API Reference
POST /api/v1/authorize
The core endpoint for requesting authorization. AI agents call this endpoint before performing any sensitive action.
Request
POST/api/v1/authorize
{
"tool": "send_email", // Required: the tool/action to authorize (≤128 chars)
"context": "optional context", // Optional: free-form context string
"args": { // Optional: structured tool arguments
"to": "user@example.com"
}
}Response
Every call returns 200 OK with the outcome in the decision field — one of allow, deny, human_review, or compute (redirected to a safe alternative, with safeTool / safeArgs). Each decision carries tamper-evident inputHash / outputHash.
Allowed (200 OK)
{
"requestId": "req_a1b2c3d4",
"tool": "list_invoices",
"decision": "allow",
"reason": "Read-only operations are permitted by the default policy.",
"rule": "allow:read-ops",
"latencyMs": 5,
"mode": "live",
"timestamp": "2026-06-23T12:00:00.000Z",
"inputHash": "9f2c…",
"outputHash": "4a7b…"
}Human review (200 OK)
{
"requestId": "req_5e6f7a8b",
"tool": "issue_refund",
"decision": "human_review",
"reason": "Financial operations require a human to approve before execution.",
"rule": "review:financial-ops",
"latencyMs": 6,
"mode": "live",
"timestamp": "2026-06-23T12:00:00.000Z",
"inputHash": "1b3d…",
"outputHash": "8c2e…"
}Denied (200 OK)
{
"requestId": "req_9c0d1e2f",
"tool": "delete_all_records",
"decision": "deny",
"reason": "Destructive operations are blocked by the default safety policy.",
"rule": "deny:destructive-ops",
"latencyMs": 4,
"mode": "live",
"timestamp": "2026-06-23T12:00:00.000Z",
"inputHash": "2a4f…",
"outputHash": "6d9b…"
}