API Reference

Base URL

https://api.airaproof.com/api/v1

All endpoints are prefixed with /api/v1. Responses are JSON. All timestamps are ISO 8601 UTC.

Interactive Docs

Interactive API docs with a "Try it" button are available at:

Swagger UI: api.airaproof.com/docs
ReDoc: api.airaproof.com/redoc
OpenAPI Schema: api.airaproof.com/openapi.json

Self-hosted deployments expose the same paths on your API domain.

Endpoints Overview

Authentication

Method	Endpoint	Auth	Description
`POST`	`/auth/register`	None	Create organization + user account
`POST`	`/auth/login`	None	Get JWT token for dashboard
`POST`	`/auth/oauth`	None	OAuth login (Google, GitHub, GitLab)
`GET`	`/auth/me`	JWT	Get current user info
`POST`	`/auth/leave-org`	JWT	Leave organization (non-owners)
`DELETE`	`/auth/account`	JWT (owner)	Delete organization and all data

Team

Method	Endpoint	Auth	Description
`GET`	`/team/members`	Admin+	List organization members
`PUT`	`/team/members/{id}/role`	Admin+	Update member role
`DELETE`	`/team/members/{id}`	Admin+	Remove member
`GET`	`/team/invites`	Admin+	List pending invites
`POST`	`/team/invites`	Admin+	Send invite
`DELETE`	`/team/invites/{id}`	Admin+	Cancel invite
`POST`	`/team/transfer-ownership`	Owner	Transfer org ownership to an admin

API Keys

Method	Endpoint	Auth	Description
`POST`	`/api-keys`	Admin+	Create new API key
`GET`	`/api-keys`	Admin+	List all keys (masked)
`DELETE`	`/api-keys/{id}`	Admin+	Revoke a key

Cases (Core)

Method	Endpoint	Auth	Description
`POST`	`/cases`	Required	Execute consensus case
`POST`	`/cases/stream`	Required	Submit case with SSE streaming
`GET`	`/cases/{id}`	Required	Get case run details
`GET`	`/cases`	Required	List case runs (paginated)

Receipts

Method	Endpoint	Auth	Description
`GET`	`/receipts/{id}`	Required	Get receipt details
`GET`	`/receipts/{id}/export`	Required	Export as JSON

Verification (Public)

Method	Endpoint	Auth	Description
`GET`	`/verify/{receipt_uuid}`	None	Verify receipt by ID
`GET`	`/verify/action/{action_uuid}`	None	Verify action receipt
`GET`	`/.well-known/keys`	None	List signing public keys

Actions (Agent Notary)

Method	Endpoint	Auth	Description
`POST`	`/actions`	Required	Notarize an agent action
`GET`	`/actions`	Required	List actions (paginated, filterable)
`GET`	`/actions/{id}`	Required	Get action + receipt + authorizations
`POST`	`/actions/{id}/cosign`	JWT only	Human co-sign an action
`POST`	`/actions/{id}/hold`	Required	Set legal hold
`DELETE`	`/actions/{id}/hold`	Required	Release legal hold
`GET`	`/actions/{id}/chain`	Required	Chain of custody

Agent Registry

Method	Endpoint	Auth	Description
`POST`	`/agents`	Required	Register an agent
`GET`	`/agents`	Required	List agents (paginated)
`GET`	`/agents/{slug}`	Required	Get agent detail + versions
`PUT`	`/agents/{slug}`	Required	Update agent metadata
`POST`	`/agents/{slug}/versions`	Required	Publish new version
`GET`	`/agents/{slug}/versions`	Required	List versions
`POST`	`/agents/{slug}/decommission`	Required	Decommission agent
`POST`	`/agents/{slug}/transfer`	Required	Transfer ownership
`GET`	`/agents/{slug}/actions`	Required	Actions by this agent
`GET`	`/agents/public/{slug}`	None	Public identity page

Evidence & Discovery

Method	Endpoint	Auth	Description
`POST`	`/evidence/packages`	Required	Create sealed evidence package
`GET`	`/evidence/packages`	Required	List evidence packages
`GET`	`/evidence/packages/{id}`	Required	Get package detail
`POST`	`/evidence/time-travel`	Required	Point-in-time query
`GET`	`/evidence/liability-chain/{id}`	Required	Multi-hop liability chain

Agent Estate

Method	Endpoint	Auth	Description
`PUT`	`/estate/agents/{slug}/will`	Required	Set/update agent will
`GET`	`/estate/agents/{slug}/will`	Required	Get agent will
`POST`	`/estate/agents/{slug}/death-certificate`	Required	Issue death certificate
`GET`	`/estate/agents/{slug}/death-certificate`	Required	Get death certificate
`POST`	`/estate/compliance`	Required	Create compliance snapshot
`GET`	`/estate/compliance`	Required	List snapshots

