https://builder.flowyte.com/api/v1.
Authenticate every request with a secret API key:
Authorization: Bearer flowyte_sk_…. See
Authentication to mint one. Below, KIND is postgres or mysql.What you’ll wire up
| Action | Endpoint | Scope |
|---|---|---|
| Generate a scoped DB user | GET /integrations/{kind}/sql/scripts | integrations:read |
| Test the connection | POST /integrations/{kind}/sql/test | integrations:write |
| Connect | POST /integrations/{kind}/connect | integrations:write |
| Discover the schema | POST /integrations/{kind}/discover | integrations:write |
| Scope out sensitive data | PATCH /integrations/{kind}/scoping | integrations:write |
| Bind a read as a skill | POST /agents/{id}/integrations/{kind}/bindings | skills:write |
| Publish | POST /agents/{id}/publish | agents:write |
Create a least-privilege database user
Generate the setup SQL, then run it on your database as an admin. Never connect Flowyte with your
admin credentials — create a scoped user instead.For read-only lookups, run the
readOnly script. Only add the scoped write script (pass
?tables=appointments,requests) if the agent needs to insert or update rows.Test the credentials
Validate before you store anything. The check runs reachability, TLS, auth, a read probe, a
read-only-session proof, and a latency verdict, and returns an overall
ok.Connect
Pass the same credentials to the connect endpoint. They’re encrypted at rest and never returned.
Discover the schema, then scope out anything sensitive
Introspect the database, then block tables or columns the agent should never see — they vanish from
the schema browser and are refused at bind time.
Bind a lookup as a skill
Map a read onto a skill: pick the operation, map the caller’s input to its filter, and project the
columns you want back. It compiles to a frozen, parameterized query — the agent supplies the
parameter and never sees raw SQL.
Safety model
- Least privilege — you connect a scoped user, not an admin. Reads are read-only; writes are limited to the tables you granted.
- Data scoping — blocked tables and columns never reach the schema browser, the AI assistant, or a binding.
- Frozen queries — a binding compiles to one parameterized statement. The agent passes parameters; it can’t run arbitrary SQL, and writes land disabled until you review them.