OpenAPI Spec Viewer

Issue a short-lived Ed25519 SDK token (15-min TTL).

List workspaces accessible to the authenticated user.

Create a new workspace.

Retrieve a single workspace by ID.

Update workspace name, slug, or settings.

Soft-delete a workspace.

List agents in the workspace. Supports limit, cursor, status, search, tags.

Register a new agent.

Retrieve a single agent with full details.

Update agent name, description, metadata, or status.

Soft-delete an agent. Revokes associated keys.

Retrieve the agent's trust score with component breakdown.

List version history for an agent.

Publish a new version of an agent.

List policies in the workspace.

Create a new policy.

Retrieve a single policy.

Update a policy.

Delete a policy.

Evaluate an action against the agent's policies. Primary enforcement endpoint used by the SDK.

Enhanced policy evaluation with Cedar-style policy engine. Accepts full PolicyContext.

List events in the workspace audit trail. Supports limit, cursor, agentId, eventType, from, to.

Ingest a batch of events into the hash-chained audit trail (max 100 per batch).

Server-Sent Events stream for real-time event monitoring.

SIEM-compatible event export for security information and event management.

List enforcement actions in the workspace.

Retrieve a single enforcement action.

Submit an appeal against an enforcement action.

List pending and resolved approval requests.

Retrieve a single approval request with status.

Approve or deny an approval request.

List registered content in the workspace.

Register new content for protection. Generates fingerprints and optionally applies watermarks.

Scan content for infringement against registered fingerprints.

Verify C2PA content credentials.

Submit a DMCA takedown request.

Retrieve a registered content item.

Retrieve the fingerprint for a content item.

List infringement matches for a specific content item.

Search all content matches across the workspace.

List API keys in the workspace (metadata only, no secrets).

Create a new API key. The key value is returned exactly once.

Batch delete API keys.

Update API key metadata (name, scopes, expiry).

Delete (revoke) a specific API key.

Rotate an API key. Issues a new key value and revokes the old one.

Revoke an API key without deletion.

Verify an API key's validity and return its metadata.

List configured integrations.

Create a new integration.

Retrieve integration details.

Update an integration.

Delete an integration.

List webhooks.

Create a new webhook.

Retrieve webhook details including delivery history.

Update a webhook (URL, events, enabled status).

Delete a webhook.

Send a test delivery to the webhook URL. Signs payload with HMAC-SHA256.

Retrieve the agent's 'PROTECTED BY DRD' trust badge. Public endpoint, no auth required.

Retrieve reputation data for an agent.

List available policy templates.

Create a policy from a template.

Public agent registry. Browse registered agents and their verification status.

Resolve a DID to its DID Document. Supports the did:drd: method.

Create a DID Document for an agent.

Update a DID Document (key rotation, add service endpoints).

Issue a W3C Verifiable Credential 2.0 to an agent.

Verify a Verifiable Credential's integrity, issuer, and revocation status.

Retrieve a specific Verifiable Credential by ID.

Revoke a Verifiable Credential.

Replay domain events for an aggregate from the event store.

Retrieve the latest snapshot for an aggregate (fast state recovery).

Scan text for OWASP GenAI safety issues (prompt injection, PII, output validation).

Internal tRPC endpoint. Proxies all tRPC procedure calls from the dashboard.