System status

Status

Live health of api.cohesionauth.com.

Checking...
Uptime (24h)
no data
Uptime (7d)
no data
Uptime (30d)
no data
Avg latency (60s)
no data

Polls https://api.cohesionauth.com/ every 60 seconds. Samples: 0.

Incident history

  1. medium resolved

    BUG-1 / BUG-2 / BUG-4 scoring fixes

    Two production deploys landed on 2026-04-20 to close out three issues surfaced during the full-review cycle:

    • 809e620a — BUG-2 and BUG-4 scoring fixes in scoring-engine.js. Corrected edge-case handling in the dimension aggregation and the decay-projection math for short-history operators.
    • 7c08e408 — BUG-1 per-org CORS fix in worker.js. Preflight OPTIONS requests from origins not listed in organizations.allowed_origins now return 403 with no Access-Control-Allow-Origin header (no reflection), consistent with the spec.

    All 53 unit and 36 E2E tests green post-deploy. No customer-visible regression. The 80 ms auth timing floor, rate-limit configuration, and 13 endpoint response shapes were preserved.

  2. low resolved

    Scoring API pilot-grade cutover

    Scoring API pilot-grade hardening merged to main as commit 25b1103 (PR #4). The cutover shipped the K8 v2 error envelope, HEAD / health probe support, and deprecation headers for the legacy api_key body field (sunset 2026-07-15). The peppered SHA-256 key-storage migrations (2026-04-17-01 through 2026-04-17-04) executed without incident, and the 80 ms auth timing floor held across all auth outcomes.

    No customer-visible downtime. Production healthy post-merge.