> ## Documentation Index
> Fetch the complete documentation index at: https://docs.flashduty.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List sessions

> List agent sessions visible to the caller, filtered by app, surface, archive status, and team.

## Restrictions

| Aspect      | Value                                                         |
| ----------- | ------------------------------------------------------------- |
| Rate limits | **1,000 requests/minute**; **50 requests/second** per account |
| Permissions | None — any valid `app_key` can call this operation            |

## Usage

* Pagination uses `p`/`limit` (max 100); `scope` defaults to `all` (own + member-of-team rows).
* `is_running` reflects the live run-set; `has_unread` is computed per calling user.


## OpenAPI

````yaml /api-reference/safari.openapi.en.json post /safari/session/list
openapi: 3.1.0
info:
  title: Flashduty Open API
  description: >-
    Public HTTP API for the Flashduty AI SRE platform — skills, MCP servers
    (connectors), A2A agents, and sessions. Every operation is authenticated
    with an `app_key` query parameter issued from the Flashduty console.
  version: 1.0.0
servers:
  - url: https://api.flashcat.cloud
    description: Flashduty Open API
security:
  - AppKeyAuth: []
tags:
  - name: AI SRE/Skills
  - name: AI SRE/MCP servers
  - name: AI SRE/A2A agents
  - name: AI SRE/Sessions
  - name: AI SRE/Automations
paths:
  /safari/session/list:
    post:
      tags:
        - AI SRE/Sessions
      summary: List sessions
      description: >-
        List agent sessions visible to the caller, filtered by app, surface,
        archive status, and team.
      operationId: session-read-list
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SessionListRequest'
            example:
              app_name: ai-sre
              limit: 2
              orderby: updated_at
              scope: all
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                allOf:
                  - $ref: '#/components/schemas/ResponseEnvelope'
                  - type: object
                    properties:
                      data:
                        $ref: '#/components/schemas/SessionListResponse'
              example:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                data:
                  total: 988
                  sessions:
                    - session_id: sess_f8oDvqiG64uur6sBNsTc4u
                      session_name: Investigate cloud-assistant first heartbeat
                      app_name: ai-sre
                      entry_kind: web
                      person_id: '3790925372131'
                      team_id: 0
                      is_mine: false
                      can_manage: true
                      status: enabled
                      incognito: false
                      created_at: 1780367971228
                      updated_at: 1780367993457
                      token_usage:
                        input_tokens: 14948
                        cached_tokens: 11520
                        output_tokens: 888
                        reasoning_tokens: 351
                      current_context_tokens: 14948
                      context_window: 0
                      archived_at: 0
                      pinned_at: 0
                      last_event_at: 1780367992649
                      is_running: false
                      has_unread: true
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '429':
          $ref: '#/components/responses/TooManyRequests'
        '500':
          $ref: '#/components/responses/ServerError'
      security:
        - AppKeyAuth: []
components:
  schemas:
    SessionListRequest:
      type: object
      description: >-
        Filters for listing agent sessions. Reads are scoped to the resolved
        account and the caller's visible teams.
      properties:
        app_name:
          type: string
          description: Agent app whose sessions to list.
          enum:
            - ask-ai
            - support
            - support-website
            - support-flashcat
            - ai-sre
            - template-assistant
            - swe
        p:
          type: integer
          description: Page number, 1-based.
          default: 1
          minimum: 1
        limit:
          type: integer
          description: Page size, 1–100.
          minimum: 1
          maximum: 100
          default: 20
        orderby:
          type: string
          description: Sort field.
          enum:
            - created_at
            - updated_at
        asc:
          type: boolean
          description: Ascending order when true; applies only when `orderby` is set.
        include_subagent_sessions:
          type: boolean
          description: Include subagent-dispatched sessions in the list.
        keyword:
          type: string
          description: Filter by session-name keyword.
          maxLength: 64
        scope:
          type: string
          description: >-
            Visibility scope: all (own + member-of-team rows, default),
            personal, or team.
          enum:
            - all
            - personal
            - team
        team_ids:
          type: array
          items:
            type: integer
            format: int64
          description: Optional explicit team filter; intersects with `scope`.
        entry_kinds:
          type: array
          items:
