Reference

API Reference

Complete endpoint documentation for OmegaEngine v2. All endpoints use x-api-key header authentication.

Quickstart

Get started in 5 min

OpenAPI Spec

Machine-readable YAML

Playground

Try it live

Authentication

All API requests require an API key passed via the x-api-key header.

x-api-key: omega_your_api_key_here

Base URL

https://omegaengine.ai

Endpoints

POST/api/v2/judge

Primary decision endpoint — risk-scored verdictCore

POST/api/v2/feedback

Submit RLHF feedback on a decisionCore

POST/api/decision

Fast-path decisionCore

GET/api/decision/verify

Verify a decision's cryptographic proofCore

GET/api/v2/posture

Unified security posture — 16 engines in one callSecurity

GET/api/v2/score

Adversarial Robustness Score (0-1000)Security

GET/api/v2/anomalies

Live anomaly detection on API trafficSecurity

GET/api/v2/forensics

Model decision forensics & explainabilitySecurity

GET/api/v2/zero-day

Zero-day discovery via 6 mutation strategiesSecurity

GET/api/v2/threat-intel

Threat intelligence feed (filterable)Security

GET/api/v2/surface

Attack surface graph mappingSecurity

POST/api/v2/correlate

Cross-tenant attack campaign detectionSecurity

POST/api/v2/fingerprint

Per-model vulnerability fingerprintingSecurity

POST/api/v2/threat-model

STRIDE threat model + kill chain analysisSecurity

GET/api/v2/incidents

Incident timeline reconstructionAdvanced

GET/api/v2/costs

Cost attribution + safety ROI intelligenceAdvanced

GET/api/v2/playbooks

Incident response playbooksAdvanced

GET/api/v2/contracts

Model behavior contract complianceAdvanced

GET/api/v2/sla

Security SLA tracking & violation alertsAdvanced

GET/api/v2/chaos

Chaos engineering resilience testingAdvanced

GET/api/v2/simulate

Threat simulation fire drills (6 scenarios)Advanced

GET/api/v2/tenant-risk

Per-tenant risk scoringAdvanced

GET/api/v2/regulatory

Regulatory change tracker (EU AI Act, NIST)Enterprise

GET/api/v2/maturity

AI Security Maturity Model (8 domains)Enterprise

GET/api/v2/sbom

AI Software Bill of MaterialsEnterprise

GET/api/v2/report/pentest

Automated penetration test reportEnterprise

GET/api/v2/report/executive

Board-ready executive briefEnterprise

POST/api/v2/benchmark

Industry percentile scoringEnterprise

POST/api/v2/monitor/drift

Continuous safety drift detectionEnterprise

POST/api/v2/scan

Full adversarial security scanSecurity

POST/api/v2/redteam/quick-scan

Quick scan — results in <60sSecurity

POST/api/v2/scan/diff

Compare two scans for regressionsSecurity

POST/api/v2/ci/gate

CI/CD security gate — blocks unsafe deploysCI/CD

POST/api/v2/webhooks

GET/api/v2/webhooks

List registered webhooksAdvanced

GET/api/v2/status

System status — all 16 engine health + uptimeHealth

GET/api/v2/badge

Embeddable SVG security score badgeIntegration

GET/api/v2/integrations/slack

List available integrationsIntegration

POST/api/v2/integrations/slack

Configure Slack security alertsIntegration

GET/api/v2/usage

API usage analytics + billing metricsBilling

GET/api/logs

Query the decision ledgerAudit

GET/api/compliance/export

Export audit trails for complianceEnterprise

GET/api/proof

Retrieve cryptographic proof chainAudit

GET/api/policies

List active policiesCore

GET/api/health

Full readiness checkHealth

GET/api/ping

Liveness probeHealth

GET/api/usage/summary

Usage statistics for current orgBilling

Example: POST /api/v2/judge

Request

curl -X POST https://omegaengine.ai/api/v2/judge \
  -H "Content-Type: application/json" \
  -H "x-api-key: omega_your_api_key_here" \
  -d '{
    "scenario": "Should I approve this $50,000 wire transfer?",
    "context": "VIP customer, 780 credit score, 5yr history",
    "domain": "finance",
    "riskTolerance": "low"
  }'

Response

{
  "decision": "APPROVE",
  "confidence": 0.89,
  "riskLevel": "LOW",
  "riskScore": 23,
  "reasoning": "Strong credit profile with stable employment...",
  "needsHumanReview": false,
  "policyTags": ["FINANCIAL_DECISION", "CREDIT_ASSESSMENT"],
  "quantumHeuristics": {
    "stakeholderImpactScore": 35,
    "cascadeRiskScore": 20,
    "financialMaterialityScore": 45,
    "reputationRiskScore": 15
  },
  "robustnessLevel": "HIGH",
  "auditId": "aud_7x8k2m9n...",
  "metadata": {
    "latencyMs": 245,
    "model": "gpt-5.4",
    "engineVersion": "2.0.0-beta"
  }
}

API Explorer

Live

Test any GET endpoint directly from the docs. Select an endpoint and hit Send.

SDK Examples

import { OmegaClient } from "@omegaengine/sdk";

const omega = new OmegaClient({
  baseUrl: "https://omegaengine.ai",
  apiKey: process.env.OMEGA_API_KEY!,
});

// Get the full security posture (16 engines, sub-second)
const posture = await omega.security.posture({
  organization: "Acme Corp",
  industry: "fintech",
});

console.log(posture.posture.adversarialRobustnessScore);
console.log(posture.posture.executiveNarrative);

// Get individual intelligence
const ars = await omega.security.score();
console.log(`ARS: ${ars.report.score}/1000 (${ars.report.bandLabel})`);

const sla = await omega.security.sla();
if (sla.sla.violated > 0) {
  console.warn(`${sla.sla.violated} SLAs violated!`);
}

const threats = await omega.security.threatIntel("critical");
for (const t of threats.catalog) {
  console.log(`[${t.severity}] ${t.name} — ${t.mitre}`);
}

Webhook Events

Subscribe to push notifications for security events via POST /api/v2/webhooks.

Event	Description	Severity
sla.violated	Security SLA threshold breached	Critical
sla.at_risk	SLA approaching violation threshold	Warning
anomaly.spike	Anomalous traffic pattern detected	High
zero_day.discovered	Novel adversarial pattern found	Critical
attack.campaign_detected	Cross-tenant coordinated attack	Critical
drift.regression	Safety score decreased between scans	High
chaos.failure	Chaos experiment failed (resilience gap)	High
contract.violation	Model behavior contract breached	High
incident.created	New security incident opened	Medium
incident.escalated	Incident escalated to P1/P0	Critical
scan.completed	Adversarial scan finished	Info
regulatory.action_required	New compliance requirement detected	Warning
posture.score_drop	Overall security posture degraded	High

Rate Limits

Tier	Requests/Min	Decisions/Month
Free	10	3
Starter	30	500
Pro	60	2,500
Business	120	7,500
Team	300	20,000
Enterprise	Custom	Unlimited

Error Codes

Code	HTTP	Description
UNAUTHORIZED	401	Missing or invalid API key
FORBIDDEN	403	Insufficient permissions
RATE_LIMIT_EXCEEDED	429	Too many requests
PLAN_LIMIT_EXCEEDED	402	Usage limit for plan tier
SAFETY_BLOCKED	451	Content blocked by safety system
INTERNAL_ERROR	500	Server error

Need help?

Our team is available to help with integration.

Try Playground Contact Support