API

Artifacts

The artifacts API is the file boundary for durable run and agent outputs. Normal API clients read artifacts. Workers publish them with an active job lease so Mobius can establish trustworthy lineage.

Read artifacts

List metadata, inspect one artifact, or stream its bytes:

GET /v1/projects/{project}/artifacts
GET /v1/projects/{project}/artifacts/{artifact_id}
GET /v1/projects/{project}/artifacts/{artifact_id}/content

Filter the list by run or step when you need output from one execution:

GET /v1/projects/{project}/artifacts?run_id={run_id}

A metadata response includes the name, media type, byte size, checksum, visibility, owner, and run lineage when one exists.

Request a short-lived download URL when your client should fetch from storage directly:

POST /v1/projects/{project}/artifacts/{artifact_id}/signed-url

Publish from a worker

Workers upload multipart content to:

POST /v1/projects/{project}/artifacts

The request must carry the active claim token:

X-Mobius-Lease-Token: <lease-token>

Mobius derives the run, step, job, worker session, attempt, owner, and visibility from that claim. Caller-supplied lineage is rejected so an unrelated principal cannot forge run history.

Quota and deletion

Read current storage usage and limits at:

GET /v1/projects/{project}/artifacts/quota

Deleting an artifact removes its stored bytes from quota. Mobius retains enough metadata for audit and run-history views.

DELETE /v1/projects/{project}/artifacts/{artifact_id}

Next