Spaces:

BDR-AI
/

BDR-Agent-Factory

Running

File size: 13,780 Bytes

3ef5d3c

# API Specification - BDR Agent Factory

## Overview

The BDR Agent Factory provides a RESTful API for accessing AI capabilities, managing governance, and integrating with insurance business systems.

**Base URL**: `https://api.bdragentfactory.com/v1`

**Authentication**: Bearer token (OAuth 2.0)

---

## Authentication

### Obtain Access Token

```http
POST /auth/token
Content-Type: application/json

{
  "client_id": "your_client_id",
  "client_secret": "your_client_secret",
  "grant_type": "client_credentials"
}
```

**Response**:
```json
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600
}
```

---

## Core Endpoints

### 1. Capabilities

#### List All Capabilities

```http
GET /capabilities
Authorization: Bearer {access_token}
```

**Query Parameters**:
- `category` (optional): Filter by category (generation, transformation, language, etc.)
- `domain` (optional): Filter by domain (claims, underwriting, etc.)
- `explainable` (optional): Filter by explainability (true/false)
- `page` (optional): Page number (default: 1)
- `limit` (optional): Items per page (default: 20, max: 100)

**Response**:
```json
{
  "data": [
    {
      "id": "cap_text_classification",
      "name": "Text Classification",
      "category": "language",
      "description": "Categorize text into predefined classes",
      "supported_domains": ["claims", "underwriting", "customer_service"],
      "insurance_use_cases": [
        "Claim type classification",
        "Policy document categorization"
      ],
      "decision_types": ["approve", "review", "reject"],
      "explainable": true,
      "auditable": true,
      "version": "1.0.0",
      "status": "production"
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 20,
    "total": 50,
    "total_pages": 3
  }
}
```

#### Get Capability Details

```http
GET /capabilities/{capability_id}
Authorization: Bearer {access_token}
```

**Response**:
```json
{
  "id": "cap_text_classification",
  "name": "Text Classification",
  "category": "language",
  "description": "Categorize text into predefined classes",
  "supported_domains": ["claims", "underwriting", "customer_service"],
  "insurance_use_cases": [
    "Claim type classification",
    "Policy document categorization"
  ],
  "decision_types": ["approve", "review", "reject"],
  "explainable": true,
  "auditable": true,
  "version": "1.0.0",
  "status": "production",
  "endpoints": {
    "invoke": "/capabilities/cap_text_classification/invoke",
    "batch": "/capabilities/cap_text_classification/batch"
  },
  "input_schema": {
    "type": "object",
    "properties": {
      "text": {"type": "string", "required": true},
      "classes": {"type": "array", "items": {"type": "string"}},
      "confidence_threshold": {"type": "number", "default": 0.7}
    }
  },
  "output_schema": {
    "type": "object",
    "properties": {
      "predicted_class": {"type": "string"},
      "confidence": {"type": "number"},
      "all_scores": {"type": "object"},
      "explanation": {"type": "object"}
    }
  },
  "performance_metrics": {
    "avg_latency_ms": 150,
    "p95_latency_ms": 300,
    "accuracy": 0.94,
    "throughput_rps": 100
  }
}
```

#### Invoke Capability

```http
POST /capabilities/{capability_id}/invoke
Authorization: Bearer {access_token}
Content-Type: application/json

{
  "input": {
    "text": "Customer reported water damage to basement after heavy rain",
    "classes": ["property_damage", "auto_accident", "health_claim", "liability"],
    "confidence_threshold": 0.8
  },
  "options": {
    "explain": true,
    "audit_trail": true,
    "request_id": "req_12345"
  }
}
```

**Response**:
```json
{
  "request_id": "req_12345",
  "capability_id": "cap_text_classification",
  "timestamp": "2026-01-03T00:13:00Z",
  "result": {
    "predicted_class": "property_damage",
    "confidence": 0.96,
    "all_scores": {
      "property_damage": 0.96,
      "liability": 0.03,
      "auto_accident": 0.01,
      "health_claim": 0.00
    },
    "explanation": {
      "method": "SHAP",
      "key_features": [
        {"feature": "water damage", "importance": 0.45},
        {"feature": "basement", "importance": 0.32},
        {"feature": "heavy rain", "importance": 0.18}
      ]
    }
  },
  "metadata": {
    "model_version": "1.0.0",
    "processing_time_ms": 142,
    "compliance_flags": {
      "explainable": true,
      "auditable": true,
      "gdpr_compliant": true
    }
  },
  "audit_trail": {
    "audit_id": "audit_67890",
    "stored": true,
    "retention_days": 2555
  }
}
```

