AI RUNTIME GOVERNOR

API Reference

Real-time governance, compliance, and observability for autonomous AI agents. Evaluate every tool call before execution. Enforce custom policies. Detect multi-step threats. Stay audit-ready.

Base URL: https://api.airg.nov-tia.com

Quick Start

1. Get Your API Key

2. Verify Connectivity

bash

curl -s https://api.airg.nov-tia.com/health | jq .
# → { "status": "healthy", "version": "0.3.0" }

3. Evaluate Your First Tool Call

bash

curl -s -X POST https://api.airg.nov-tia.com/actions/evaluate \
  -H "X-API-Key: airg_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "tool": "shell",
    "args": {"command": "rm -rf /"},
    "context": {"agent_id": "my-agent"}
  }' | jq .

💡

Response: decision: "block", risk_score: 95,explanation: "Destructive filesystem operation"

4. Install an SDK (Optional)

bash

# Python
pip install airg-client

# TypeScript
npm install @airg/governor-client

Core Concepts

Multi-Layer Governance Pipeline

Every tool call passes through multiple evaluation layers that short-circuit on the first block. Each layer emits a TraceStep with timing, risk contribution, and detail text — making every decision fully explainable.

LAYER 1

⚡ Kill Switch

Global emergency halt

→

LAYER 2

🛡 Injection Firewall

Pattern detection + normalisation

→

LAYER 3

🔒 Scope Enforcer

Tool whitelist enforcement

→

LAYER 4

📋 Policy Engine

Built-in + custom policies

→

LAYER 5

🧠 Neuro + Chain

Heuristic scoring + pattern detection

→

LAYER 6

✅ Verification

Post-execution compliance

Decision Types

Decision	Meaning	Agent Should
allow	Tool call is safe	Proceed with execution
review	Needs human review	Queue for approval or skip
block	Dangerous — rejected	Do NOT execute the tool

Data Persistence

All evaluation logs, policy versions, audit trails, and compliance records are stored in a fully managed database. Data is encrypted at rest and retained according to your account plan.

Authentication & API Keys

Auth Methods

Method	Header / Param	How to Obtain
JWT Bearer	Authorization: Bearer <token>	POST /auth/login
API Key	X-API-Key: airg_<key>	Dashboard API Keys tab or POST /auth/me/rotate-key
Query Param	?token=<jwt>	For SSE / EventSource (can't set headers)

Getting a Token

bash

TOKEN=$(curl -s -X POST https://api.airg.nov-tia.com/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username":"your-username","password":"your-password"}' | jq -r .access_token)

Role-Based Access Control (RBAC)

Role	Evaluate	View Logs	Policies	Kill Switch	Verify	Users
admin	✅	✅	✅ CRUD	✅	✅	✅ CRUD
operator	✅	✅	Read	—	✅	—
auditor	—	✅	Read	—	—	—

💡

Security: Rotate your API key periodically via the Dashboard orPOST /auth/me/rotate-key. Use API Keys for server-to-server integrations.

Integrating Your Agent

Three official SDKs — authenticate with X-API-Key, auto-throw on block decisions.

Python · pip install airg-client

python

import governor_client
from governor_client import evaluate_action, GovernorBlockedError

governor_client.GOVERNOR_URL = "https://api.airg.nov-tia.com"
governor_client.GOVERNOR_API_KEY = "airg_your_key_here"

try:
    decision = evaluate_action("shell", {"command": "ls -la"}, context={
        "agent_id": "my-agent",
        "session_id": "session-123",
        "allowed_tools": ["shell", "http_request", "file_read"],
    })
    print(f"{decision['decision']} — risk {decision['risk_score']}")
except GovernorBlockedError as e:
    print(f"Blocked: {e}")  # Do NOT execute

TypeScript · npm install @airg/governor-client

typescript

import { GovernorClient, GovernorBlockedError } from "@airg/governor-client";

const gov = new GovernorClient({
  baseUrl: "https://api.airg.nov-tia.com",
  apiKey: "airg_your_key_here",
});

try {
  const d = await gov.evaluate("shell", { command: "ls -la" }, {
    agent_id: "my-agent",
    allowed_tools: ["shell", "http_request"],
  });
  console.log(`${d.decision} — risk ${d.risk_score}`);
} catch (err) {
  if (err instanceof GovernorBlockedError) {
    console.error("Blocked:", err.message);
  }
}