            type: string
            enum:
              - web
              - im
              - api
              - automation
          description: >-
            Restrict to sessions produced by these surfaces; empty returns every
            kind.
        status:
          type: string
          description: >-
            Archive bucket: active (default) returns un-archived, archived
            returns archived, all returns both.
          enum:
            - active
            - archived
            - all
      required:
        - app_name
    ResponseEnvelope:
      type: object
      description: >-
        Standard response envelope used by every Flashduty public API. On
        success `data` contains the endpoint-specific payload and `error` is
        absent. On failure `error` is present and `data` is absent. `request_id`
        is always present and is also mirrored in the `Flashcat-Request-Id`
        response header.
      properties:
        request_id:
          type: string
          description: >-
            Unique ID for this request. Mirrored in the Flashcat-Request-Id
            header. Include it when reporting issues.
          example: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
        error:
          $ref: '#/components/schemas/DutyError'
        data:
          description: Endpoint-specific payload. See each operation's 200 response schema.
      required:
        - request_id
    SessionListResponse:
      type: object
      description: A page of agent sessions.
      properties:
        total:
          type: integer
          format: int64
          description: Total number of sessions matching the filter (ignoring pagination).
        sessions:
          type: array
          items:
            $ref: '#/components/schemas/SessionItem'
          description: The page of sessions.
    DutyError:
      type: object
      description: >-
        Error payload inside the response envelope. Present only on non-2xx
        responses.
      properties:
        code:
          $ref: '#/components/schemas/ErrorCode'
        message:
          type: string
          description: >-
            Human-readable error message, localized by the caller's
            Accept-Language. May contain field names, IDs, or other context from
            the failing request.
      required:
        - code
        - message
    SessionItem:
      type: object
      description: One agent session row.
      properties:
        session_id:
          type: string
          description: Session identifier.
        parent_session_id:
          type: string
          description: Parent session id for subagent (child) sessions; empty otherwise.
        session_name:
          type: string
          description: Session title; may be empty for untitled sessions.
        app_name:
          type: string
          description: Agent app that owns the session.
        entry_kind:
          type: string
          description: Surface that created the session.
          enum:
            - web
            - im
            - api
            - scheduled
            - subagent
        person_id:
          type: string
          description: Creator person id.
        team_id:
          type: integer
          format: int64
          description: Owning team id; 0 means no team is bound. Immutable after create.
        team_name:
          type: string
          description: Resolved team name; empty for unbound rows or deleted teams.
        is_mine:
          type: boolean
          description: True when the caller created this session.
        can_manage:
          type: boolean
          description: True when the caller may rename/archive/delete the session.
        status:
          type: string
          description: Lifecycle status.
          enum:
            - enabled
            - deleted
        incognito:
          type: boolean
          description: True for incognito (non-persisted-memory) sessions.
        created_at:
          type: integer
          format: int64
          description: Unix timestamp in milliseconds when the session was created.
        updated_at:
          type: integer
          format: int64
          description: Unix timestamp in milliseconds of the last session update.
        template_staging_round_id:
          type: string
          description: >-
            Current save→validate round id (template-assistant only); empty
            otherwise.
        state:
          type: object
          additionalProperties: true
          description: Raw session-state bag (session-scoped keys). Omitted when empty.
        bound_environment:
          $ref: '#/components/schemas/EnvironmentBinding'
        context_resolved:
          $ref: '#/components/schemas/ContextResolvedItem'
        token_usage:
          $ref: '#/components/schemas/SessionTokenUsage'
        current_context_tokens:
          type: integer
          format: int64
          description: >-
            Size in tokens of the LLM context window as of the most recent turn.
            0 means no turn has completed.
        context_window:
          type: integer
          format: int64
          description: The bound model's max context size in tokens. 0 means unknown.
        archived_at:
          type: integer
          format: int64
          description: Unix timestamp in milliseconds when archived; 0 means not archived.
        pinned_at:
          type: integer
