Admin API Configuration

The [admin] section controls PRISM's administrative API, which provides health checks, metrics, cache management, and cache warming endpoints.

TOML Example

[admin]
enabled = true
address = "127.0.0.1:4001"
bearer_token = "your-secret-token"

Parameters

Parameter	Type	Default	Description
`enabled`	Boolean	`true`	Enable or disable the admin API
`address`	String	`"127.0.0.1:4001"`	Socket address for the admin API
`bearer_token`	String or null	`null`	Optional bearer token for authentication

Detailed Explanation

enabled

When false, PRISM does not start the admin API listener. You lose access to health checks, metrics, and cache management endpoints.

address

The admin API listens on a separate port from the main server. By default it binds to 127.0.0.1:4001, restricting access to localhost. In containerized deployments, you may want 0.0.0.0:4001 for health check probes from the orchestrator.

bearer_token

When set, all admin API endpoints except GET /health require an Authorization: Bearer <token> header. This secures cache purge, warmup, and other mutating operations.

When null (default), the admin API is unauthenticated. Only safe if the admin port is not exposed to untrusted networks.

Example Use Cases

Kubernetes deployment with health checks

[admin]
enabled = true
address = "0.0.0.0:4001"
bearer_token = "k8s-admin-secret-42"

The liveness/readiness probe hits GET /health (no auth required), while cache management operations require the bearer token.

Disabled admin API

[admin]
enabled = false

Local development

[admin]
enabled = true
address = "127.0.0.1:4001"
# No token needed for local dev

TOML Example​

Parameters​

Detailed Explanation​

enabled​

address​

bearer_token​

Example Use Cases​

Kubernetes deployment with health checks​

Disabled admin API​

Local development​