API Reference

NOME uses bearer token authentication on all API endpoints. Tokens are issued through the canonical sign-in flow (WorkOS for enterprise, Google/Firebase for personal accounts).

Every request should include X-Nome-Client-Surface, X-Nome-Client-Version, and X-Nome-Client-Revision headers for build identity tracking.

Chat endpoints use Server-Sent Events (SSE) for real-time streaming. Events include run.started, text deltas, tool calls, approval requests, and run.completed.

The streaming protocol preserves the full harness contract — every streamed event carries run ID, work item ID, and receipt metadata.

Threads are the canonical conversation container. List, create, rename, and delete threads through the API. Thread history is cross-device and cross-session.

Messages within threads carry full metadata including domain hints, tier used, tools invoked, and episode IDs for replay.

Runs are created through chat, Agents, or direct API calls. Each run has a lifecycle: pending → active → completed/failed.

The durable run event log supports monitoring active runs and replaying completed runs. Events are append-only and typed for deterministic replay.

Tools are invoked within runs and produce typed receipts. Dangerous tools require approval — the approval queue surfaces pending requests across all devices.

The tool policy matrix defines per-tool governance that the API enforces: max calls, approval tiers, offline behavior, and allowed roles.

Marketplace endpoints manage package discovery, install state, and GitHub imports. Account endpoints resolve bootstrap, usage/credits, downloads, and billing state.

All marketplace and account operations respect tenant guardrails and entitlement prerequisites.

NOME supports webhook ingestion from GitHub, Slack, Google Workspace, and WhatsApp. Each connector has its own verification path (signing secrets, OAuth tokens).

Connector installs expose lifecycle state through health checks, refresh seams, and failure summaries. Sweep jobs handle degraded-install recovery.