Java · dev.airg:governor-client:0.3.0

java

GovernorClient gov = new GovernorClient.Builder()
    .baseUrl("https://api.airg.nov-tia.com")
    .apiKey("airg_your_key_here")
    .build();

try {
    GovernorDecision d = gov.evaluate("shell", Map.of("command", "ls -la"));
    System.out.println(d.getDecision() + " — risk " + d.getRiskScore());
} catch (GovernorBlockedError e) {
    System.err.println("Blocked: " + e.getMessage());
}

Direct HTTP (No SDK)

bash

curl -s -X POST https://api.airg.nov-tia.com/actions/evaluate \
  -H "X-API-Key: airg_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "tool": "http_request",
    "args": {"method": "POST", "url": "https://api.example.com/data"},
    "context": {"agent_id": "data-agent", "allowed_tools": ["http_request"]}
  }' | jq .

Context Fields

Field	Type	Purpose
agent_id	string	Identifies the agent for chain analysis and filtering
session_id	string	Groups related tool calls into a session
allowed_tools	string[]	Blocks any tool not in this list
trace_id	string	Links evaluation to an agent trace tree
conversation_id	string	Links to a conversation for conversation logging
prompt	string	(opt-in) Agent reasoning — encrypted at rest

Dashboard

The dashboard has 16 tabs, each accessible based on your role.

Tab	Icon	What It Shows
Dashboard	◈	Summary: evaluations, allow/review/block counts, risk distribution
Agent Demo	🤖	Run the 17-step demo agent from the browser
Action Tester	▶	Manual tool evaluation — test any tool / args / context
Policy Editor	◆	CRUD for dynamic policies with active/inactive toggle
Review Queue	◎	Pending escalation events — approve / reject actions
SURGE	⬡	Hash-chained receipts, Merkle checkpoints, compliance tagging, sovereign attestation
Audit Trail	☰	Full action history + live SSE merge (LIVE badge)
Conversations	💬	Agent conversation turns + unified timeline
Verification	✅	Post-execution verification logs
Drift Detection	📈	Per-agent drift scores and trends
Chain Analysis	⛓	Detected multi-step attack patterns (dynamic chart)
Traces	⧉	Span tree explorer — governance correlation
Topology	◎	Agent-to-tool interaction graph
API Keys	🔑	View / copy / regenerate API key + code samples
Settings	⚙	Kill switch, escalation thresholds, notification channels
Users	👥	User management — create operators and auditors

ℹ

Access the dashboard at app.airg.nov-tia.com. All 16 tabs are available based on your account role.

Post-Execution Verification

The verification engine inspects tool results after execution — closing the gap between allowing an intent and validating the outcome.

Verification Checks

The verification engine runs multiple automated checks against tool outputs including credential scanning, destructive output detection, scope compliance validation, anomaly detection, policy re-verification, and behavioural drift analysis. Each check contributes to a final verdict.

Submit a Verification

bash

curl -s -X POST https://api.airg.nov-tia.com/actions/verify \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "action_id": 42,
    "tool": "file_write",
    "result": {
      "status": "success",
      "output": "Wrote 150 lines to config.py"
    },
    "context": {"agent_id": "my-agent"}
  }' | jq .

Verdict	Meaning
compliant	All checks passed
suspicious	Some flags — below violation threshold
violation	Critical failure — auto-escalated

Conversation Logging

Opt-in capture of agent reasoning and prompts. All content is encrypted at rest.

Include Context in Evaluations

python

decision = evaluate_action("shell", {"command": "ls"}, context={
    "agent_id": "my-agent",
    "conversation_id": "conv-abc-123",
    "turn_id": 1,
    "prompt": "User asked me to list directory contents"
})

Batch Ingest Turns

bash

curl -s -X POST https://api.airg.nov-tia.com/conversations/turns/batch \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '[
    {"conversation_id":"conv-123","turn_number":1,"role":"user","content":"List /tmp"},
    {"conversation_id":"conv-123","turn_number":2,"role":"assistant","content":"Running shell tool"}
  ]' | jq .

Agent Trace Observability

Capture the full lifecycle of every agent task — LLM reasoning, tool invocations, retrieval steps, and governance decisions as an OpenTelemetry-inspired span tree.

