- Every run passes the same ordered gates
- Deny is the default — fail-closed
- Stable codes: 402 · 403 · 409 · architecture
Build on the governed runtime.
One typed SDK, a REST API, and a CLI for the governed AI agent platform — register agents, propose actions, author policy, query the ontology, and read a tamper-evident Trust Ledger. The same gates that protect the console enforce on every request.
@cortex/client SDK · REST · CLI · Webhooks · Sandbox
From install to a governed verdict in three steps.
Install the SDK, authenticate against a tenant, and propose your first governed action — every call recorded in a Trust Ledger you can verify offline. The snippets below are illustrative examples.
- 01
Install @cortex/client
Add the typed SDK to your project. It is a thin client over the same REST API and the same fail-closed gates.
- 02
Authenticate
Construct the client with your tenant-scoped API key and tenantId. Every call is bound to your tenant in the data path — no cross-tenant reads.
- 03
Run a governed action & read the verdict
Propose an action. Low-risk runs execute; high-risk or approval-required actions hold as pending_approval. Read the verdict, then verify the receipt.
Six ideas every integration is built on.
The surfaces are thin clients over the same governed runtime. Learn the concept, then follow each to its capability page for the full picture.
- Typed enterprise object model
- Object & property-level RBAC (none/read/write)
- Reads redact below read · ontology
- Named actions with a risk level
- dry-run → propose → approve → execute
- Immutable invocation ledger · action fabric
- Hash-chained, tamper-evident audit
- Signed receipts, verifiable offline
- 10-hop lineage · trust ledger
- Agents are governed identities
- Owner · risk tier · expiry · allowed models
- Expired identity → 403 · agent IAM
- Ontology, policies & actions as one artifact
- Signed · verified · diffed on import
- Re-deploy into your tenant · packs
The resource areas you'll work with.
Reach every governed surface over REST, the typed @cortex/client SDK, or the CLI. Below is what each resource area does — not an exhaustive endpoint reference. Follow a card for the full capability.
Register agents as governed identities with an owner, risk tier, expiry, and allowed models/actions. Expired or suspended identities are refused at runtime (403).
Learn moreNamed actions with a risk level and approval policy. Dry-run → propose → approve/deny → execute → compensate, each step recorded in an immutable invocation ledger with an evidence pack.
Learn moreAuthor rules, then simulate a decision (with a per-rule trace) or run golden policy tests against a candidate rule set before you ship — most-restrictive effect wins.
Learn moreA typed enterprise object model with object/property-level RBAC. Grants resolve to none / read / write; reads redact properties below read, and writes are gated per type.
Learn moreA hash-chained, tamper-evident audit ledger. verify returns { ok, brokenAtSeq, head } over a range, and head returns the current chain head for external anchoring.
Learn moreBundle ontology types, policies, and actions into a signed, versioned artifact. verify checks hashOk + signatureOk; import previews a diff and applies into the caller's own tenant.
Learn moreFive surfaces, one governed runtime.
The API, SDK, CLI, and webhooks are thin clients over the same fail-closed gates — identity, budget, guardrails, registry, control-tower, policy, and audit. There is no ungoverned back door.
Drive every governed surface over HTTPS — register actions, propose and approve them, query the ontology, run governance simulations, and read the Trust Ledger. The same gates that protect the console protect the API.
- Tenant scoping enforced in the data path
- Admin-only routes (approve · deny · pack import) gated server-side
- Stable status codes you branch on — 402 · 403 · 409
Typed TypeScript client over the REST API. Strongly-typed resources for agents, actions, governance, ontology, audit, and packs — with the same tenant scoping and gate semantics as the raw API.
- client.actions · client.governance · client.packs
- client.ontology.permissions · client.agentIdentities
- Token + tenantId on every call
Ship governance from your terminal and CI. Export and verify signed Solution Packs, run policy tests as a regression gate, and check the Trust Ledger — without leaving the pipeline.
- Run policy tests before you ship a rule change
- Export and verify a signed pack (hashOk · signatureOk)
- Verify the ledger chain offline
Cortex emits governed lifecycle events — ActionExecuted, ActionFailed, approval decisions — through the platform event path that also seals the Trust Ledger. Subscribe to reconcile against the tamper-evident audit trail.
- Action lifecycle: proposed · approved · executed · compensated
- Every event sealed into the hash chain as it is recorded
- Reconcile by ledger sequence (seq)
A governed tenant you can provision and seed with sample ontology, policies, and actions. Run your first gated action and read a real Trust Ledger you can verify — without touching production.
- Seed sample ontology, policies & actions
- Dry-run first — validate input, no side effect
- Inspect every gate decision in the invocation ledger
Version governance the way you version your app. Author allow / require-approval / deny rules, simulate a decision before shipping, and gate changes with golden policy tests in CI.
- Most-restrictive wins: deny > require_approval > allow
- simulate() returns the per-rule decision trace
- tests.run() as a regression gate before you ship
Verify the ledger offline.
The Trust Ledger is hash-chained: each record seals the previous one. verifyChain recomputes the chain and returns { ok, brokenAtSeq } — any insert, edit, delete, or reorder flips ok to false. Outcome receipts are detached signatures you can verify with the published key, so a third party can confirm a run happened without trusting Cortex's database. The snippet is an illustrative example.
- Chain integrity: verifyChain(records) → { ok, brokenAtSeq }
- Signed receipts: verifyReceipt(claims, sig, key), constant-time
- HMAC-SHA256 today; Ed25519 publishable verify keys are the documented upgrade
Understand the runtime you're building on.
The developer surfaces sit on top of the full platform. See how the gates fit together, and explore every governed capability end to end.
The architecture
Console, runtime gates, ~22 microservices, and one Postgres-backed ontology and Trust Ledger — the layered system every API call flows through.
The platform
Action Fabric, Agent IAM, the ontology, oversight modes, the MCP gateway, and the Trust Ledger — every governed capability, each reachable from the API and SDK.
Build governed agents on day one.
Get a guided tour of the API, SDK, and CLI — and see your first gated action land in a verifiable Trust Ledger.