Lexicon Reference
All AT Protocol lexicons defined by the Stratos service. Lexicons describe every XRPC method, record type, and shared definition available in this namespace (zone.stratos.*).
GET Query — read-only XRPC callPOST Procedure — write XRPC callWS Subscription — WebSocket streamRECORD Record type stored in reposDEFS Shared type definitions
Core Definitions
DEFSzone.stratos.defs
Type Definitions
source— Indicates this record requires hydration from an external service. The stub record on the PDS contains minimal data; full content is fetched from the service endpoint.| Field | Type | Required | Description |
|---|---|---|---|
vary | string | ✓ | Indicates when hydration is needed. 'authenticated' means full content requires viewer authentication. |
subject | #subjectRef | ✓ | Reference to the full record at the hydration service. |
service | string (did) | ✓ | DID of the hydration service, optionally with fragment identifying the service entry (e.g., 'did:plc:abc123#atproto_pns'). |
subjectRef— A strong reference to a record, including its content hash for verification.| Field | Type | Required | Description |
|---|---|---|---|
uri | string (at-uri) | ✓ | AT-URI of the record at the hydration service. |
cid | string (cid) | ✓ | CID of the full record content for integrity verification. |
Actor
RECORDzone.stratos.actor.enrollment
A record indicating the user is enrolled in a Stratos service. Published to the user's PDS during OAuth enrollment for endpoint discovery by AppViews. Multiple enrollment records are supported — one per Stratos service.
Record Schema
| Field | Type | Required | Description |
|---|---|---|---|
service | string (uri) | ✓ | The Stratos service endpoint URL where this user's private data is stored. |
boundaries | #Domain[] | — | Service-qualified boundaries the user has access to on this Stratos service, each in '{serviceDid}/{domainName}' format. |
signingKey | string | ✓ | The user's P-256 public key as a did:key string, generated by the Stratos service for user-level record signing. |
attestation | #serviceAttestation | ✓ | Service attestation vouching for the user's enrollment, boundaries, and signing key. |
createdAt | string (datetime) | ✓ | Timestamp when the enrollment was created. |
Type Definitions
serviceAttestation— An attestation signed by the Stratos service key. The signed payload is DAG-CBOR encoded {boundaries, did, signingKey} with sorted keys.| Field | Type | Required | Description |
|---|---|---|---|
sig | bytes | ✓ | Raw signature bytes of the DAG-CBOR encoded attestation payload, signed by the service key. |
signingKey | string | ✓ | The Stratos service's public key as a did:key string, used to verify the attestation signature. |
Boundary
DEFSzone.stratos.boundary.defs
Type Definitions
Domain— A specific domain to define exposure boundary.| Field | Type | Required | Description |
|---|---|---|---|
value | string | ✓ | Service-qualified boundary identifier in the format '{serviceDid}/{domainName}', e.g. 'did:web:stratos.example.com/engineering'. |
Domains— A collection of domains that define the exposure boundary for a record.| Field | Type | Required | Description |
|---|---|---|---|
values | #Domain[] | ✓ | List of domains that can access this record. |
Enrollment
GETzone.stratos.enrollment.status
Check enrollment status for a DID in this Stratos service.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
did | string (did) | ✓ | The DID to check enrollment for. |
Response application/json
| Name | Type | Required | Description |
|---|---|---|---|
did | string (did) | ✓ | The DID that was checked. |
enrolled | boolean | ✓ | Whether the DID is enrolled in this Stratos service. |
enrolledAt | string (datetime) | — | When the DID was enrolled, if enrolled. |
boundaries | #Domain[] | — | Authoritative boundaries assigned. Only included when request is authenticated. |
Feed
RECORDzone.stratos.feed.post
Record containing a private Stratos post with domain boundary restrictions. When stored on user's PDS as a stub, only 'source' and 'createdAt' are present. Full content is available from the hydration service.
Record Schema
| Field | Type | Required | Description |
|---|---|---|---|
source | #source | — | When present, indicates this is a stub record. Full content should be hydrated from the referenced service. |
text | string | — | The primary post content. May be an empty string, if there are embeds. Omitted in stub records. |
boundary | #Domains | — | Limit exposure to defined domains. Omitted in stub records. |
facets | facet[] | — | Annotations of text (mentions, URLs, hashtags, etc) |
reply | #replyRef | — | |
embed | images | video | external | record | recordWithMedia | — | |
langs | string (language)[] | — | Indicates human language of post primary text content. |
labels | #selfLabels | — | Self-label values for this post. Effectively content warnings. |
tags | string[] | — | Additional hashtags, in addition to any included in post text and facets. |
createdAt | string (datetime) | ✓ | Client-declared timestamp when this post was originally created. |
Type Definitions
replyRef— Reference to parent and root posts for replies. Must reference stratos posts only.| Field | Type | Required | Description |
|---|---|---|---|
root | strongRef | ✓ | |
parent | strongRef | ✓ |
Identity
GETzone.stratos.identity.resolveEnrollments
Resolve enrollment boundaries for a DID. Returns the boundary domains the user is enrolled in.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
did | string (did) | ✓ | The DID to resolve enrollment boundaries for. |
Response application/json
| Name | Type | Required | Description |
|---|---|---|---|
did | string (did) | ✓ | |
enrolled | boolean | ✓ | Whether the DID is enrolled in this Stratos service. |
boundaries | string[] | ✓ | Boundary domains the user is enrolled in. Empty if not enrolled. |
Repository
GETzone.stratos.repo.hydrateRecord
Hydrate a single record by URI. Returns the record if viewer has boundary access.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
uri | string (at-uri) | ✓ | The AT-URI of the record to hydrate |
cid | string (cid) | — | Optional CID to verify record version |
Response application/json
| Name | Type | Required | Description |
|---|---|---|---|
uri | string (at-uri) | ✓ | |
cid | string (cid) | ✓ | |
value | unknown | ✓ |
Errors
RecordNotFoundThe requested record does not existRecordBlockedAccess to the record is blocked due to boundary restrictionsPOSTzone.stratos.repo.hydrateRecords
Hydrate multiple records by URI. Returns records filtered by viewer's boundary access.