Ingest Trace Spans

bash

curl -s -X POST https://api.airg.nov-tia.com/traces/ingest \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "spans": [
      {"trace_id":"t-001","span_id":"root","name":"Research Task","kind":"agent",
       "start_time":"2026-02-28T12:00:00Z","end_time":"2026-02-28T12:00:05Z"},
      {"trace_id":"t-001","span_id":"llm-1","parent_span_id":"root",
       "name":"GPT-4 reasoning","kind":"llm",
       "start_time":"2026-02-28T12:00:01Z","end_time":"2026-02-28T12:00:03Z"}
    ]
  }' | jq .

Span Kinds

Kind	Color	Represents
agent	Red	Root agent task / orchestration
llm	Violet	LLM inference call
tool	Amber	Tool invocation
governance	Red	Governor evaluation (auto-created)
retrieval	Cyan	RAG / vector search
chain	Green	Multi-step chain execution

💡

Pass trace_id and span_id in the evaluation context — the Governor auto-creates a governance span as a child. Zero config required.

Real-Time Streaming (SSE)

The Governor pushes every governance decision to connected clients via Server-Sent Events. The dashboard auto-connects and shows a LIVE badge when the stream is active.

Connect to the Stream

bash

# Terminal
curl -N -H "Authorization: Bearer $TOKEN" \
  https://api.airg.nov-tia.com/actions/stream

# JavaScript
const es = new EventSource(
  "https://api.airg.nov-tia.com/actions/stream?token=" + jwt
);
es.addEventListener("action_evaluated", (e) => {
  const { tool, decision, risk_score } = JSON.parse(e.data);
  console.log(`${tool}: ${decision} (risk ${risk_score})`);
});

Event	When
connected	On initial connection
action_evaluated	After every POST /actions/evaluate
:heartbeat	Every 15 seconds (keep-alive)

Policy Management

Built-in Policies

Multiple governance policies are included with every account and active by default. No configuration required.

yaml

- policy_id: shell-dangerous
  description: "Block destructive shell commands"
  tool: "shell"
  severity: critical
  action: block
  args_regex: "(rm\\s+-rf|mkfs|dd\\s+if=|shutdown|reboot)"

Dynamic Policies (API)

bash

# Create a policy
curl -s -X POST https://api.airg.nov-tia.com/policies \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "policy_id": "block-external-uploads",
    "description": "Block HTTP uploads to external domains",
    "tool": "http_request",
    "severity": "high",
    "action": "block",
    "url_regex": "^https?://(?!internal\\.company\\.com)"
  }' | jq .

# Toggle on/off
curl -s -X PATCH https://api.airg.nov-tia.com/policies/block-external-uploads/toggle \
  -H "Authorization: Bearer $TOKEN" | jq .

ℹ

Every edit creates an immutable PolicyVersion snapshot + PolicyAuditLog with JSON diffs. Restore any previous version via the API.

Chain Analysis

The Governor detects multi-step attack patterns by examining session history. When a pattern is detected, the risk score is automatically boosted and the pattern name is stored in the chain_pattern response field.

Detected patterns include credential exfiltration sequences, privilege escalation chains, lateral movement attempts, data staging, scope probing, and other adversarial behaviours. Each pattern applies a dynamic risk boost based on severity.

ℹ

Chain analysis runs automatically on every evaluation. No configuration required. Detected patterns appear in the Chain Analysis dashboard tab.

SURGE v2 — Cryptographic Governance Receipts

Every governance decision produces a hash-chained, compliance-tagged receipt proving that a specific agent action was evaluated on specific infrastructure, under a specific jurisdiction. Receipts are tamper-evident — altering any single record breaks the entire chain.

Core Capabilities

Feature	Description
Hash Chain	Each receipt includes the previous receipt's SHA-256 digest — tamper-evident chain
Merkle Checkpoints	Periodic Merkle tree roots for efficient batch verification (default: every 100 receipts)
EU AI Act Tagging	Auto-tags receipts with applicable Articles (9, 12, 13, 14, 15, 17, 26)
NIST AI RMF	Maps to GOVERN-1.1, MAP-1.1, MEASURE-2.1, MANAGE-1.1, MANAGE-2.1
OWASP LLM Top 10	Tags LLM01 (Injection), LLM02 (Info Disclosure), LLM05, LLM06, LLM10
Sovereign Attestation	Each receipt embeds deployment_id, jurisdiction, operator, infrastructure, data_residency
Auditor Export	Download JSON bundles with receipts, checkpoints, and independent verification instructions

