Interacting with Cortx in Headless Mode (Agentic API via Postman)

Overview

Cortx enables secure headless interaction through Agentic APIs. This allows users to invoke Models and Agents directly via API without accessing the UI.

Headless interaction is ideal for:

  • Backend integrations

  • Automated pipelines

  • External system orchestration

  • CI/CD workflows

  • Programmatic AI execution

Prerequisites

Before starting, ensure you have the following:

From the Cortx Platform
  • Agentic API Base URL

  • Data API URL

  • Headless APIs.postman_collection.json file

  • Workspace access with API invocation permissions

System Requirements
  • Postman installed locally

  • Valid Cortx user account

  • Permission to generate Personal Access Tokens

⚠ Ensure the provided API URLs do not include trailing slashes (/).

Step 1 — Import the Postman Collection

  • Open Postman

  • Click Import (top left corner)

  • Select the .json file

  • Click Import

After importing, the collection will appear in your Collections panel with all the endpoints

Step 2 — Configure Environment Variables

  • Click on any of the API requests.

  • In the request URL bar, you will see variables like: {{agentic-api}}

  • Hover over the variable.

  • Click Set as variable, or

  • Click the Variables tab at the bottom.

Under the “headless api’s” collection variables, fill in:
Variable Value
agentic-api Paste the Agentic API Base URL
agent-data Paste the Data API URL
token To be filled (refer Step 3)
⚠ Double-check that URLs do not contain trailing slashes.

Step 3 — Get Your Bearer Token

Headless access requires authentication via a Personal Access Token (PAT).

Generate via Cortx UI
  • Log into Cortx

  • Click your User Profile (top right)

  • Select Settings

  • Navigate to Token Management

  • Click Create New Token

  • Enter:

    • Token Name

    • Expiration Date

  • Click Create

  • Copy the generated token securely

Paste Token into Postman

Return to Postman and paste the copied token value into the: Token field under the headless api’s variables section.

Your environment is now configured.

Step 4 — Run the API

Click the Send button (blue button next to the URL bar).

If configured correctly:

  • The API executes successfully

  • A JSON response appears in the response panel below

This confirms that headless connectivity is working.

Step 5 — Customize Your Prompt

To modify the query being sent:

  • Navigate to the Body tab

  • Locate the content field

  • Replace the placeholder text with your own prompt

Example:

{
  “model”: “gpt-oss-120B”,
  “messages”: [
      {
        “role”: “user”,
        “content”: “Explain inflation in simple terms.”
      }
  ]
}

You should see a structured JSON response containing:

  • Model or Agent output

  • Generated content

  • Execution metadata (if applicable)

  • Click Send

  • Review the response in the lower panel

Example response snippet:

{
“content”: “Inflation is the rate at which prices increase over time…”
}

You can continue modifying the “content” field and re-sending the request to test different queries.

What Happens Behind the Scenes

When you click Send:

  1. Request is sent to the Agentic API

  2. Bearer token is validated

  3. RBAC permissions are enforced

  4. Model or Agent executes

  5. Response is returned as structured JSON

  6. Execution is logged under Observability

This ensures governance and traceability even in headless mode.

Troubleshooting

Before starting, ensure you have the following:

1. “detail not found”

Possible Causes:

  • Invalid or expired Bearer token

  • Incorrect API URL

  • Trailing slash in the URL

Resolution:

  • Verify token is valid and correctly pasted

  • Ensure URLs do not contain trailing slashes

  • Confirm correct environment variables are selected

2. “can’t find model”

Possible Cause:

  • Incorrect model name in request body

Resolution:

  • Ensure the model name is exactly. Remove any typos or extra spaces.
3. Authentication Error

Possible Cause:

  • Expired or invalid Bearer token

Resolution:

  1. Log into Cortx

  2. Navigate to Settings → Token Management

  3. Generate a new token

  4. Replace the token in Postman

  5. Re-run the request

Best Practices

  • Do not expose tokens in frontend applications

  • Rotate tokens regularly

  • Use short expiration tokens for testing

  • Maintain environment separation (Dev / Prod)

  • Store tokens securely

  • Monitor API activity via Observability

Summary

Headless mode enables secure, governed API-based interaction with Cortx Models and Agents.
The complete flow:

Import CollectionConfigure VariablesGenerate TokenRun APICustomize PromptView Response

This allows direct backend interaction while maintaining authentication, governance, and execution logging within Cortx.

Was this article helpful?

On this page