Escrow

Method	Endpoint	Auth	Description
`POST`	`/escrow/accounts`	Required	Create escrow account
`GET`	`/escrow/accounts`	Required	List accounts
`GET`	`/escrow/accounts/{id}`	Required	Get account + transactions
`POST`	`/escrow/accounts/{id}/deposit`	Required	Record liability commitment
`POST`	`/escrow/accounts/{id}/release`	Required	Release liability commitment
`POST`	`/escrow/accounts/{id}/dispute`	Required	File dispute

Provider Credentials

Method	Endpoint	Auth	Description
`POST`	`/provider-credentials`	Admin+	Set/merge provider credentials
`GET`	`/provider-credentials`	Admin+	Get credential status
`DELETE`	`/provider-credentials?provider=xxx`	Admin+	Delete provider credentials

Custom Models

Method	Endpoint	Auth	Description
`POST`	`/models/custom`	Required	Register custom model
`GET`	`/models/custom`	Required	List custom models
`GET`	`/models/custom/{id}`	Required	Get custom model
`PUT`	`/models/custom/{id}`	Required	Update custom model
`DELETE`	`/models/custom/{id}`	Required	Delete custom model
`POST`	`/models/custom/{id}/test`	Required	Test model endpoint

Webhooks

Method	Endpoint	Auth	Description
`POST`	`/webhooks`	Admin+	Create webhook
`GET`	`/webhooks`	Admin+	List webhooks
`DELETE`	`/webhooks/{id}`	Admin+	Delete webhook
`GET`	`/webhooks/{id}/deliveries`	Admin+	List delivery log

Usage

Method	Endpoint	Auth	Description
`GET`	`/usage`	Admin+	Get usage summary
`GET`	`/usage/events`	Admin+	List usage events

Audit Logs

Method	Endpoint	Auth	Description
`GET`	`/audit-logs`	Admin+	List audit log events (filterable, paginated)

Policies

Method	Endpoint	Auth	Description
`POST`	`/policies`	Required	Create policy
`GET`	`/policies`	Required	List policies
`GET`	`/policies/{id}`	Required	Get policy detail
`PATCH`	`/policies/{id}`	Required	Update policy
`DELETE`	`/policies/{id}`	Required	Delete policy
`POST`	`/policies/{id}/activate`	Required	Activate policy
`POST`	`/policies/{id}/deactivate`	Required	Deactivate policy
`POST`	`/policies/{id}/dry-run`	Required	Test policy on simulated action

Settlements

Method	Endpoint	Auth	Description
`POST`	`/settlements`	Admin+	Seal new Merkle settlement
`GET`	`/settlements`	Required	List settlements
`GET`	`/settlements/{id}`	Required	Get settlement detail
`GET`	`/settlements/{id}/receipts`	Required	List receipts in settlement
`GET`	`/settlements/inclusion-proof/{receipt_uuid}`	Required	Get Merkle inclusion proof

Drift Detection

Method	Endpoint	Auth	Description
`POST`	`/agents/{id}/drift/baseline`	Required	Compute baseline
`POST`	`/agents/{id}/drift/baseline/synthetic`	Required	Seed synthetic baseline
`POST`	`/agents/{id}/drift/baseline/pooled`	Required	Pool baseline across cohort
`GET`	`/agents/{id}/drift`	Required	Get drift status
`POST`	`/agents/{id}/drift/check`	Required	Run drift check (metered)
`GET`	`/agents/{id}/drift/alerts`	Required	List drift alerts
`POST`	`/agents/{id}/drift/alerts/{alert_id}/acknowledge`	JWT	Acknowledge alert

Models & Preferences

Method	Endpoint	Auth	Description
`GET`	`/models`	Optional	List available models
`GET/PUT`	`/models/preferences`	Required	Cases model preferences
`GET/PUT`	`/models/policy-preferences`	Required	Policy model preferences
`GET/PUT`	`/models/sanitize-preferences`	Required	Sanitize model preferences
`GET/PUT`	`/models/chat-default`	Required	Default chat model
`GET/PUT`	`/models/chat-allowed`	Required	Allowed chat models

Sanitize

Method	Endpoint	Auth	Description
`POST`	`/sanitize`	Required	Scan and process text
`POST`	`/sanitize/test`	Required	Dry-run (no audit)
`POST`	`/sanitize/detokenize`	Required	Reverse tokenization
`POST`	`/sanitize/file`	Required	Upload file for sanitization
`GET`	`/sanitize/file/{token}/download`	None	Download sanitized file

