KoraSafe
HomeTechnologyAPI & Webhooks

Programmatic governance
for every workflow

Embed compliance into CI/CD pipelines, monitoring stacks, ticketing systems, and agent orchestration layers. KoraSafe's REST API and webhook infrastructure make governance a first-class citizen in your engineering toolchain.

REST API

Full governance at your fingertips

Every governance capability in KoraSafe is accessible through a clean, versioned REST API. Automate assessments, query your registry, chat with regulatory intelligence, and monitor compliance status -- all programmatically.

POST
/api/assess
Run an on-demand risk assessment for any AI system. Returns risk tier, flagged concerns, and recommended mitigations.
// Run a risk assessment POST /api/v1/assess { "system_name": "fraud-detection-v3", "category": "credit_decisioning", "jurisdiction": "EU" }
GET
/api/registry
Query your complete AI asset inventory. Filter by team, risk tier, lifecycle stage, or compliance status.
// Query AI registry GET /api/v1/registry ?risk_tier=high &status=production &team=ml-platform
POST
/api/chat
Ask Kora any regulatory question. Get sourced, jurisdiction-aware answers powered by our curated regulatory corpus.
// Ask Kora a regulatory question POST /api/v1/chat { "query": "What are EU AI Act
requirements for credit scoring?", "context": "financial_services" }
GET
/api/compliance
Check real-time compliance posture for any system or your entire fleet. Perfect for dashboards and CI gates.
// Check compliance status GET /api/v1/compliance ?system_id=sys_3f8a2k // Response { "status": "compliant", "score": 94 }
Webhooks

Real-time event delivery

Never poll for status. KoraSafe pushes governance events to your endpoints the instant they happen -- policy violations, completed assessments, guardian triggers, and compliance breaches.

policy.violation.detected
Fires when any AI system violates an active governance policy. Includes violation severity, affected system, and policy reference.
assessment.completed
Fires when a risk assessment finishes. Includes the full risk tier classification, flagged concerns, and recommended actions.
guardian.trigger.fired
Fires when a Guardian agent detects an anomaly -- PII exposure, bias drift, hallucination spike, or cost overrun.
compliance.threshold.breach
Fires when a system's compliance score drops below your configured threshold. Enables automated escalation workflows.
KoraSafe Governance Engine Events • Assessments • Policies Webhook Router HMAC-signed, retries, logs Slack / Teams Governance alerts CI/CD Pipeline Deployment gates Jira / Linear Remediation tickets Dashboards Grafana, Datadog
Integrations

Built for your stack

Pre-built patterns for the tools your teams already use. Drop governance checks into any workflow without changing how you build.

CI/CD gates

Block non-compliant models and AI systems from reaching production. Integrates with GitHub Actions, GitLab CI, Jenkins, and any pipeline that speaks HTTP.

Slack & teams alerts

Route governance notifications to the right channels. Policy violations, assessment results, and compliance alerts delivered where your team already works.

Jira & linear

Automatically create remediation tickets when violations are detected. Track resolution through your existing issue management workflow with full traceability.

Custom dashboards

Pipe governance metrics into Grafana, Datadog, or your own dashboards. Full OpenMetrics-compatible export for compliance posture visualization.

Security

Enterprise-grade authentication

Every API call is authenticated, scoped, and rate-limited. Built for teams that take security as seriously as governance.

API key authentication

Generate API keys per team, per environment. Rotate keys without downtime. Every key is tied to an audit trail for full accountability.

Scoped permissions

Fine-grained access controls let you grant read-only registry access to dashboards, write access to CI systems, and admin access to governance leads.

Rate limiting

Configurable rate limits per key and per endpoint. Burst-friendly defaults with the ability to request higher throughput for pipeline-heavy workloads.

Governance that ships with your code

See how KoraSafe's API and webhooks fit into your engineering workflow. Schedule a technical walkthrough with our team.

Request a Demo