API Reference
REST API served by FastAPI. Base URL: http://localhost:8000/api/v1.
Interactive Swagger UI at /docs and ReDoc at /redoc.
Authentication: All endpoints except /auth/register and /auth/login require a JWT Bearer token in the Authorization header.
Authentication
| Method | Path | Description |
|---|
| POST | /auth/register | Register user and organization |
| POST | /auth/login | Login, returns JWT tokens |
| POST | /auth/refresh | Refresh access token |
| GET | /auth/me | Current user profile |
Organizations & Users
| Method | Path | Description |
|---|
| GET | /organizations | List organizations |
| GET | /organizations/{id} | Get organization |
| GET | /users | List users in org |
| POST | /users/invite | Invite user |
Policies
| Method | Path | Description |
|---|
| GET | /policies | List policies |
| POST | /policies | Create policy |
| GET | /policies/{id} | Get policy |
| PUT | /policies/{id} | Update policy |
| DELETE | /policies/{id} | Delete policy |
| POST | /policies/evaluate | Evaluate policy against context |
| GET | /policies/engine/catalog | Symbolic rule catalog |
| GET | /policies/engine/chain | Tenant policy chain |
Guardrails
| Method | Path | Description |
|---|
| GET | /guardrails | List guardrails |
| GET | /guardrails/{id} | Get guardrail |
| PUT | /guardrails/{id}/config | Update config |
| POST | /guardrails/evaluate | Evaluate content |
Inference (Guardrail Engine)
| Method | Path | Description |
|---|
| POST | /inference/completions | Full guardrail pipeline + LLM |
| POST | /inference/evaluate-phase | Single-phase evaluation |
| GET | /inference/guardrails | Engine guardrail registry |
HealthShield (HIPAA)
| Method | Path | Description |
|---|
| POST | /healthshield/activate | Activate HIPAA pack |
| GET | /healthshield/activation | Activation status |
| DELETE | /healthshield/deactivate | Deactivate pack |
| POST | /healthshield/scan | Scan for PHI |
| POST | /healthshield/inference | HIPAA-protected inference |
| POST | /healthshield/consents | Record patient consent |
| GET | /healthshield/audit-logs | PHI access audit trail |
FinanceShield
| Method | Path | Description |
|---|
| POST | /financeshield/activate | Activate finance pack |
| GET | /financeshield/activation | Activation status |
| POST | /financeshield/scan | Scan financial data |
| POST | /financeshield/inference | Finance-protected inference |
| POST | /financeshield/data-sources | Register data source |
| GET | /financeshield/audit-logs | Financial audit trail |
Model Router
| Method | Path | Description |
|---|
| GET | /model-router/models | List available models |
| GET | /model-router/routes | List routing rules |
| POST | /model-router/routes | Create route |
| PATCH | /model-router/routes/{id} | Update route |
| POST | /model-router/select | Select model for request |
Audit Logs & Workflows
| Method | Path | Description |
|---|
| GET | /audit-logs | Search audit logs |
| GET | /audit-logs/{id} | Get audit entry |
| GET | /workflows | List workflows |
| POST | /workflows | Create workflow |
| GET | /workflows/requests/pending | Pending approvals |
| POST | /workflows/requests/{id}/resolve | Approve/reject |
Error format
{
"error": {
"type": "not_found",
"code": "NOT_FOUND",
"message": "Policy 'abc' not found",
"details": {}
}
}
Roles & permissions
| Role | Capabilities |
|---|
owner | Full access |
admin | All except billing |
policy_editor | Policies, guardrails, models |
approver | Workflow approvals |
viewer | Read-only |