Chat (Ask Aira)

Method	Endpoint	Auth	Description
`POST`	`/chat`	Required	Send message (JSON or SSE)

Reputation

Method	Endpoint	Auth	Description
`GET`	`/agents/{slug}/reputation`	None	Get reputation score
`GET`	`/agents/{slug}/reputation/history`	Required	Get score history
`POST`	`/agents/{slug}/reputation/attest`	Required	Submit attestation
`GET`	`/agents/{slug}/reputation/verify`	None	Verify score hash

Verifiable Credentials

Method	Endpoint	Auth	Description
`GET`	`/agents/{slug}/credential`	None	Get current credential
`POST`	`/credentials/verify`	None	Verify any VC
`GET`	`/agents/{slug}/credentials`	Required	Credential history
`POST`	`/agents/{slug}/credentials/revoke`	Admin+	Revoke credential

Notifications

Method	Endpoint	Auth	Description
`GET`	`/notifications/pending`	Required	Get pending notifications
`POST`	`/notifications/mark-read`	JWT	Mark notifications as read
`POST`	`/notifications/mark-all-read`	JWT	Mark all as read

Approvers

Method	Endpoint	Auth	Description
`GET`	`/approvers`	Admin+	List approver emails
`POST`	`/approvers`	Admin+	Add approver
`DELETE`	`/approvers/{email}`	Admin+	Remove approver

SSO

Method	Endpoint	Auth	Description
`GET`	`/auth/sso/check`	None	Check if SSO enabled for email
`POST`	`/sso/configure`	Owner	Configure SAML
`POST`	`/sso/configure-oidc`	Owner	Configure OIDC
`POST`	`/sso/enforce`	Owner	Enforce SSO-only login
`GET`	`/sso`	Owner	Get SSO config
`DELETE`	`/sso`	Owner	Delete SSO config

Billing

Method	Endpoint	Auth	Description
`POST`	`/billing/checkout`	Admin+	Create Stripe checkout
`POST`	`/billing/portal`	Admin+	Open billing portal
`GET`	`/billing/status`	Admin+	Get subscription status

Domains

Method	Endpoint	Auth	Description
`POST`	`/domains`	Admin+	Add domain
`POST`	`/domains/{id}/verify`	Admin+	Verify domain DNS
`GET`	`/domains`	Admin+	List domains
`DELETE`	`/domains/{id}`	Admin+	Remove domain

Endpoints

Method	Endpoint	Auth	Description
`GET`	`/endpoint-whitelist`	Required	List whitelist
`POST`	`/endpoint-whitelist`	Required	Add to whitelist
`POST`	`/endpoint-whitelist/{id}/approve`	Admin+	Approve entry
`DELETE`	`/endpoint-whitelist/{id}`	Admin+	Delete entry

Output Policies

Method	Endpoint	Auth	Description
`GET`	`/output-policies`	Required	Get output scan policy
`PATCH`	`/output-policies`	Required	Update output scan policy
`POST`	`/output-policies/test`	Required	Test policy against sample

Gateway

Method	Endpoint	Auth	Description
`POST`	`/gateway/openai/v1/chat/completions`	API Key	OpenAI-compatible proxy
`POST`	`/gateway/anthropic/v1/messages`	API Key	Anthropic native proxy

Config

Method	Endpoint	Auth	Description
`GET`	`/config`	None	Get deployment configuration

Health

Method	Endpoint	Auth	Description
`GET`	`/health`	None	Service health check

Common Headers

Request

Authorization: Bearer aira_live_xxxxx
Content-Type: application/json

Response

Content-Type: application/json
X-Request-ID: req_a1b2c3d4e5f6

Every response includes a request_id field for support and debugging.

Pagination

List endpoints return paginated results:

{
  "data": [...],
  "pagination": {
    "page": 1,
    "per_page": 20,
    "total": 245,
    "has_more": true
  },
  "request_id": "req_..."
}

Query parameters:

page (default: 1, min: 1)
per_page (default: 20, min: 1, max: 100)

Idempotency

The case execution endpoint supports idempotency keys to prevent duplicate processing on network retries:

{
  "details": "...",
  "models": ["..."],
  "options": {
    "idempotency_key": "loan-app-12345-v1"
  }
}

If the same idempotency_key is sent twice, the second request returns 409 DUPLICATE_REQUEST with the original case ID.

API Reference

On this page