Skip to main content

SEBI Compliance API Reference

This reference documents the SEBI endpoints that are actually registered in the current enterprise build.

Authentication

Tenant resolution works in this order:

  • Tenant context (derived from Basic auth credentials) preferred
  • X-Org-ID fallback

Use X-User-ID when you want explicit user or reviewer attribution on export flows.

Route Overview

RouteMethod
/api/v1/sebi/audit/exportPOST
/api/v1/sebi/audit/export/{id}GET
/api/v1/sebi/audit/retentionGET
/api/v1/sebi/audit/readinessGET
/api/v1/sebi/dashboardGET

Export API

Create export

POST /api/v1/sebi/audit/export

Supported request fields:

{
"start_date": "2026-01-01T00:00:00Z",
"end_date": "2026-03-31T23:59:59Z",
"data_types": ["policy_violations", "llm_calls", "decision_chain"],
"format": "xml",
"framework": "SEBI_AI_ML",
"include_archived": false,
"redact_pii": true,
"filters": {
"agent_ids": ["advisor-agent"],
"severity": "high",
"include_model_info": true
}
}

Notable request details from the implementation:

  • start_date and end_date are time.Time fields
  • data_types is typed, not a free-form string blob
  • filters supports agent IDs, user IDs, severity, policy types, violation types, and include_model_info

Get export status

GET /api/v1/sebi/audit/export/{id}

The response is centered on:

  • export_id
  • status
  • framework
  • summary
  • download_url
  • expires_at
  • metadata

Retention API

Get retention status

GET /api/v1/sebi/audit/retention

The retention response includes:

  • tenant identifier
  • framework
  • a status array with one entry per audit data type
  • overall compliance_status
  • optional next_cleanup

Each data-type entry includes:

  • data_type
  • retention_days
  • oldest_record
  • newest_record
  • total_records
  • archived_records
  • storage_bytes
  • compliance_status
  • last_cleanup

This is a much more useful surface than a single yes/no retention flag.

Readiness API

Get readiness

GET /api/v1/sebi/audit/readiness

The readiness response shape is:

{
"ready": true,
"score": 92,
"checks": [
{
"name": "audit_logging",
"description": "Audit capture is enabled",
"status": "pass",
"details": "Recent exports show expected record classes"
}
],
"recommendations": []
}

Each check contains:

  • name
  • description
  • status
  • optional details

Dashboard API

Get dashboard

GET /api/v1/sebi/dashboard

The dashboard route is useful for operations and compliance teams that want a compact readiness-oriented view without separately calling export and retention endpoints.