Create agent

POST/v1/agents

Create a new agent configuration. Managed models include Claude, OpenAI, Gemini, DeepSeek, and Kimi entries. Team and Enterprise workspaces can also use connected external models from /agents/models.

How to call this endpoint

Every ACP API request uses bearer authentication. The examples here show the actual request path, auth header, and body shape that the platform expects.

Path, query, and header parameters

These parameters control which ACP object the endpoint acts on and how the request is processed.

Path parameters

None.

Query parameters

None.

Body schema

Content type: application/json · Required

Field	Type	Required	Description
id	string	No	Optional custom agent ID.
name	string	Yes	Human-readable agent name.
description	string	No	Short summary of the agent's purpose.
model	string	Yes	Model identifier for the agent. Built-in managed models: - `claude-opus-4-7` - `claude-opus-4-6` - `claude-sonnet-4-5` - `claude-haiku-4-5` - `gpt-5.5-pro` - `gpt-5.5` - `gpt-5.4` - `gpt-5.4-mini` - `gpt-5.4-nano` - `gemini-3-flash` - `gemini-3-1-flash` - `gemini-3-1-pro` - `deepseek-v4-pro` - `deepseek-v4-flash` - `kimi-k2.6` Team and Enterprise workspaces can also use connected external models in the form `external:{providerType}:{urlEncodedModelId}`. Use `GET /agents/models` to discover the exact managed and external model IDs available in the current workspace.
instructions	string	No	System instructions that define how the agent should operate.
binary	Claude Code CLI	No	Execution binary used for the agent runtime.
reasoningEffort	minimal \| low \| medium \| high	No	Reasoning intensity used by the execution runtime.
enabledSkills	string[]	No	Skill IDs enabled for the agent.
deepResearchModel	gemini-3-flash-preview \| gemini-3-pro-preview	No	Optional model override used by the deep research skill when enabled.
permissionSet	object	No	Agent permission policy. The shape is intentionally subject-typed so it can also be reused for human users and teams later.
permissionSet.version	1	No	—
permissionSet.subjectType	agent \| human_user \| team	No	—
permissionSet.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources	object	No	—
permissionSet.resources.agents	object	No	—
permissionSet.resources.agents.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.agents.rules	object[]	No	—
permissionSet.resources.agents.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.agents.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.agents.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.agents.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.agents.rules[].note	string	No	Optional human-readable note for the rule.
permissionSet.resources.skills	object	No	—
permissionSet.resources.skills.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.skills.rules	object[]	No	—
permissionSet.resources.skills.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.skills.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.skills.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.skills.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.skills.rules[].note	string	No	Optional human-readable note for the rule.
permissionSet.resources.servers	object	No	—
permissionSet.resources.servers.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.servers.rules	object[]	No	—
permissionSet.resources.servers.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.servers.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.servers.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.servers.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.servers.rules[].note	string	No	Optional human-readable note for the rule.
permissionSet.resources.computers	object	No	—
permissionSet.resources.computers.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.computers.rules	object[]	No	—
permissionSet.resources.computers.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.computers.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.computers.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.computers.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.computers.rules[].note	string	No	Optional human-readable note for the rule.
permissionSet.resources.files	object	No	—
permissionSet.resources.files.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.files.rules	object[]	No	—
permissionSet.resources.files.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.files.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.files.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.files.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.files.rules[].note	string	No	Optional human-readable note for the rule.
permissionSet.resources.directories	object	No	—
permissionSet.resources.directories.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.directories.rules	object[]	No	—
permissionSet.resources.directories.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.directories.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.directories.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.directories.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.directories.rules[].note	string	No	Optional human-readable note for the rule.
permissionSet.resources.projects	object	No	—
permissionSet.resources.projects.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.projects.rules	object[]	No	—
permissionSet.resources.projects.rules[].id	string	No	Optional stable rule ID.
permissionSet.resources.projects.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
permissionSet.resources.projects.rules[].path	string	No	Optional file or directory path for path-scoped rules.
permissionSet.resources.projects.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
permissionSet.resources.projects.rules[].note	string	No	Optional human-readable note for the rule.
metadata	object	No	Optional agent metadata, including advanced workspace-specific configuration.
isDefault	boolean	No	Internal/default-agent flag. Most clients should omit this.
isSystem	boolean	No	Internal/system-agent flag. Most clients should omit this.

What the API returns

Each response code below includes the documented payload shape for the ACP API.

