> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sidenet.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Run a workflow

> Runs a workflow version. `?version=active` (default), `draft`, or `v{n}`. Body: `{ input, groupId?, groupName?, runtimeAuth? }` — `input` is the workflow input, `groupId`/`groupName` select the chatter group whose Requesty key bills the agent steps (like /v1/chat), and `runtimeAuth` supplies per-request credentials for tool steps (custom + MCP). Drafts are validated at run time and rejected with 422 if invalid. Identity is header-borne: Authorization, X-Organization-Id, and X-User-Id.



## OpenAPI

````yaml /api-reference/openapi.json post /v1/workflows/{id}/run
openapi: 3.1.0
info:
  title: Sidenet API
  version: 1.0.0
  description: >-
    Custom HTTP endpoints exposed by the Sidenet Mastra server. All routes
    require a bearer token and resolve org context from the API key (or the
    `X-Organization-Id` header). This reference is generated from the live route
    definitions in `src/mastra/routes`.
servers:
  - url: ''
security:
  - bearerAuth: []
paths:
  /v1/workflows/{id}/run:
    servers:
      - url: /
    post:
      tags:
        - Workflows
      summary: Run a workflow
      description: >-
        Runs a workflow version. `?version=active` (default), `draft`, or
        `v{n}`. Body: `{ input, groupId?, groupName?, runtimeAuth? }` — `input`
        is the workflow input, `groupId`/`groupName` select the chatter group
        whose Requesty key bills the agent steps (like /v1/chat), and
        `runtimeAuth` supplies per-request credentials for tool steps (custom +
        MCP). Drafts are validated at run time and rejected with 422 if invalid.
        Identity is header-borne: Authorization, X-Organization-Id, and
        X-User-Id.
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
        - name: version
          in: query
          required: false
          schema:
            type: string
            default: active
          description: active (default) | draft | v{n}
        - name: X-Organization-Id
          in: header
          required: false
          schema:
            type: string
          description: >-
            Organization to scope the request to. Optional when authenticating
            with an org API key (the org is taken from the key; if sent, it must
            match). Required when authenticating with the trusted key.
        - name: X-User-Id
          in: header
          required: false
          schema:
            type: string
          description: >-
            End-user identity for the request; user-scoped data (threads,
            memory) resolves to `{orgId}_{userId}`. Required by endpoints that
            read or write user-scoped resources. A `userId` query param (or body
            field, where documented) is accepted as a fallback.
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                input:
                  description: >-
                    The workflow input (validated against the version's input
                    schema by the run)
                groupId:
                  type: string
                  minLength: 1
                  maxLength: 255
                  nullable: true
                  description: >-
                    Optional STABLE caller-supplied chatter group id
                    (chatter_groups.external_id). When sent, group matching is
                    by this id; a differing groupName renames the group.
                groupName:
                  type: string
                  nullable: true
                  description: >-
                    Optional chatter group name. Without groupId this
                    matches/provisions by name (legacy behavior); alongside
                    groupId it is display-only (rename on change).
                runtimeAuth:
                  type: object
                  additionalProperties:
                    type: object
                    additionalProperties: {}
                  description: >-
                    Runtime authentication map: { [providerNameOrId]: {
                    credentials } } — used by tool steps (custom + MCP)
              additionalProperties: false
      responses:
        '200':
          description: Run completed
        '400':
          description: Missing headers / invalid body / no active version
        '404':
          description: Workflow or version not found
        '422':
          description: Draft definition invalid
        '500':
          description: Run failed
        '502':
          description: Runtime MCP auth failed
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        Org API key (scopes the request to its organization) or the shared
        trusted key (requires `X-Organization-Id` on every request).

````