.com/api/internal/projects/{project_id}/policy`	Project policy
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects/{project_id}/members`	List members; add / invite
`PATCH`, `DELETE`	`https://app.usehasp.com/api/internal/projects/{project_id}/members/{user_id}`	Member updates

Dashboards & activity

Method	Endpoint	Description
`GET`	`https://app.usehasp.com/api/internal/orgs/{org_id}/dashboard/overview`	Org dashboard rollup
`GET`	`https://app.usehasp.com/api/internal/orgs/{org_id}/dashboard/projects`	Org project list for dashboard
`GET`	`https://app.usehasp.com/api/internal/orgs/{org_id}/dashboard/health-rollup`	Aggregate health
`GET`	`https://app.usehasp.com/api/internal/projects/{project_id}/dashboard/overview`	Project overview
`GET`	`https://app.usehasp.com/api/internal/projects/{project_id}/dashboard/activity`	Activity feed
`GET`	`https://app.usehasp.com/api/internal/projects/{project_id}/dashboard/audit-log`	Project audit log
`GET`	`https://app.usehasp.com/api/internal/projects/{project_id}/dashboard/analytics`	Analytics

Releases

Method	Endpoint	Description
`GET`, `POST`	`https://app.usehasp.com/api/internal/projects/{project_id}/releases`	List / create release
`GET`	`https://app.usehasp.com/api/internal/releases/{release_id}`	Release detail
`POST`	`https://app.usehasp.com/api/internal/releases/{release_id}/approve`	Approve
`POST`	`https://app.usehasp.com/api/internal/releases/{release_id}/cancel`	Cancel
`POST`	`https://app.usehasp.com/api/internal/releases/{release_id}/deploy`	Deploy
`POST`	`https://app.usehasp.com/api/internal/releases/{release_id}/reject`	Reject
`POST`	`https://app.usehasp.com/api/internal/releases/{release_id}/rollback`	Rollback
`POST`	`https://app.usehasp.com/api/internal/releases/{release_id}/emergency-rollback`	Emergency rollback

Traces & workflow runs

Method	Endpoint	Description
`GET`	`https://app.usehasp.com/api/internal/projects/{project_id}/traces`	List traces
`GET`	`https://app.usehasp.com/api/internal/traces/{trace_id}`	Trace detail
`POST`	`https://app.usehasp.com/api/internal/traces/{trace_id}/replay`	Replay
`GET`	`https://app.usehasp.com/api/internal/traces/{trace_id}/export`	Export trace
`POST`	`https://app.usehasp.com/api/internal/traces/{trace_id}/elevate-phi`	PHI-elevated view (policy-controlled)
`GET`, `POST`	`https://app.usehasp.com/api/internal/workflows/{workflow_id}/runs`	List runs; create run
`POST`	`https://app.usehasp.com/api/internal/workflows/{workflow_id}/test`	Test execution

Entities & records

Method	Endpoint	Description
`GET`, `PATCH`, `DELETE`	`https://app.usehasp.com/api/internal/entities/{entity_id}`	Entity schema
`GET`, `POST`	`https://app.usehasp.com/api/internal/entities/{entity_id}/records`	List / create records
`GET`, `PATCH`, `DELETE`	`https://app.usehasp.com/api/internal/entities/{entity_id}/records/{record_id}`	Record CRUD

Integrations, webhooks, settings

Method	Endpoint	Description
`GET`, `POST`	`https://app.usehasp.com/api/internal/orgs/{org_id}/integrations`	Org integrations
`GET`, `PATCH`, `DELETE`	`https://app.usehasp.com/api/internal/orgs/{org_id}/integrations/{integration_id}`	Integration CRUD
`POST`	`https://app.usehasp.com/api/internal/integrations/{integration_id}/test`	Test connection
`GET`, `PATCH`, `DELETE`	`https://app.usehasp.com/api/internal/webhooks/{webhook_id}`	Webhook resource
`GET`	`https://app.usehasp.com/api/internal/webhooks/{webhook_id}/receipts`	Inbound receipts
`POST`	`https://app.usehasp.com/api/internal/webhooks/{webhook_id}/test`	Test webhook
`GET`, `PATCH`	`https://app.usehasp.com/api/internal/orgs/{org_id}/settings/phi-policy`	Org PHI policy
`GET`, `PATCH`	`https://app.usehasp.com/api/internal/orgs/{org_id}/settings/release-policy`	Org release floor

Discovery (capability surfacing for builders)

Method	Endpoint	Description
`GET`	`https://app.usehasp.com/api/internal/orgs/{org_id}/discovery/apps`	Apps gallery / discovery
`GET`	`https://app.usehasp.com/api/internal/orgs/{org_id}/discovery/workflows`	Workflows gallery
`GET`	`https://app.usehasp.com/api/internal/orgs/{org_id}/discovery/agentic-patterns`	Agentic patterns index

Palette (authoring assist)

Method	Endpoint	Description
`POST`	`https://app.usehasp.com/api/internal/palette/query`	Palette query
`POST`	`https://app.usehasp.com/api/internal/palette/execute`	Palette execute

TypeSpec source of truth

The machine-readable contract is generated from TypeSpec — not hand-maintained in this docs repo. When a path or schema changes, the platform export is authoritative. If you need exhaustive request/response shapes, use openapi.yaml from the platform tree or ask HASP for a published export.

2. Org runtime — A2A & discovery

Base URL: https://{org}.usehasp.run (or your Enterprise custom domain)

Method	Endpoint	Description
`GET`	`https://{org}.usehasp.run/.well-known/agents.json`	Public capability manifest (agent-callable workflows)
`POST`	`https://{org}.usehasp.run/a2a/{project_slug}/{workflow_slug}`	JSON-RPC 2.0 (`method: "invoke"`); Authorization: `Bearer hasp_key_live_*` org API key with `workflow:invoke` (A2A; OAuth `AgentCaller` verification planned)

See A2A protocol for payloads, auth, and standards alignment.

3. Public AI API (inference gateway)

Base URL: https://api.usehasp.com/v1 Inference, native chat, and Anthropic-compatible /messages live here. Authenticate with a HASP API key:

Authorization: Bearer hasp_key_live_<key>

Interactive reference and the published OpenAPI document ship with this site under AI API. Start at AI API quickstart.

App Builder SDK — client-side data API for workflow apps on usehasp.run
A2A protocol — agents, discovery, JSON-RPC invocation
Platform compliance — BAA, audit, and trust context

​1. HASP Internal API (Studio management)

​Projects & structure

​Dashboards & activity

​Releases

​Traces & workflow runs

​Entities & records

​Integrations, webhooks, settings

​Discovery (capability surfacing for builders)

​Palette (authoring assist)

​TypeSpec source of truth

​2. Org runtime — A2A & discovery

​3. Public AI API (inference gateway)

​Related docs