Gateway
The gateway is your agent's front door. One class — OwnwareGateway from the ownware package — serves every profile in a folder as a single HTTP+SSE service with bearer-token auth, persistent threads, connectors, and schedules.
For AI agentscondensed build recipe
new OwnwareGateway({ profilesDir: './profiles', port: 4000, tls: false }).start() boots the service (the CLI ownware serve defaults to port 3011; these library examples use 4000 so both can run side by side); ownware.port and ownware.token give the connection details. Requests need Authorization: Bearer <token> only when auth is on (any non-loopback bind); on the localhost default it's off. Start a run: POST /api/v1/run with {"profileId","prompt","model"?,"threadId"?} → {threadId}. Stream events: GET /api/v1/threads/{threadId}/agents/root/events?since=<seq> with Accept: text/event-stream. Answer permission prompts: POST /api/v1/threads/{threadId}/resume with {"action":"approve"|"deny"}. List usable models: GET /api/v1/models.
When to use the gateway
- You want your agent reachable by more than one client (terminal, web, channels) — or by any client at all over HTTP.
- Prefer the in-process API (
Engine/Session) when a single app embeds the agent directly and doesn't need HTTP, persistent threads, or channel adapters.
Quickstart
import { OwnwareGateway } from 'ownware'
const ownware = new OwnwareGateway({
profilesDir: './profiles',
port: 4000,
tls: false, // plain HTTP — for localhost only
})
await ownware.start()
console.log(`live at http://localhost:${ownware.port}`)
console.log(`token: ${ownware.token}`)Port note: these library examples use
4000. Theownware serveCLI (and every first-party client — channels, schedules) defaults to3011— so if you paste a curl that says:3011, that's the CLI default, and:4000is this embedded example's explicit override.
How it works
On start(), the gateway discovers every profile in profilesDir, assembles each into a runnable agent (see Thinking in Ownware), and exposes them all through one API. Each run executes in a thread; threads, the credential vault, and memory persist in ~/.ownware/ (OWNWARE_DATA_DIR to override) — stop and restart the process and your conversations are still there.
Warning — the gateway defaults to TLS on (self-signed certificate).
tls: falsekeeps first contact copy-paste simple on localhost, but never expose a plain-HTTP gateway beyond loopback.OWNWARE_*environment variables configure host, port, TLS, and auth.
Go deeper
| I want to… | Read |
|---|---|
| The full wire contract, endpoint by endpoint | The run API |
| Put the agent on messaging platforms | Channels |
| Understand permissions and security | Thinking in Ownware § security |