Marturia

← Docs

API reference

Every customer-facing endpoint, every field. Authentication is via the X-Marturia-Key header (mint keys from the dashboard's API Keys tab).

Authentication

All ingest endpoints accept a single header:

X-Marturia-Key: mtu_live_...

Keys are project-scoped. Revoke at any time from the dashboard — revocation takes effect within ~30 seconds (cache TTL). API keys never grant access to other projects under the same tenant; revoking a key cannot be used to read past receipts (those are append-only and tied to the signing kid, not the API key that minted them).

POST /api/marturia/v1/receipts

Mint a signed receipt for one agent decision. Returns the receipt + the public key the auditor needs to verify it offline.

Request body

FieldTypeRequiredNotes
agentstringyesStable agent identifier — same agent should reuse the same name.
payloadobjectyesThe decision artefact you want signed. Shape is yours to define; canonical-JSON encoded before signing.
agent_run_idstringnoExternal correlation id (trace id, request id) for joining receipts back to your logs.

Response

{
  "id":            "rcpt_01J8...",
  "tenant_id":     1234,
  "receipt_seq":   42,            // monotonic per-tenant counter
  "agent_name":    "refund-router",
  "signing_kid":   "t1234-v1",    // public key fingerprint
  "public_key":    "MCowBQYDK2VwAyEA...",  // base64 Ed25519 pubkey
  "receipt_hash":  "9f2c8e2a...",
  "prev_hash":     "7c1a2b...",   // null on first receipt
  "signature":     "Ed25519:8a4f1c...",
  "created_at":    "2026-05-14T20:32:18.491Z"
}

POST /api/marturia/v1/traces

OTLP/HTTP ingest. Standard OpenTelemetry exporter, but with the X-Marturia-Key header instead of OTLP auth.

POST /api/marturia/v1/traces
X-Marturia-Key: mtu_live_...
Content-Type: application/json

{ "resourceSpans": [...] }     // standard OTLP/HTTP JSON

Spans appear on the project's Spans tab and feed the dashboard's latency/error charts. This endpoint is for operator observability — it does not generate receipts.

POST /api/marturia/v1/oversight (Team+)

Article 14 human-oversight receipt. Use when a human reviewer intervenes on an AI decision. The receipt records who reviewed, what they decided, and why.

POST /api/marturia/v1/oversight/pending (Team+)

Queue a decision for human review (instead of recording it as already-reviewed). Returns a pending id. The reviewer's response lands via POST /v1/oversight/pending/{id}/complete.

GET /api/marturia/projects/{id}/receipts/{rcpt_id}/export (Audit+)

Download an audit-export bundle for a single receipt — the receipt JSON, the public key, the chain pointer manifest, and a verification cheatsheet. Auditors can verify the bundle offline with marturia-verify --bundle.

Rate limits

TierReceipts/moOTLP spans/mo
Free (closed beta)1,000100,000
Pro10,0001,000,000
Team100,00010,000,000
Auditunlimitedunlimited

Hard rate-limits: 50 req/s per API key. Above that we return HTTP 429. Email [email protected] for higher per-key limits.