API reference
The Dokaz REST API is versioned under /v1. The machine-readable OpenAPI 3.1 document is at /openapi.json.
Authentication
Create an API key on the API keys page, then send it as a bearer token:
curl https://app.dokaz.io/v1/drills \ -H "Authorization: Bearer so_your_key_here"Conventions
- Every response is a
{ data, meta, errors }envelope. - List endpoints paginate with an opaque
cursor; followmeta.next_cursor. POSTrequests require anIdempotency-Keyheader; a repeated key replays the original response.- Rate limit: 60 requests per minute per account; over the limit returns
429withRetry-After.
Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /v1/databases | List database targets |
| POST | /v1/databases | Register a database target |
| GET | /v1/databases/{id} | Get a database target |
| GET | /v1/drills | List drills |
| POST | /v1/drills | Start a drill |
| GET | /v1/drills/{id} | Get a drill with steps + assertions |
| GET | /v1/drills/{id}/evidence | Download the signed evidence PDF |