Source:
docs/manual/ui.mdThis page is generated by
site/scripts/sync-manual-docs.mjs.
Web UI
Cruvero's web UI is served by cmd/ui and provides the runtime control plane for runs, supervisor orchestration, Knowledge Bases, agents, MCP, governance, and tenant operations.
Source: cmd/ui/main.go, cmd/ui/runtime_routes.go, cmd/ui/frontend/*
Start
go run ./cmd/ui --addr :8080
Open http://localhost:8080.
UI Modes
CRUVERO_UI_MODE=react(default): React SPA served by the Go binary.CRUVERO_UI_MODE=htmx: legacy server-rendered mode retained for compatibility.
Current Control Plane Scope
- Run lifecycle: create runs, replay, approve, answer, inspect, explain, failure analysis.
- Supervisor orchestration: multi-agent start, preflight preview, run preview simulation, feature ripple scoring.
- Knowledge Bases: create/update/delete KBs, upload documents, trigger embeddings, bind KBs to prompt registry versions.
- Run templates: persist and reuse launch form states for single-agent and supervisor runs.
- Agent administration: create agents, inspect capability/trust status, create agent versions, track MCP liveness bindings.
- Governance: audit, security, immune, quota, PII, model approvals/preferences.
- Platform operations: health, dashboards, queues/workers, events, tenant and user management.
Route Inventory
- React route definitions:
cmd/ui/frontend/src/App.tsx - Current route surface: 54 routes (including auth, aliases, and catch-all).
- Detailed page inventory and role gates: React Web UI and UI Page Guide.
Runtime API Surface (Key Endpoints)
Authoritative registrations live in cmd/ui/main.go and cmd/ui/runtime_routes.go.
Runs and Supervisor
GET /api/runsGET /api/runGET /api/streamPOST /api/executePOST /api/replayPOST /api/approvePOST /api/answerPOST /api/runs/{id}/feedbackPOST /api/runs/{id}/analyze-failureGET /api/runs/{id}/explainPOST /api/supervisor/startPOST /api/supervisor/preflight-previewPOST /api/supervisor/preview-runPOST /api/supervisor/feature-rippleGET /api/supervisor/runGET /api/supervisor/blackboardPOST /api/supervisor/signal
Knowledge Bases and Templates
GET|POST /api/knowledge-basesGET|PUT|DELETE /api/knowledge-bases/{id}POST /api/knowledge-bases/{id}/uploadPOST /api/knowledge-bases/{id}/embedGET|POST /api/run-templatesGET /api/run-templates/{id}
Flows, MCP, and Admin
GET|POST /api/flowsPOST /api/flows/{name}/validatePOST /api/flows/{name}/previewPOST /api/flows/{name}/deployGET|POST /api/mcp/serversGET /api/mcp/toolsGET /api/mcpgw/gatewaysGET|PUT /api/tenant/settingsGET /api/tenant/usersGET|PUT /api/settings/overridesGET|PUT /api/tool-settings
Core Ops and Governance
GET /api/dashboard/summaryGET /api/events/*GET /api/audit*GET /api/security/alertsGET|PUT /api/pii/policyGET /api/quotaPOST /api/quota/resetPOST /api/quota/overrideGET /api/healthGET /api/health/detailGET /api/health/metrics
Security Notes
- Runtime API role checks are enforced server-side.
- Mutating runtime endpoints use CSRF protection.
- Optional admin token protection still applies to quota mutation and immune release endpoints (
CRUVERO_UI_ADMIN_TOKEN). - Deploy behind SSO (OIDC/Keycloak) for shared environments.