Dragon API Documentation

Complete API reference for Dragon — the AI governance engine for decision control in regulated and high-impact environments.

Getting Started

Base URL

All API requests go through a single domain. Nginx routes to the correct backend service based on the path.

https://dragon.klynxai.com

Services

Service	Path Prefix	Description
Dragon Core	`/api/*`	Governance engine, triage, incidents, chat
DevOps Orchestrator	`/api/generate, /api/pr, /api/ci/*, /api/approvals`	CI/CD governance, code gen, approvals
Playground	`/api/playground/*`	Public demo — no auth required

Quick Test

Try the Playground API — no authentication needed:

# List available test scenarios
curl https://dragon.klynxai.com/api/playground/scenarios

# Submit a decision for risk analysis
curl -X POST https://dragon.klynxai.com/api/playground/submit-decision \
  -H "Content-Type: application/json" \
  -d '{
    "title": "Deploy to production",
    "action": "terraform apply -target=production",
    "rationale": "New feature release",
    "impact": "All users affected"
  }'

Response Format

All responses are JSON. Successful responses return the data directly. Errors include a detail field:

// Error response
{
  "detail": "Failed to analyze decision: validation error..."
}

Correlation IDs

All DevOps Orchestrator requests include an X-Correlation-ID header in the response. Send your own or one will be auto-generated. Use it for distributed tracing and support requests.

Authentication

Dragon supports multiple authentication methods depending on the service and endpoint. The Playground API requires no authentication.

Bearer JWTDevOps Orchestrator

Most DevOps Orchestrator endpoints require a Bearer token. Pass it in the Authorization header:

curl -X POST https://dragon.klynxai.com/api/generate \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"repo": "org/repo", "prompt": "Add rate limiting"}'

JWT tokens include claims: user_id, email, roles, exp. Tokens expire after 24 hours.

API KeyDevOps Orchestrator

For service-to-service communication, use an API key in the same Authorization header. API keys grant admin-level access:

curl -X POST https://dragon.klynxai.com/api/approvals \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"incident_id": "inc-123", "decision_id": "dec-456", "approved": true, "approver": "admin"}'

Dragon HeadersDragon Core (internal)

Dragon Core API uses custom headers for multi-tenant identity. These are typically set by the orchestrator, not by end users:

curl -X POST https://dragon.klynxai.com/api/triage \
  -H "X-Token: operator-token" \
  -H "X-Org-Id: your-org-id" \
  -H "X-Region: us-east-1" \
  -H "Content-Type: application/json" \
  -d '{"text": "CPU spike on prod", "source": "datadog"}'

Header	Description
`X-Token`	Role-based token (operator-token, approver-token, tenant-admin-token, commander-token)
`X-Org-Id`	Organization identifier for multi-tenancy
`X-Region`	Region for compliance routing (e.g. us-east-1, eu-west-1)

Rate Limiting

Some endpoints have rate limits. When exceeded, you will receive a 429 Too Many Requests response.

Endpoint	Limit
`POST /api/generate`	50 requests/hour
`POST /api/pr`	100 requests/hour
`POST /api/approvals`	20 requests/hour

Dragon Core API

The main governance engine for AI decision control, alert triage, incident management, and observability. Runs on port 9300.

Base URL: https://dragon.klynxai.com

GET/healthPublic

Health check

Returns service status. Use for monitoring and uptime checks.

Response (200)

Name	Type	Required	Description
`status`	string	Required	Always "ok"

{"status": "ok"}

Examples

curl https://dragon.klynxai.com/health

POST/api/triagePublic

Triage an alert or message

Analyzes an incoming alert or message, determines severity, and returns recommended actions. This is the primary entry point for automated alert processing.