#### Batch Invoke

```http
POST /capabilities/{capability_id}/batch
Authorization: Bearer {access_token}
Content-Type: application/json

{
  "inputs": [
    {"text": "First claim description"},
    {"text": "Second claim description"},
    {"text": "Third claim description"}
  ],
  "options": {
    "explain": false,
    "batch_id": "batch_12345"
  }
}
```

**Response**:
```json
{
  "batch_id": "batch_12345",
  "status": "processing",
  "total_items": 3,
  "estimated_completion": "2026-01-03T00:15:00Z",
  "status_url": "/batch/batch_12345/status",
  "results_url": "/batch/batch_12345/results"
}
```

---

### 2. Systems

#### List Business Systems

```http
GET /systems
Authorization: Bearer {access_token}
```

**Response**:
```json
{
  "data": [
    {
      "id": "sys_claims_gpt",
      "name": "ClaimsGPT",
      "description": "AI-powered claims decision intelligence",
      "status": "production",
      "capabilities": [
        "cap_text_classification",
        "cap_sentiment_analysis",
        "cap_fraud_detection"
      ],
      "compliance_requirements": ["IFRS17", "GDPR"],
      "version": "2.1.0"
    }
  ]
}
```

#### Get System Details

```http
GET /systems/{system_id}
Authorization: Bearer {access_token}
```

#### Register New System

```http
POST /systems
Authorization: Bearer {access_token}
Content-Type: application/json

{
  "name": "NewInsuranceAgent",
  "description": "Description of the new system",
  "required_capabilities": ["cap_text_classification"],
  "compliance_requirements": ["GDPR"],
  "owner": "team@company.com"
}
```

---

### 3. Governance & Audit

#### Get Audit Trail

```http
GET /audit/trail
Authorization: Bearer {access_token}
```

**Query Parameters**:
- `capability_id` (optional): Filter by capability
- `system_id` (optional): Filter by system
- `start_date` (required): ISO 8601 date
- `end_date` (required): ISO 8601 date
- `decision_type` (optional): Filter by decision type

**Response**:
```json
{
  "data": [
    {
      "audit_id": "audit_67890",
      "timestamp": "2026-01-03T00:13:00Z",
      "capability_id": "cap_text_classification",
      "system_id": "sys_claims_gpt",
      "request_id": "req_12345",
      "user_id": "user_123",
      "input_hash": "sha256:abc123...",
      "output_hash": "sha256:def456...",
      "decision_type": "approve",
      "confidence": 0.96,
      "compliance_flags": {
        "explainable": true,
        "auditable": true,
        "gdpr_compliant": true
      },
      "retention_until": "2033-01-03T00:13:00Z"
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 50,
    "total": 1000
  }
}
```

#### Get Compliance Report

```http
GET /governance/compliance-report
Authorization: Bearer {access_token}
```

**Query Parameters**:
- `framework` (required): IFRS17, HIPAA, GDPR, or AML
- `start_date` (required): ISO 8601 date
- `end_date` (required): ISO 8601 date

**Response**:
```json
{
  "framework": "GDPR",
  "period": {
    "start": "2026-01-01T00:00:00Z",
    "end": "2026-01-03T23:59:59Z"
  },
  "summary": {
    "total_requests": 10000,
    "compliant_requests": 9998,
    "compliance_rate": 0.9998,
    "violations": 2
  },
  "metrics": {
    "data_retention_compliance": 1.0,
    "right_to_explanation": 1.0,
    "consent_tracking": 0.9998,
    "data_minimization": 1.0
  },
  "violations": [
    {
      "violation_id": "viol_001",
      "timestamp": "2026-01-02T14:30:00Z",
      "type": "missing_consent",
      "severity": "medium",
      "remediation_status": "resolved"
    }
  ]
}
```

#### Get Explainability Report

```http
GET /governance/explainability/{request_id}
Authorization: Bearer {access_token}
```

**Response**:
```json
{
  "request_id": "req_12345",
  "capability_id": "cap_text_classification",
  "timestamp": "2026-01-03T00:13:00Z",
  "explanation": {
    "method": "SHAP",
    "global_explanation": {
      "model_type": "transformer",
      "training_data_size": 100000,
      "feature_importance": [
        {"feature": "claim_keywords", "importance": 0.45},
        {"feature": "context_words", "importance": 0.35},
        {"feature": "sentence_structure", "importance": 0.20}
      ]
    },
    "local_explanation": {
      "input_text": "Customer reported water damage to basement after heavy rain",
      "prediction": "property_damage",
      "confidence": 0.96,
      "key_features": [
        {"feature": "water damage", "importance": 0.45, "contribution": "+0.43"},
        {"feature": "basement", "importance": 0.32, "contribution": "+0.31"},
        {"feature": "heavy rain", "importance": 0.18, "contribution": "+0.17"}
      ],
      "counterfactual": "If 'water damage' was replaced with 'minor scratch', prediction would be 'auto_accident' with 0.82 confidence"
    }
  },
  "human_readable_summary": "The model classified this as property damage with 96% confidence primarily because of the keywords 'water damage' (45% importance), 'basement' (32% importance), and 'heavy rain' (18% importance). These terms are strongly associated with property damage claims in the training data."
}
```

