docs(llms): surface CLI device-flow, INSTANT_TOKEN, MCP operate tools, ignored_fields, recycle claim token#30
Merged
Conversation
…, ignored_fields, recycle claim_url token
Prod is on 25233bf. Update the llms.txt source-of-truth so AI agents discover
capabilities now LIVE. Each claim verified against api.instanode.dev + the api repo:
1. CLI device-flow: document POST /auth/cli/{id}/complete (closes the loop) +
`instant login` browser flow + headless PAT fallback. Fix status enum
(approved -> complete), expires_in field, 10min TTL, /login?cli_session host.
2. Canonical bearer env var = INSTANT_TOKEN (NOT INSTANODE_TOKEN). New 401-recovery
convention: device-flow or INSTANT_TOKEN PAT, never the browser /login.
3. New MCP section: the MCP can OPERATE the bundle (get_capabilities,
get_deployment_events, set/rotate_vault_key, update_deploy/stack_env,
presign_storage, pause/resume_resource, rotate_credentials, wake_deployment),
not just create. Tool names matched to the registered set in mcp/src/index.ts.
4. ignored_fields: provision responses echo unrecognized request keys (region/size)
so hallucinated fields get a signal. New convention 8 + live-verified example.
5. Recycle 402 claim_url now carries ?t=<jwt> (/start?t= -> claim?t=), not a
tokenless dead-end. Live-verified on prod.
KEEP INTACT (unchanged): HARD Team gate (launching soon / contact sales),
finite tier limits (match plans.yaml), anon-deploy-via-/stacks/new example.
openapi.json + instanode-web public/llms.txt mirror to follow in a coordinated
pass (api repo currently locked by an open PR).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Updates
llms.txt(the agent-facing source-of-truth) so AI agents discover capabilities that are now LIVE on prod (25233bf). Every claim was verified againstapi.instanode.devand theapirepo before writing — nothing invented.Additions / corrections (before → after)
1. CLI device-flow login
POST /auth/cli/{id}/completeendpoint (the step the dashboard calls after browser login to close the loop — previously undocumented, the flow looked open-ended).CLI login (instant login)bullet describing the full 4-step flow + headless PAT fallback + token resolution order./auth/clidetails:expires_at→expires_in; status enumapproved→complete;5min→10minsession TTL; noted theauth_urlis a/login?cli_session=<id>dashboard URL.2. Canonical bearer env var =
INSTANT_TOKENINSTANT_TOKEN(explicitly notINSTANODE_TOKEN), and on a401the agent path is the device-flow or a PAT inINSTANT_TOKEN— never the browser/login. (No staleINSTANODE_TOKENreferences existed in the doc to scrub.)3. MCP can operate, not just create
MCP serversection. Lists provision/deploy/read tools,get_capabilities,get_deployment_events, and the operate set:set_vault_key,rotate_vault_key,update_deploy_env,update_stack_env,presign_storage,pause_resource,resume_resource,rotate_credentials,wake_deployment. Tool names matched exactly to the registered set inmcp/src/index.ts(e.g.create_postgres,claim_resource— notcreate_db/claim_token).4.
ignored_fieldsignored_fieldsarray. Live-verified on prod:{"name":"db","region":"nyc3","size":"large"}→"ignored_fields":["region","size"].5. Recycle recovery claim_url
free_tier_recycle_requires_claim402'sclaim_urlis now a working tokenized link (/start?t=<jwt>→claim?t=<jwt>), not a tokenless dead-end. Live-verified on prod (the 402 envelope returnsupgrade_url/claim_urlcarrying a real?t=JWT).Kept intact (unchanged)
api/plans.yaml, untouched./stacks/newexample (deployments_apps=0for anon) — untouched.Follow-up
The
openapi.jsonspec and theinstanode-webpublic/llms.txtmirror will be synced in a follow-up coordinated pass — theapirepo is currently locked by an open PR.🤖 Generated with Claude Code