Request Body

Name	Type	Required	Description
`text`	string	Required	Alert or message content to triage
`source`	string	Required	Source system (e.g. datadog, pagerduty)
`user`	string	Optional	User who triggered the alert
`channel`	string	Optional	Originating channel

{
  "text": "CPU usage at 95% on prod-api-3",
  "source": "datadog",
  "user": "monitoring-bot"
}

Response (200)

Name	Type	Required	Description
`reply`	string	Required	AI-generated triage analysis
`actions`	Action[]	Required	Recommended actions with labels and types
`severity`	string	Required	Assessed severity level

{
  "reply": "High CPU detected on prod-api-3. Likely caused by...",
  "actions": [
    {
      "id": "scale-up",
      "label": "Scale horizontally",
      "type": "remediation",
      "action": "scale --replicas=3",
      "enabled": true,
      "reason": "Recommended based on load pattern"
    }
  ],
  "severity": "high"
}

Examples

curl -X POST https://dragon.klynxai.com/api/triage \
  -H "Content-Type: application/json" \
  -d '{"text": "CPU at 95%", "source": "datadog"}'

POST/api/chatPublic

Non-streaming chat

Send a conversation to Dragon's AI assistant and receive a complete response. Supports multi-turn conversations via the messages array.

Request Body

Name	Type	Required	Description
`messages`	Message[]	Required	Array of {role, content} objects. Roles: "user", "assistant", "system"

{
  "messages": [
    {"role": "user", "content": "What is Dragon's risk scoring model?"}
  ]
}

Response (200)

Name	Type	Required	Description
`reply`	string	Required	AI-generated response
`actions`	array	Required	Suggested actions (may be empty)
`request_id`	string	Required	Unique request identifier

{
  "reply": "Dragon uses a multi-factor risk model that evaluates...",
  "actions": [],
  "request_id": "req-a1b2c3d4"
}

Examples

curl -X POST https://dragon.klynxai.com/api/chat \
  -H "Content-Type: application/json" \
  -d '{"messages": [{"role": "user", "content": "Explain risk scoring"}]}'

POST/api/chat/streamPublic

Streaming chat (SSE)

Same as /api/chat but returns a Server-Sent Events stream for real-time token delivery. Each event contains a chunk of the response.

Request Body

Name	Type	Required	Description
`messages`	Message[]	Required	Array of {role, content} objects

{
  "messages": [
    {"role": "user", "content": "Summarize the last 5 incidents"}
  ]
}

Response (200)

Name	Type	Required	Description
`data`	string	Required	SSE event data - each line is a text chunk

data: Dragon has analyzed
data: the following incidents...
data: [DONE]

Examples

const res = await fetch("https://dragon.klynxai.com/api/chat/stream", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    messages: [{ role: "user", content: "Summarize incidents" }]
  })
});
const reader = res.body.getReader();
const decoder = new TextDecoder();
while (true) {
  const { done, value } = await reader.read();
  if (done) break;
  console.log(decoder.decode(value));
}

GET/api/incidentsPublic

List all incidents

Returns all incidents ordered by creation time. Each incident includes timeline events, severity, status, and optional RCA data.

Response (200)

Name	Type	Required	Description
`incidents`	Incident[]	Required	Array of incident objects

{
  "incidents": [
    {
      "id": "inc-2024-001",
      "summary": "API latency spike",
      "severity": "P2",
      "service": "api-gateway",
      "status": "open",
      "created_at": 1707235200,
      "timeline": []
    }
  ]
}

Examples

curl https://dragon.klynxai.com/api/incidents

POST/api/incidentsPublic

Create an incident

Creates a new incident and returns the full incident object. Auto-generates a unique ID and timestamps.

Request Body

Name	Type	Required	Description
`summary`	string	Required	Brief incident description
`description`	string	Optional	Detailed description
`severity`	string	Optional	Severity level (P1-P4). Default: P3
`service`	string	Optional	Affected service. Default: unknown
`source`	string	Optional	Alert source. Default: manual
`trace_id`	string	Optional	Distributed trace ID
`raw`	object	Optional	Raw alert payload

{
  "summary": "Database connection pool exhausted",
  "severity": "P2",
  "service": "user-api",
  "source": "datadog"
}

Response (200)

Name	Type	Required	Description
`id`	string	Required	Generated incident ID
`summary`	string	Required	Incident summary
`status`	string	Required	"open"
`created_at`	integer	Required	Unix timestamp

{
  "id": "inc-1707235200-abc",
  "summary": "Database connection pool exhausted",
  "severity": "P2",
  "service": "user-api",
  "status": "open",
  "created_at": 1707235200
}

Examples

curl -X POST https://dragon.klynxai.com/api/incidents \
  -H "Content-Type: application/json" \
  -d '{"summary": "DB pool exhausted", "severity": "P2", "service": "user-api"}'

POST/api/incidents/{incident_id}/actionPublic

Update incident status

Applies an action to an incident (acknowledge, resolve, escalate, close). Creates the incident if the ID doesn't exist.

