oper8r Docs
oper8r APIs let your team call search and cited answer tools from your own systems.
API access should follow the same permissions and review standards you use inside oper8r. Do not use API keys to bypass user permissions, move sensitive provider credentials into prompts, or generate unsupported claims.
API access is organization-scoped.
Before using an endpoint:
Shared org API tools follow this shape:
POST https://YOUR_OPER8R_HOST/api/tools/org/YOUR_ORG_SLUG/TOOL_KEY
Example:
curl -X POST "https://YOUR_OPER8R_HOST/api/tools/org/YOUR_ORG_SLUG/oper8r_search" \
-H "Authorization: Bearer $OPER8R_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"items": [
{
"query": "SSO, SCIM, audit logs, and data retention",
"limit": 8
}
]
}'
Responses always return { "results": [...] }. One request still uses a one-item items array.
| Tool | Use |
|---|---|
oper8r_search | Search your oper8r knowledge base for source-backed context. |
oper8r_answer | Generate cited answers for product, policy, implementation, RFP, security, compliance, and questionnaire questions. |
curl -X POST "https://YOUR_OPER8R_HOST/api/tools/org/YOUR_ORG_SLUG/oper8r_answer" \
-H "Authorization: Bearer $OPER8R_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"items": [
{
"question": "How do we describe our SOC 2 controls?",
"answer_context": "Use only approved security and compliance sources.",
"requirements": ["concise", "cite approved evidence"],
"limit": 8
}
]
}'
We'd be happy to help you get started. The best starting point is usually a live RFP, security questionnaire, or knowledge base that already costs the team time to search, verify, and reuse.