---

### 4. Monitoring & Metrics

#### Get System Health

```http
GET /monitoring/health
Authorization: Bearer {access_token}
```

**Response**:
```json
{
  "status": "healthy",
  "timestamp": "2026-01-03T00:13:00Z",
  "services": {
    "api": {"status": "up", "latency_ms": 12},
    "database": {"status": "up", "latency_ms": 8},
    "ml_inference": {"status": "up", "latency_ms": 145},
    "audit_service": {"status": "up", "latency_ms": 23}
  },
  "uptime_percentage": 99.97
}
```

#### Get Performance Metrics

```http
GET /monitoring/metrics
Authorization: Bearer {access_token}
```

**Query Parameters**:
- `capability_id` (optional): Filter by capability
- `time_range` (optional): 1h, 24h, 7d, 30d (default: 24h)

**Response**:
```json
{
  "time_range": "24h",
  "metrics": {
    "total_requests": 50000,
    "successful_requests": 49950,
    "failed_requests": 50,
    "success_rate": 0.999,
    "avg_latency_ms": 152,
    "p50_latency_ms": 140,
    "p95_latency_ms": 280,
    "p99_latency_ms": 450,
    "throughput_rps": 0.58,
    "error_rate": 0.001
  },
  "by_capability": [
    {
      "capability_id": "cap_text_classification",
      "requests": 15000,
      "avg_latency_ms": 142,
      "success_rate": 0.999
    }
  ]
}
```

---

## Error Handling

### Error Response Format

```json
{
  "error": {
    "code": "INVALID_INPUT",
    "message": "The input text exceeds maximum length of 10000 characters",
    "details": {
      "field": "text",
      "provided_length": 15000,
      "max_length": 10000
    },
    "request_id": "req_12345",
    "timestamp": "2026-01-03T00:13:00Z"
  }
}
```

### Error Codes

| Code | HTTP Status | Description |
|------|-------------|-------------|
| `AUTHENTICATION_FAILED` | 401 | Invalid or expired access token |
| `AUTHORIZATION_FAILED` | 403 | Insufficient permissions |
| `INVALID_INPUT` | 400 | Input validation failed |
| `CAPABILITY_NOT_FOUND` | 404 | Capability ID does not exist |
| `SYSTEM_NOT_FOUND` | 404 | System ID does not exist |
| `RATE_LIMIT_EXCEEDED` | 429 | Too many requests |
| `INTERNAL_ERROR` | 500 | Internal server error |
| `SERVICE_UNAVAILABLE` | 503 | Service temporarily unavailable |
| `COMPLIANCE_VIOLATION` | 422 | Request violates compliance rules |

---

## Rate Limiting

- **Standard Tier**: 100 requests/minute, 10,000 requests/day
- **Premium Tier**: 1,000 requests/minute, 100,000 requests/day
- **Enterprise Tier**: Custom limits

**Rate Limit Headers**:
```
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1704240000
```

---

## Versioning

API versions are specified in the URL path:
- Current: `/v1`
- Beta: `/v2-beta`

Version deprecation notices are provided 6 months in advance.

---

## SDKs

### Python
```python
from bdr_agent_factory import Client

client = Client(api_key="your_api_key")

result = client.capabilities.invoke(
    capability_id="cap_text_classification",
    input={"text": "Claim description"},
    options={"explain": True}
)

print(result.predicted_class)
print(result.explanation)
```

### JavaScript/TypeScript
```javascript
import { BDRAgentFactory } from '@bdr/agent-factory';

const client = new BDRAgentFactory({ apiKey: 'your_api_key' });

const result = await client.capabilities.invoke({
  capabilityId: 'cap_text_classification',
  input: { text: 'Claim description' },
  options: { explain: true }
});

console.log(result.predictedClass);
```

---

## Webhooks

### Register Webhook

```http
POST /webhooks
Authorization: Bearer {access_token}
Content-Type: application/json

{
  "url": "https://your-domain.com/webhook",
  "events": ["capability.invoked", "compliance.violation"],
  "secret": "your_webhook_secret"
}
```

### Webhook Events

- `capability.invoked` - Capability was invoked
- `capability.failed` - Capability invocation failed
- `compliance.violation` - Compliance violation detected
- `audit.created` - New audit trail entry created
- `system.registered` - New system registered

---

## Support

For API support:
- Email: api-support@bdragentfactory.com
- Documentation: https://docs.bdragentfactory.com
- Status Page: https://status.bdragentfactory.com