          format: int64
          description: Caller's per-user pin timestamp in milliseconds; 0 means not pinned.
        last_event_at:
          type: integer
          format: int64
          description: >-
            Unix timestamp in milliseconds of the most recent assistant-side
            event.
        is_running:
          type: boolean
          description: True when an agent turn is currently in flight for this session.
        has_unread:
          type: boolean
          description: True when there is assistant output the caller has not yet viewed.
    ErrorResponse:
      type: object
      description: Response envelope for errors. `error` is required; `data` is absent.
      properties:
        request_id:
          type: string
          example: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
        error:
          $ref: '#/components/schemas/DutyError'
      required:
        - request_id
        - error
    ErrorCode:
      type: string
      description: >-
        Flashduty error code enum. Every failed API response sets `error.code`
        to one of these values. The value is a stable wire string — not a
        localized message and not a numeric status. HTTP status is
        informational.
      enum:
        - OK
        - InvalidParameter
        - BadRequest
        - InvalidContentType
        - ResourceNotFound
        - NoLicense
        - ReferenceExist
        - Unauthorized
        - BalanceNotEnough
        - AccessDenied
        - RouteNotFound
        - MethodNotAllowed
        - UndonedOrderExist
        - RequestLocked
        - EntityTooLarge
        - RequestTooFrequently
        - RequestVerifyRequired
        - DangerousOperation
        - InternalError
        - ServiceUnavailable
    EnvironmentBinding:
      type: object
      description: >-
        The runner or cloud sandbox the session is bound to. Null until the
        first message.
      properties:
        kind:
          type: string
          description: Environment kind (e.g. runner, sandbox).
        id:
          type: string
          description: Environment identifier.
        name:
          type: string
          description: Human-readable environment name.
        status:
          type: string
          description: Binding status.
    ContextResolvedItem:
      type: object
      description: Snapshot of the three-tier knowledge-pack resolution for this session.
      properties:
        account_pack_id:
          type: string
          description: Resolved account-scoped pack id.
        team_pack_id:
          type: string
          description: Resolved team-scoped pack id.
        incident_id:
          type: string
          description: Bound incident id, when war-room originated.
        resolved_at_ms:
          type: integer
          format: int64
          description: Unix timestamp in milliseconds when the packs were resolved.
        versions:
          type: object
          additionalProperties:
            type: integer
          description: Per-pack resolved version map.
    SessionTokenUsage:
      type: object
      description: >-
        Cumulative session-level token rollup across all turns. The
        account-billing source of truth.
      properties:
        input_tokens:
          type: integer
          format: int64
          description: Total prompt (input) tokens, including the cached portion.
        cached_tokens:
          type: integer
          format: int64
          description: Portion of input_tokens served from the prompt cache.
        output_tokens:
          type: integer
          format: int64
          description: Total generated (output) tokens.
        reasoning_tokens:
          type: integer
          format: int64
          description: Total reasoning/thinking tokens.
  responses:
    BadRequest:
      description: Invalid request — usually a missing or malformed parameter.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            missingParameter:
              summary: Missing required parameter
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: InvalidParameter
                  message: The specified parameter skill_id is not valid.
    Unauthorized:
      description: Missing or invalid app_key.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            missingAppKey:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: Unauthorized
                  message: You are unauthorized.
    TooManyRequests:
      description: Rate limit hit. Either the global API limit or a per-account limit.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            rateLimited:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: RequestTooFrequently
                  message: Request too frequently.
    ServerError:
      description: Unexpected server-side error. Include the request_id when reporting.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            internal:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: InternalError
                  message: >-
                    We encountered an internal error, and it has been reported.
                    Please try again later.
  securitySchemes:
    AppKeyAuth:
      type: apiKey
      in: query
      name: app_key
      description: >-
        App key issued from the Flashduty console. Required on every public API
        call. Keep it secret — it grants the same access as the owning account.

````