Endpoints

Method	Path	Description
GET	/surge/v2/status	Engine status, chain integrity, deployment info
POST	/surge/v2/issue	Issue a new governance receipt
GET	/surge/v2/receipts	List receipts (filterable by agent_id, decision)
GET	/surge/v2/receipts/:id	Get specific receipt
GET	/surge/v2/receipts/:id/verify	Verify single receipt integrity
POST	/surge/v2/checkpoint	Create Merkle tree checkpoint
GET	/surge/v2/checkpoints	List all Merkle checkpoints
GET	/surge/v2/verify	Verify entire receipt chain
GET	/surge/v2/export	Download auditor-ready compliance bundle

Receipt Schema

json

{
  "receipt_id": "surge-a1b2c3d4e5f67890",
  "sequence": 42,
  "timestamp": "2026-03-04T12:00:00+00:00",
  "tool": "shell",
  "decision": "block",
  "risk_score": 95,
  "explanation": "Dangerous command: rm -rf",
  "policy_ids": ["shell-dangerous"],
  "chain_pattern": null,
  "agent_id": "agent_001",
  "session_id": "sess_abc",
  "sovereign": {
    "deployment_id": "novtia-uk-prod-001",
    "jurisdiction": "GB",
    "operator": "Acme Services",
    "infrastructure": "on-premise",
    "data_residency": "GB",
    "classification": "OFFICIAL"
  },
  "compliance": {
    "eu_ai_act": ["Art.9", "Art.12", "Art.13", "Art.15"],
    "nist_ai_rmf": ["GOVERN-1.1", "MAP-1.1", "MEASURE-2.1", "MANAGE-1.1"],
    "owasp_llm": ["LLM06"]
  },
  "digest": "a1b2c3...sha256",
  "previous_digest": "f9e8d7...sha256",
  "merkle_root": null
}

Chain Verification

The export bundle includes plain-English instructions for independent verification using any SHA-256 implementation (openssl, Python hashlib, browser crypto API). No NOVTIA software required.

Escalation & Alerting

Automated escalation engine with 5 notification channels: Email, Slack, WhatsApp, Jira, and generic Webhooks.

Auto-Kill-Switch Triggers

⚠

The escalation engine auto-engages the kill switch when sustained high-risk activity is detected. Thresholds are calibrated to minimize false positives while catching genuine threats.

Configure Notifications

bash

curl -s -X POST https://api.airg.nov-tia.com/notifications/channels \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "security-alerts",
    "channel_type": "slack",
    "config_json": {"webhook_url": "https://hooks.slack.com/services/T.../B.../..."},
    "is_active": true
  }' | jq .

API Reference

Base URL

https://api.airg.nov-tia.com

Authentication

All protected endpoints accept Authorization: Bearer <jwt>,X-API-Key: airg_..., or ?token=<jwt> (SSE only).

Key Endpoints

Below is a categorized summary of all 122 API endpoints. For interactive exploration with “Try It” functionality, visit the API Explorer.

Authentication & Users

Method	Path	Description
POST	/auth/login	Authenticate and receive a JWT token
POST	/auth/signup	Register a new user account
GET	/auth/me	Current user profile, org, and wallet
GET	/auth/users	List users (admin scoped to org)
POST	/auth/users	Create user (admin+)
PATCH	/auth/users/:id	Update user role/name/status
DELETE	/auth/users/:id	Deactivate user (soft delete)
POST	/auth/users/:id/rotate-key	Rotate a user's API key
POST	/auth/me/rotate-key	Rotate your own API key
GET	/auth/me/keys	List your API keys
POST	/auth/me/keys	Create additional API key
DELETE	/auth/me/keys/:id	Revoke an API key
GET	/auth/login-history	Your login audit trail
GET	/auth/permissions	Available RBAC permissions
GET	/auth/roles	List custom roles
POST	/auth/roles/:name	Create/update custom role

Core Governance

Method	Path	Description
POST	/actions/evaluate	Evaluate a tool call (core endpoint)
GET	/actions	List evaluation logs (paginated)
POST	/actions/verify	Post-execution output verification
GET	/actions/verifications	List verification records (paginated)
POST	/actions/scan-output	Scan tool output for PII/credentials
GET	/actions/stream	SSE stream of governance decisions
GET	/actions/stream/status	SSE stream connection status

