Endpoint
Authentication
Authenticate using one of:| Method | Details |
|---|---|
| Protocol header | Pass the token in the Sec-WebSocket-Protocol header as Bearer, YOUR_TOKEN |
| Query parameter | Append ?token=YOUR_TOKEN to the WebSocket URL |
Message Format
All messages are JSON with achannel field that identifies the target subsystem. Five channels are multiplexed over a single connection:
| Channel | Purpose |
|---|---|
terminal | PTY terminal sessions |
files | File system operations and watching |
agent | AI agent interaction and streaming |
ports | Port discovery and preview URLs |
config | Workspace configuration |
channel and type. Additional fields depend on the specific message type.
Connection Keepalive
| Parameter | Value |
|---|---|
| Ping interval | 45 seconds |
| Pong timeout | 120 seconds |
| Write timeout | 30 seconds |
| Max message size | 1 MB |
Connection Lifecycle
- Connect — Client sends an HTTP upgrade request with authentication credentials.
- Authenticate — Server validates the token and upgrades the connection.
- Channels active — All five channels are immediately available for messaging.
- Keepalive — Server sends periodic pings; client responds with pongs.
- Close — Either side can close the connection gracefully.
Reconnection
Conversation history and workspace state are persisted, so reconnecting to the same workspace resumes where you left off. On disconnect:- Terminal sessions remain running in the background.
- Agent conversation history is replayed automatically.
- File watcher events that occurred during disconnection are not replayed, but the current file state is always available via
listandreadoperations.