201Agent createdapplication/json

Field	Type	Required	Description
agent	object	No	—
agent.id	string	No	Unique identifier.
agent.userId	string	No	User ID.
agent.projectId	string	No	Project ID.
agent.name	string	No	Human-readable name.
agent.description	string	No	Human-readable description.
agent.model	string	No	Model identifier for the agent. Built-in managed models: - `claude-opus-4-7` - `claude-opus-4-6` - `claude-sonnet-4-5` - `claude-haiku-4-5` - `gpt-5.5-pro` - `gpt-5.5` - `gpt-5.4` - `gpt-5.4-mini` - `gpt-5.4-nano` - `gemini-3-flash` - `gemini-3-1-flash` - `gemini-3-1-pro` - `deepseek-v4-pro` - `deepseek-v4-flash` - `kimi-k2.6` Team and Enterprise workspaces can also use connected external models in the form `external:{providerType}:{urlEncodedModelId}`. Use `GET /agents/models` to discover the exact managed and external model IDs available in the current workspace.
agent.instructions	string	No	—
agent.binary	Claude Code CLI	No	Execution binary used for the agent runtime.
agent.reasoningEffort	minimal \| low \| medium \| high	No	Reasoning intensity used by the execution runtime.
agent.enabledSkills	string[]	No	Skill IDs enabled for this agent, for example `deep_research` or custom installed skills.
agent.deepResearchModel	gemini-3-flash-preview \| gemini-3-pro-preview	No	Optional model override used by the deep research skill when enabled.
agent.permissionSet	object	No	Agent permission policy. The shape is intentionally subject-typed so it can also be reused for human users and teams later.
agent.permissionSet.version	1	No	—
agent.permissionSet.subjectType	agent \| human_user \| team	No	—
agent.permissionSet.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources	object	No	—
agent.permissionSet.resources.agents	object	No	—
agent.permissionSet.resources.agents.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.agents.rules	object[]	No	—
agent.permissionSet.resources.agents.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.agents.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.agents.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.agents.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.agents.rules[].note	string	No	Optional human-readable note for the rule.
agent.permissionSet.resources.skills	object	No	—
agent.permissionSet.resources.skills.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.skills.rules	object[]	No	—
agent.permissionSet.resources.skills.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.skills.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.skills.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.skills.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.skills.rules[].note	string	No	Optional human-readable note for the rule.
agent.permissionSet.resources.servers	object	No	—
agent.permissionSet.resources.servers.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.servers.rules	object[]	No	—
agent.permissionSet.resources.servers.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.servers.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.servers.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.servers.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.servers.rules[].note	string	No	Optional human-readable note for the rule.
agent.permissionSet.resources.computers	object	No	—
agent.permissionSet.resources.computers.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.computers.rules	object[]	No	—
agent.permissionSet.resources.computers.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.computers.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.computers.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.computers.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.computers.rules[].note	string	No	Optional human-readable note for the rule.
agent.permissionSet.resources.files	object	No	—
agent.permissionSet.resources.files.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.files.rules	object[]	No	—
agent.permissionSet.resources.files.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.files.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.files.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.files.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.files.rules[].note	string	No	Optional human-readable note for the rule.
agent.permissionSet.resources.directories	object	No	—
agent.permissionSet.resources.directories.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.directories.rules	object[]	No	—
agent.permissionSet.resources.directories.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.directories.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.directories.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.directories.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.directories.rules[].note	string	No	Optional human-readable note for the rule.
agent.permissionSet.resources.projects	object	No	—
agent.permissionSet.resources.projects.defaultAccess	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.projects.rules	object[]	No	—
agent.permissionSet.resources.projects.rules[].id	string	No	Optional stable rule ID.
agent.permissionSet.resources.projects.rules[].targetId	string	No	Optional resource identifier for agent, skill, server, computer, or project rules.
agent.permissionSet.resources.projects.rules[].path	string	No	Optional file or directory path for path-scoped rules.
agent.permissionSet.resources.projects.rules[].access	full_access \| ask_for_permission \| read_only \| no_access	No	Access level for a resource category. `full_access` allows viewing and actions, `ask_for_permission` allows proposed actions that require approval, `read_only` allows viewing without mutation, and `no_access` blocks view and action access.
agent.permissionSet.resources.projects.rules[].note	string	No	Optional human-readable note for the rule.
agent.isDefault	boolean	No	—
agent.isSystem	boolean	No	—
agent.isActive	boolean	No	—
agent.metadata	object	No	Free-form metadata object.
agent.createdAt	string	No	ISO 8601 timestamp.
agent.updatedAt	string	No	ISO 8601 timestamp.
agent.lastRunAt	string	No	—

Create agent

Response 201

See the ACP quickstart and SDK flow