Policy Management

Method	Path	Description
GET	/policies	List all active policies
GET	/policies/all	List all policies (incl. archived)
POST	/policies/template	Create a new policy
POST	/policies/import	Import policy bundle
GET	/policies/export/all	Export all policies
POST	/policies/simulate	Simulate policy evaluation
GET	/policies/severity-weights	View severity weights
GET	/policies/governance-mode	Current governance mode
GET	/policies/allowlist	View tool allowlist
PATCH	/policies/:id/toggle	Enable/disable policy
GET	/policies/:id/versions	Policy version history
POST	/policies/:id/approve	Approve policy change
GET	/policies/audit/trail	Policy audit trail
GET	/policies/audit/stats	Policy audit statistics

Observability & Tracing

Method	Path	Description
POST	/traces/ingest	Ingest OpenTelemetry-style trace spans
GET	/traces	List traces (paginated)
GET	/traces/:trace_id	Get trace detail with span tree
POST	/conversations/turns	Ingest a conversation turn
POST	/conversations/turns/batch	Batch ingest turns
GET	/conversations	List conversations
GET	/conversations/:id/timeline	Conversation timeline
GET	/summary/overview	Dashboard overview statistics

Administration

Method	Path	Description
GET	/admin/status	System status (kill switch state)
POST	/admin/kill	Engage emergency kill switch
POST	/admin/resume	Release kill switch
POST	/admin/quarantine/:agent_id	Quarantine an agent
POST	/admin/unquarantine/:agent_id	Release agent quarantine
GET	/admin/quarantine	List quarantined agents
POST	/admin/budget/reset	Reset budget counters
GET	/admin/budget/status	Budget usage status

Escalation & Notifications

Method	Path	Description
GET	/escalation/queue	List pending escalations
GET	/escalation/queue/stats	Queue statistics
POST	/escalation/queue/:id/resolve	Resolve an escalation
POST	/escalation/queue/bulk-resolve	Bulk resolve escalations
GET	/escalation/config	Escalation rules config
GET	/notifications	List notification channels
POST	/notifications	Create notification channel
POST	/notifications/:id/test	Test a notification channel

SURGE, Compliance & Billing

Method	Path	Description
GET	/surge/v2/status	SURGE engine status and chain integrity
GET	/surge/v2/receipts	List governance receipts
GET	/surge/v2/receipts/:id/verify	Verify a single receipt
GET	/surge/v2/verify	Verify full receipt chain
GET	/surge/v2/export	Download compliance bundle
POST	/surge/v2/issue	Issue governance receipt
GET	/compliance/clauses	Regulatory clause database
POST	/billing/subscribe	Create Stripe subscription
GET	/billing/status/:wallet_id	Subscription status
POST	/moderation/scan	Content moderation scan
GET	/impact/assess	Impact assessment

Meta

Method	Path	Description
GET	/health	Liveness probe
GET	/healthz	Liveness + DB connectivity check
GET	/ready	Full readiness probe (DB + modules)
GET	/modules/status	Module loading status
GET	/settings	Runtime configuration (read-only)

💡

For the complete interactive reference with request/response schemas and “Try It” functionality, visit the API Explorer or the Swagger UI.

Rate Limits

Endpoint Group	Limit
POST /actions/evaluate	100 req/min per agent_id
POST /auth/login	5 req/min per IP
All other endpoints	60 req/min per token

SDKs

Language	Package	Install
Python	airg-client	pip install airg-client
TypeScript	@airg/governor-client	npm install @airg/governor-client
Java	dev.airg:governor-client	Maven / Gradle

Troubleshooting

Problem	Solution
401 Unauthorized	Check your API key or JWT token. Rotate key via Dashboard → API Keys tab.
403 Forbidden	Your role lacks permission for this endpoint. Contact your account admin.
Policy changes not taking effect	Policy cache has a 10-second TTL. Changes apply automatically after the cache refreshes.
Kill switch won't release	POST /admin/resume with an admin-level token.
CORS errors from browser	Ensure your domain is allowlisted. Contact support if you need additional origins.
SSE stream disconnects	The stream sends a heartbeat every 15 seconds. Check proxy/load balancer timeouts.
SDK connection timeout	Verify GOVERNOR_URL is https://api.airg.nov-tia.com and outbound HTTPS is allowed.
All actions blocked	Check if kill switch is engaged: GET /admin/status. Resume if needed.

© 2026 SOVEREIGN AI LAB

DOCS DASHBOARD