Request Body application/json
| Name | Type | Required | Description |
|---|---|---|---|
uris | string (at-uri)[] | ✓ | Array of AT-URIs to hydrate (max 100) |
Response application/json
| Name | Type | Required | Description |
|---|---|---|---|
records | #recordView[] | ✓ | Successfully hydrated records |
notFound | string (at-uri)[] | ✓ | URIs that were not found |
blocked | string (at-uri)[] | ✓ | URIs blocked due to boundary restrictions |
Type Definitions
recordView| Field | Type | Required | Description |
|---|---|---|---|
uri | string (at-uri) | ✓ | |
cid | string (cid) | ✓ | |
value | unknown | ✓ |
POSTzone.stratos.repo.importRepo
Import a repository from a CAR file. Verifies record CID integrity and re-signs with the destination service key. The caller must be enrolled as the DID in the CAR's commit block.
Response application/json
| Name | Type | Required | Description |
|---|---|---|---|
imported | integer | ✓ | Number of records successfully imported. |
Errors
InvalidCarThe CAR file is malformed, has missing blocks, or contains records with mismatched CIDs.RepoAlreadyExistsThe destination already has records for this DID. Import is only supported for empty repos.Server
GETzone.stratos.server.listDomains
Returns the list of boundary domains available on this Stratos service.
Response application/json
| Name | Type | Required | Description |
|---|---|---|---|
domains | string[] | ✓ | The boundary domains available on this service. |
Sync
GETzone.stratos.sync.getRepo
Export the full repository as a CAR file. Returns all record blocks, MST nodes, and the signed commit.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
did | string (did) | ✓ | The DID of the repo to export. |
since | string (tid) | — | Optional revision cursor. If provided, only blocks newer than this revision are included. |
Errors
RepoNotFoundThe requested repo does not exist or has no commits.WSzone.stratos.sync.subscribeRecords
Subscribe to stratos events. When 'did' is provided, subscribes to record updates for that account. When omitted, subscribes to service-level events (enrollments). AppViews must provide a signed service JWT via syncToken.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
did | string (did) | — | The DID of the account to subscribe to. If omitted, subscribes to service-level enrollment events. |
cursor | integer | — | The last known event sequence number to resume from. |
domain | string | — | Optional domain filter. Only events for records with this domain in their boundary will be emitted. |
syncToken | string | — | Signed service JWT for AppView authentication. Must include iss, aud, exp, and lxm claims. Required for service callers; owner callers may use the Authorization header instead. |
Message Types
commitenrollmentinfo
Type Definitions
commit— A commit event containing record operations.| Field | Type | Required | Description |
|---|---|---|---|
seq | integer | ✓ | The sequence number of this event. |
did | string (did) | ✓ | The DID of the account. |
time | string (datetime) | ✓ | Timestamp of when the event was sequenced. |
rev | string (tid) | ✓ | The repo revision. |
ops | #recordOp[] | ✓ | List of record operations in this commit. |
recordOp— A single record operation within a commit.| Field | Type | Required | Description |
|---|---|---|---|
action | string | ✓ | The type of operation. |
path | string | ✓ | The record path (collection/rkey). |
cid | cid-link | — | The CID of the record. Present for create and update operations. |
record | unknown | — | The record content. Present for create and update operations. |
info— An informational message about the subscription state.| Field | Type | Required | Description |
|---|---|---|---|
name | string | ✓ | The type of info message. |
message | string | — | Additional details about the info message. |
enrollment— An enrollment event indicating a user has enrolled or unenrolled from the service.| Field | Type | Required | Description |
|---|---|---|---|
did | string (did) | ✓ | The DID of the user. |
action | string | ✓ | The enrollment action. |
service | string (uri) | — | The Stratos service endpoint URL. |
boundaries | string[] | — | The boundaries assigned to the user. |
time | string (datetime) | ✓ | Timestamp of the enrollment event. |
Errors
FutureCursorCursor is in the future.AuthRequiredAuthentication is required.