Compliance
/api/v1/oris/compliance_bundles Assemble L4 compliance bundle
Produce a signed ComplianceBundle (v2) for an agent's transaction intent. The bundle binds L2 policy root + L3 Veris attestation + L5 non-revocation witness + Ed25519 signature into 1-2KB of wire bytes plus an AGE-sealed disclosure envelope.
Authorization, X-Request-Signature, X-Timestamp, and X-Nonce headers on every call. Nonce TTL is thirty seconds.
Request body
application/json, schema: ComplianceBundleAssembleRequest
Responses
| Status | Description |
|---|---|
201 | Successful Response |
422 | Validation Error |
Example request
curl -X POST 'https://api.useoris.xyz/api/v1/oris/compliance_bundles' \
-H 'Authorization: oris_sk_live_***' \
-H 'X-Request-Signature: ***' \
-H 'X-Timestamp: $(date +%s)' \
-H 'X-Nonce: $(uuidgen)' \
-H 'Content-Type: application/json' \
-d '{...}'/api/v1/oris/compliance/cohort/opt-in Opt into the cross-tenant federated cohort
Future drift evaluations will read the global federated cohort artifact instead of the per-tenant artifact. Past contributions are unaffected.
Authorization, X-Request-Signature, X-Timestamp, and X-Nonce headers on every call. Nonce TTL is thirty seconds.
Responses
| Status | Description |
|---|---|
200 | Successful Response |
Example request
curl -X POST 'https://api.useoris.xyz/api/v1/oris/compliance/cohort/opt-in' \
-H 'Authorization: oris_sk_live_***' \
-H 'X-Request-Signature: ***' \
-H 'X-Timestamp: $(date +%s)' \
-H 'X-Nonce: $(uuidgen)'/api/v1/oris/compliance/cohort/opt-out Opt out of the cross-tenant federated cohort
Future drift evaluations fall back to the per-tenant cohort artifact. Past DP-noised contributions stay in the shared table; the DP guarantee makes deletion redundant.
Authorization, X-Request-Signature, X-Timestamp, and X-Nonce headers on every call. Nonce TTL is thirty seconds.
Responses
| Status | Description |
|---|---|
200 | Successful Response |
Example request
curl -X POST 'https://api.useoris.xyz/api/v1/oris/compliance/cohort/opt-out' \
-H 'Authorization: oris_sk_live_***' \
-H 'X-Request-Signature: ***' \
-H 'X-Timestamp: $(date +%s)' \
-H 'X-Nonce: $(uuidgen)'/api/v1/oris/compliance/cohort/stats Federated cohort snapshot for this tenant
Returns the live state of the federated cohort: global size, freshness, and the calling tenant's own contribution position. The global tenant count is suppressed below 2 contributing tenants to avoid leaking that a single tenant is the source.
Authorization, X-Request-Signature, X-Timestamp, and X-Nonce headers on every call. Nonce TTL is thirty seconds.
Responses
| Status | Description |
|---|---|
200 | Successful Response |
Example request
curl -X GET 'https://api.useoris.xyz/api/v1/oris/compliance/cohort/stats' \
-H 'Authorization: oris_sk_live_***' \
-H 'X-Request-Signature: ***' \
-H 'X-Timestamp: $(date +%s)' \
-H 'X-Nonce: $(uuidgen)'/api/v1/oris/compliance/export Generate a SAR-grade compliance export
Produces a tamper-evident export bundle for the requested time window. Supports four output frameworks: FinCEN BSA, MiCA Title VIII, EU AI Act Annex IV, and a raw `generic` format. Retention: 7 years.
Authorization, X-Request-Signature, X-Timestamp, and X-Nonce headers on every call. Nonce TTL is thirty seconds.
Request body
application/json, schema: ExportRequest
Responses
| Status | Description |
|---|---|
200 | Successful Response |
422 | Validation Error |
Example request
curl -X POST 'https://api.useoris.xyz/api/v1/oris/compliance/export' \
-H 'Authorization: oris_sk_live_***' \
-H 'X-Request-Signature: ***' \
-H 'X-Timestamp: $(date +%s)' \
-H 'X-Nonce: $(uuidgen)' \
-H 'Content-Type: application/json' \
-d '{...}'