Live API

The live API for human-in-loop AI oversight

50 documented endpoints. Sub-100ms p50 latency. 99.9% uptime SLA. Patent pending oversight telemetry. One curl away.

Last updated: 2026-05-18

Curl this:

curl -s https://api.cohesionauth.com/v1 | jq

What the root returns

The unauthenticated GET /v1 endpoint self-describes the surface so you can explore it without an API key.

{
  "version": "1.10.0",
  "name": "cohesion-scoring-api",
  "uptime_seconds": 8421567,
  "endpoints": {
    "scoring": ["/v1/score", "/v1/decision/score", "/v1/decision/replay/:id"],
    "operator": ["/v1/operator/:id/profile", "/v1/operator/:id/sparkline"],
    "organization": ["/v1/organization/dashboard", "/v1/organization/operators"],
    "compliance": ["/v1/compliance/report", "/v1/compliance/article14"],
    "audit": ["/v1/audit/append", "/v1/audit/chain/verify"],
    "maintenance": ["/v1/maintenance/recommend"]
  },
  "openapi": "/openapi.yaml",
  "docs": "https://cohesionauth.com/api-docs/"
}

The full machine-readable catalog is the OpenAPI schema and the Swagger explorer.

Three most-used endpoints

`POST /v1/decision/score`

Submit one human-in-loop interaction for scoring. Returns a JIS, an Article 14 compliance status, and an optional invisible-maintenance recommendation.

curl -X POST https://api.cohesionauth.com/v1/decision/score \
  -H "X-API-Key: $COHESION_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operator_id": "analyst-eubank-0042",
    "domain": "financial",
    "time_to_decision_ms": 12400,
    "decision": "modified",
    "modification_extent": 0.31
  }'

`POST /v1/score`

Lightweight scoring path for high-volume operators. Same envelope as /v1/decision/score, smaller response. Pick this for high-QPS pipelines.

curl -X POST https://api.cohesionauth.com/v1/score \
  -H "X-API-Key: $COHESION_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"operator_id":"uw-447","domain":"insurance","time_to_decision_ms":67100,"decision":"accepted"}'

`GET /v1/decision/replay/:id`

Replay a prior scored interaction. Returns the original telemetry plus the score envelope. Read-only, deterministic.

curl https://api.cohesionauth.com/v1/decision/replay/dec_0HpJv2 \
  -H "X-API-Key: $COHESION_API_KEY"

Authentication

Every authenticated call sends X-API-Key: $COHESION_API_KEY. Keys are scoped per organization. Rotation is self-service in the dashboard.

Full auth docs are at /docs/auth. Customer onboarding is at /sign-up.

Rate limits and SLA

Default rate limit: 60 requests / minute / API key, 1000 / hour. Higher limits on Enterprise.
Sub-100ms p50 latency on the scoring path (80ms timing floor enforced by the engine).
99.9% uptime SLA published at cohesionauth.com/status.
External monitoring at status.cohesionauth.com.

Full security and reliability posture at Methodology Annex.

SDK install

TypeScript

npm install @cohesionauth/sdk

Python

pip install cohesion-sdk

Both wrap every documented endpoint. Source at sdk/.

Seven runnable example integrations

Apache-2.0, mock-first, 10-second local run. One per industry: