Base URL & Auth
All project-scoped `/v1` endpoints require `X-API-Key` and `X-Project-Id` headers.
Base URL:
https://app.sepurux.dev/api/backendrequired headers
X-API-Key: <project_api_key>
X-Project-Id: <project_uuid>
Content-Type: application/jsonCore Endpoints
These are the most common endpoints used by product teams and platform engineers.
| Endpoint | Purpose |
|---|---|
| POST /v1/traces | Upload trace payloads from SDK or custom instrumentation. |
| POST /v1/campaigns | Create campaign definitions for replay and mutation execution. |
| POST /v1/runs | Queue run execution for a trace and campaign pair. |
| GET /v1/runs/{run_id} | Fetch run status, summary, and scoring context. |
| GET /v1/runs/{run_id}/policy-events | Inspect policy decisions recorded during execution. |
| GET /v1/runs/{run_id}/security-events | Inspect security actions and risk context by attempt. |
| POST /v1/ci/runs | Create a CI evaluation run with threshold gating. |
| GET /v1/ci/runs/{run_id} | Poll CI pass/fail decision and dashboard URL. |
Request Examples
Start from these examples and expand payloads based on your workflow semantics.
create trace
curl -X POST https://app.sepurux.dev/api/backend/v1/traces \
-H "Content-Type: application/json" \
-H "X-API-Key: $SEPURUX_API_KEY" \
-H "X-Project-Id: $SEPURUX_PROJECT_ID" \
-d '{"trace_version":"0.1","task":{"name":"refund_flow"},"events":[]}'start run
curl -X POST https://app.sepurux.dev/api/backend/v1/runs \
-H "Content-Type: application/json" \
-H "X-API-Key: $SEPURUX_API_KEY" \
-H "X-Project-Id: $SEPURUX_PROJECT_ID" \
-d '{
"trace_id": "<trace_uuid>",
"campaign_id": "<campaign_uuid>"
}'Schema & Explorer
Use the interactive docs for request/response validation and the OpenAPI file for client generation.