API Reference

Technical API documentation for building custom integrations.

⚠️

Most users should use the Python SDK instead of calling the API directly.

This reference is for building custom integrations in other languages.

Authentication

All API requests require your project API key in the X-API-Key header:

X-API-Key: as_your_api_key

Get your API key from the Dashboard.

Event Ingestion

POST /ingest-event

Records a permission check event.

Request:

{
  "agent_name": "SupportBot",
  "action": "permission_check",
  "scope": "read:orders",
  "allowed": true,
  "function_name": "get_order",
  "metadata": {}
}

Fields:

Field	Type	Required	Description
`agent_name`	string	Yes	Name of the agent
`action`	string	Yes	Event type (e.g., `permission_check`)
`scope`	string	No	The scope being checked
`allowed`	boolean	Yes	Whether access was granted
`function_name`	string	No	Name of the protected function
`metadata`	object	No	Additional context

Response (201):

{
  "id": "uuid",
  "project_id": "uuid",
  "agent_id": "uuid",
  "agent_name": "SupportBot",
  "action": "permission_check",
  "scope": "read:orders",
  "allowed": true,
  "timestamp": "2024-01-15T10:30:00Z"
}

Example (cURL):

curl -X POST https://api.agentsudo.dev/ingest-event \
  -H "Content-Type: application/json" \
  -H "X-API-Key: as_your_api_key" \
  -d '{
    "agent_name": "SupportBot",
    "action": "permission_check",
    "scope": "read:orders",
    "allowed": true,
    "function_name": "get_order"
  }'

Error Codes

HTTP Status	Code	Description
400	`INVALID_PAYLOAD`	Missing required fields
401	`INVALID_API_KEY`	API key is missing or invalid
429	`RATE_LIMITED`	Too many requests
500	`INTERNAL_ERROR`	Server error

Error Response:

{
  "error": "Invalid API key"
}

Rate Limits

Tier	Limit
Free	1,000 events/day
Pro	100,000 events/day

Building a Custom SDK

If you're building an SDK for another language, here's the minimal implementation:

# Pseudocode for any language
def send_event(api_key, agent_name, scope, allowed, function_name):
    POST "https://api.agentsudo.dev/ingest-event"
    Headers: {
        "Content-Type": "application/json",
        "X-API-Key": api_key
    }
    Body: {
        "agent_name": agent_name,
        "action": "permission_check", 
        "scope": scope,
        "allowed": allowed,
        "function_name": function_name
    }

💡

Interested in building an SDK for TypeScript, Go, or another language? Open an issue and we'll help!