API Reference
Safe House
Agents
Traces
Integrity
Checkpoints
Enforcement
Agent Containment
Conscience Values
Unified cards
AIP Webhooks
Auth
- GETGet authenticated user info and linked agents
- DELDelete authenticated user account and unlink agents
- GETCheck if email domain has SSO enabled
- POSTSign up with email + password
- POSTSign in with email + password
- POSTSign out and clear session cookies
- GETCookie-aware whoami
- POSTCLI password login — returns bearer tokens
- POSTCLI token refresh
- POSTExchange a cookie session for raw Supabase tokens
- POSTIssue a challenge for a TOTP factor
- POSTComplete MFA step-up or enrollment
- GETList the current user's TOTP factors
- POSTEnroll a new TOTP factor
- POSTUnenroll a TOTP factor
- POSTRequest a password reset email
- POSTResend email confirmation
- GETEmail-link landing (confirm / recovery / magic link)
- POSTBegin an SSO login flow
- GETIdP callback landing
- POSTBegin passkey enrollment — return WebAuthn creation options
- POSTVerify passkey registration + persist the credential
- POSTBegin passkey sign-in — return WebAuthn assertion options
- POSTVerify passkey assertion and issue a session
- GETList enrolled passkeys
- DELRemove an enrolled passkey
Billing
- POSTCreate Stripe checkout session
- POSTCreate Stripe billing portal session
- GETGet current subscription details
- POSTCancel subscription at period end
- POSTReactivate a subscription scheduled for cancellation
- POSTChange subscription plan
- GETList invoices
- GETGet authenticated user billing summary
- GETGet plan feature flags for authenticated user
- GETGet usage metrics for current user
- GETGet per-agent usage breakdown
- GETGet budget alert settings
- PUTSet budget alert threshold
- GETExport usage data as CSV
- POSTValidate a promo code
- POSTSubmit enterprise contact form
- GETList public pricing plans
- POSTCreate a personal API key
- GETList active API keys
- DELRevoke an API key
- POSTRotate a personal API key
Organizations
- POSTCreate organization
- GETList organizations for authenticated user
- GETGet organization details
- PATCHUpdate organization
- DELDelete organization (owner only)
- GETList organization members
- PATCHUpdate member role (owner only)
- DELRemove member or self-leave
- POSTInvite member to organization
- GETList pending invitations
- DELRevoke a pending invitation
- POSTAccept an organization invitation
- GETList agents in organization
- POSTCreate organization API key
- GETList organization API keys
- DELRevoke organization API key
- POSTRotate an organization API key
- GETGet SSO configuration for organization
- PUTConfigure SAML SSO for organization (owner only)
- DELRemove SSO configuration (owner only)
- POSTTest SSO metadata URL validity
- POSTEnable Safe House for an organization
- GETGet organization alignment template
- PUTSet organization alignment template
- DELDelete organization alignment template
- GETGet organization protection template
- PUTSet organization protection template
- DELDelete organization protection template
- GETGet organization usage
- GETGet organization cost rollup
- GETGet billing summary
- POSTOpen the Stripe Customer Portal
- GETRead the audit log
Teams
- Teams API
- POSTCreate a team
- GETGet team by ID
- PATCHUpdate team
- DELArchive team
- POSTAdd members to team
- DELRemove member from team
- GETGet team roster history
- GETList teams in organization
- GETGet team alignment card
- PUTSet team alignment card
- POSTDerive team card from member cards
- GETGet team card version history
Team Reputation
Webhook Notifications
Licensing
Verification
Reclassification
Reputation
Create transaction with guardrails
curl --request POST \
--url https://api.mnemom.ai/v1/transactions \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"agent_id": "<string>",
"actions": [
{
"tool": "<string>",
"parameters": {},
"justification": "<string>"
}
],
"policy_override": {
"meta": {
"schema_version": "<string>",
"name": "<string>",
"description": "<string>",
"scope": "agent"
},
"capability_mappings": {},
"forbidden": [
{
"pattern": "<string>",
"reason": "<string>",
"severity": "high"
}
],
"escalation_triggers": [
{
"condition": "<string>",
"action": "notify",
"reason": "<string>"
}
],
"defaults": {
"unmapped_tool_action": "warn",
"unmapped_severity": "medium",
"fail_open": false,
"enforcement_mode": "observe",
"grace_period_hours": 0
}
}
}
'{
"id": "<string>",
"agent_id": "<string>",
"status": "pending",
"evaluation": {
"verdict": "pass",
"violations": [
{
"type": "forbidden",
"tool": "<string>",
"capability": "<string>",
"rule": "<string>",
"reason": "<string>",
"severity": "low"
}
],
"warnings": [
{
"tool": "<string>",
"message": "<string>"
}
],
"card_gaps": [
{
"capability": "<string>",
"missing_card_field": "<string>",
"suggestion": "<string>"
}
],
"coverage": 0.5
},
"created_at": "2023-11-07T05:31:56Z"
}Transactions
Create transaction
Create a new guarded transaction. The transaction wraps one or more agent actions with CLPI policy guardrails, ensuring all tool invocations are evaluated against the effective policy before execution. Returns the transaction ID and initial evaluation status.
POST
/
transactions
Create transaction with guardrails
curl --request POST \
--url https://api.mnemom.ai/v1/transactions \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"agent_id": "<string>",
"actions": [
{
"tool": "<string>",
"parameters": {},
"justification": "<string>"
}
],
"policy_override": {
"meta": {
"schema_version": "<string>",
"name": "<string>",
"description": "<string>",
"scope": "agent"
},
"capability_mappings": {},
"forbidden": [
{
"pattern": "<string>",
"reason": "<string>",
"severity": "high"
}
],
"escalation_triggers": [
{
"condition": "<string>",
"action": "notify",
"reason": "<string>"
}
],
"defaults": {
"unmapped_tool_action": "warn",
"unmapped_severity": "medium",
"fail_open": false,
"enforcement_mode": "observe",
"grace_period_hours": 0
}
}
}
'{
"id": "<string>",
"agent_id": "<string>",
"status": "pending",
"evaluation": {
"verdict": "pass",
"violations": [
{
"type": "forbidden",
"tool": "<string>",
"capability": "<string>",
"rule": "<string>",
"reason": "<string>",
"severity": "low"
}
],
"warnings": [
{
"tool": "<string>",
"message": "<string>"
}
],
"card_gaps": [
{
"capability": "<string>",
"missing_card_field": "<string>",
"suggestion": "<string>"
}
],
"coverage": 0.5
},
"created_at": "2023-11-07T05:31:56Z"
}Authorizations
BearerAuthApiKeyAuth
Supabase JWT token in Authorization: Bearer header
Body
application/json
⌘I