Path Parameters

Name	Type	Required	Description
`incident_id`	string	Required	Incident ID

Request Body

Name	Type	Required	Description
`action`	string	Required	Action to apply (acknowledge, resolve, escalate, close)

{"action": "resolve"}

Response (200)

Name	Type	Required	Description
`incident_id`	string	Required	Incident ID
`action`	string	Required	Applied action
`status`	string	Required	"updated"

{
  "incident_id": "inc-2024-001",
  "action": "resolve",
  "status": "updated"
}

Examples

curl -X POST https://dragon.klynxai.com/api/incidents/inc-2024-001/action \
  -H "Content-Type: application/json" \
  -d '{"action": "resolve"}'

POST/api/otel/ingestPublic

Ingest observability signal

Receives OpenTelemetry-format signals and auto-creates incidents. De-duplicates by incident ID. Posts Slack alerts for high-severity events.

Request Body

Name	Type	Required	Description
`service`	string	Required	Service name
`severity`	string	Required	Severity (P1, P2, SEV-1, etc.)
`message`	string	Required	Signal message
`trace_id`	string	Optional	Trace ID for correlation
`raw`	object	Optional	Raw signal payload

{
  "service": "payment-api",
  "severity": "P1",
  "message": "Error rate exceeded 5% threshold",
  "trace_id": "abc123"
}

Response (200)

Name	Type	Required	Description
`ok`	boolean	Required	Success indicator
`incident_id`	string	Required	Created/existing incident ID

{"ok": true, "incident_id": "inc-payment-api-1707235200"}

Examples

curl -X POST https://dragon.klynxai.com/api/otel/ingest \
  -H "Content-Type: application/json" \
  -d '{"service": "payment-api", "severity": "P1", "message": "Error rate > 5%"}'

POST/api/autofix/requestPublic

Request autofix job

Queues an autofix job for a specific VPC/region. Supports dry-run mode for safe previewing.

Request Body

Name	Type	Required	Description
`incident_id`	string	Optional	Related incident ID
`summary`	string	Optional	Fix summary
`vpc_id`	string	Required	Target VPC ID
`region`	string	Required	AWS region
`dry_run`	boolean	Optional	Preview only. Default: true

{
  "incident_id": "inc-2024-001",
  "vpc_id": "vpc-abc123",
  "region": "us-east-1",
  "dry_run": true
}

Response (200)

Name	Type	Required	Description
`job_id`	string	Required	Autofix job ID
`status`	string	Required	"queued"

{"job_id": "fix-abc123", "status": "queued"}

Examples

curl -X POST https://dragon.klynxai.com/api/autofix/request \
  -H "Content-Type: application/json" \
  -d '{"vpc_id": "vpc-abc123", "region": "us-east-1", "dry_run": true}'

GET/api/autofix/{job_id}Public

Get autofix job status

Returns current status, logs, and metadata for an autofix job.

Path Parameters

Name	Type	Required	Description
`job_id`	string	Required	Autofix job ID

Response (200)

Name	Type	Required	Description
`job_id`	string	Required	Job ID
`status`	string	Required	Current status (queued, running, completed, failed)
`logs`	string[]	Required	Execution logs
`created_at`	string	Required	ISO 8601 timestamp

{
  "job_id": "fix-abc123",
  "status": "completed",
  "vpc_id": "vpc-abc123",
  "region": "us-east-1",
  "dry_run": true,
  "logs": ["Analyzing VPC...", "Fix applied successfully"],
  "created_at": "2024-02-06T12:00:00Z"
}

Examples

curl https://dragon.klynxai.com/api/autofix/fix-abc123

POST/api/rag/ingestPublic

Ingest documents for RAG

Indexes documents from the configured docs directory for retrieval-augmented generation. Requires RAG_ENABLED=1 environment variable.

