Documentation
API Reference
Use public REST endpoints for agents, permissions, verification, logs, and key rotation. Requires an API key.
Authentication
All authenticated endpoints require Authorization: Bearer bhf_sk_….
Endpoints
| Method | Path | Description |
|---|---|---|
POST | /api/agents | Add a native or connected agent and return the API key once. |
POST | /api/permissions | Create a permission for the authenticated agent. |
POST | /api/verify | Evaluate whether an agent can perform an action. |
POST | /api/actions/execute | Execute an allowed safe public web read through the Action Gateway MVP. |
GET | /api/logs/[agentId] | Read filtered verification logs and summaries for the authenticated agent. |
POST | /api/agents/[agentId]/rotate-key | Rotate an agent API key and return the new key once. |
POST /api/verify
{
"agentId": "agent_xxx",
"action": "deploy_production",
"vendor": "vercel.com",
"amount": 0,
"metadata": {}
}{
"requestId": "req_xxx",
"allowed": false,
"reason": "Permission requires approval before execution.",
"risk": "medium"
}