SENTINEL Docs

Management API

Manage agents, policies, and team settings.

Management endpoints for agents, policies, and teams. Requires API key authentication.

Agents

GET  /api/v1/agents          — List agents
GET  /api/v1/agents/:id      — Get agent summary
POST /api/v1/agents          — Create agent

Agent summaries include: agentId (external_id), name, totalSpend, transactionCount, lastActive, authorizedBy.

Create agent body:

{
  "external_id": "agent-weather-001",
  "name": "Weather Agent",
  "authorized_by": "alice@company.com"
}

Policies

GET  /api/v1/policies        — List budget policies
GET  /api/v1/policies/:id    — Get policy
POST /api/v1/policies        — Create policy

Policies define limits (per_call, per_hour, daily, per_endpoint) and can be linked to agents. The SDK also configures policies in code via wrapWithSentinel.

Team

GET  /api/v1/team           — Get team info
POST /api/v1/team/rotate-key — Rotate API key

Team info includes name, id, and usage. Key rotation creates a new key and invalidates the old one.

Alerts

GET  /api/v1/alerts         — List alerts (violations, anomalies)
GET  /api/v1/alerts/:id      — Get alert
PATCH /api/v1/alerts/:id     — Resolve alert

curl Examples

# List agents
curl -H "Authorization: Bearer val_xxx" \
  "https://api.valeo.money/v1/agents"

# Create agent
curl -X POST -H "Authorization: Bearer val_xxx" \
  -H "Content-Type: application/json" \
  -d '{"external_id":"agent-1","name":"My Agent"}' \
  "https://api.valeo.money/v1/agents"

Today, agents are discovered from audit records; policies are configured in code. The Management API provides optional remote registry and policy management when using the hosted API.