Response (200)

Name	Type	Required	Description
`ok`	boolean	Required	Success indicator
`docs_indexed`	integer	Required	Number of documents indexed
`chunks_indexed`	integer	Required	Number of chunks created

{"ok": true, "docs_dir": "/opt/docs", "docs_indexed": 15, "chunks_indexed": 142}

Examples

curl -X POST https://dragon.klynxai.com/api/rag/ingest

POST/api/rag/searchPublic

Search indexed documents

Performs semantic search over indexed documents. Returns top-k most relevant chunks with scores.

Request Body

Name	Type	Required	Description
`query`	string	Required	Search query (min 1 char)
`k`	integer	Optional	Number of results (1-20). Default: 5

{"query": "how to configure rate limiting", "k": 5}

Response (200)

Name	Type	Required	Description
`query`	string	Required	Original query
`hits`	Hit[]	Required	Matching document chunks with scores

{
  "query": "how to configure rate limiting",
  "hits": [
    {
      "doc_id": "doc-001",
      "source": "rate-limiting.md",
      "chunk_id": "chunk-003",
      "score": 0.92,
      "content": "Rate limiting can be configured via..."
    }
  ]
}

Examples

curl -X POST https://dragon.klynxai.com/api/rag/search \
  -H "Content-Type: application/json" \
  -d '{"query": "rate limiting configuration", "k": 5}'

DevOps Orchestrator API

CI/CD governance, code generation gates, PR automation, observability alert routing, and human-in-the-loop approvals. Runs on port 9400. Requires authentication.

Base URL: https://dragon.klynxai.com

GET/healthPublic

Health check with dependencies

Returns service status and health of dependent services (Dragon API, incident API, state store).

Response (200)

Name	Type	Required	Description
`status`	string	Required	"healthy"
`version`	string	Required	Service version
`dependencies`	object	Required	Health status of each dependency

{
  "status": "healthy",
  "version": "0.1.0",
  "service": "DevOps Orchestrator",
  "dependencies": {
    "dragon_api": "healthy",
    "incident_api": "healthy",
    "state_store": "healthy"
  }
}

Examples

curl https://dragon.klynxai.com/health

POST/api/generateBearer JWTRate: 50/hour

Generate code (governance-gated)

Generates code based on a prompt for a given repository. All code generation passes through Dragon's decision gate for risk assessment before execution.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`repo`	string	Required	Target repository (e.g. org/repo)
`prompt`	string	Required	Code generation prompt
`language`	string	Optional	Programming language. Default: "python"

{
  "repo": "klynxai/api-service",
  "prompt": "Add rate limiting middleware to all endpoints",
  "language": "python"
}

Response (200)

Name	Type	Required	Description
`draft_id`	string	Required	Generated draft ID
`summary`	string	Required	AI summary of generated code
`files`	File[]	Required	Generated file changes
`decision_gate`	object	Required	Dragon governance decision result

{
  "draft_id": "draft-abc123",
  "summary": "Added rate limiting middleware using slowapi",
  "files": [{"path": "middleware/rate_limit.py", "content": "..."}],
  "decision_gate": {
    "decision_id": "dec-xyz789",
    "approved": true,
    "status": "approved"
  }
}

Examples

curl -X POST https://dragon.klynxai.com/api/generate \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"repo": "org/repo", "prompt": "Add rate limiting", "language": "python"}'

POST/api/prBearer JWTRate: 100/hour

Create pull request (governance-gated)

Creates a pull request from a generated draft. Passes through Dragon's decision gate for approval before the PR is opened.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`repo`	string	Required	Target repository
`branch`	string	Required	Source branch name
`title`	string	Required	PR title
`description`	string	Required	PR description
`draft_id`	string	Optional	Reference to generated draft

{
  "repo": "klynxai/api-service",
  "branch": "feat/rate-limiting",
  "title": "Add rate limiting middleware",
  "description": "Adds slowapi rate limiting to all API endpoints",
  "draft_id": "draft-abc123"
}

Response (200)

Name	Type	Required	Description
`pr_id`	string	Required	Pull request ID
`status`	string	Required	PR creation status
`decision_gate`	object	Required	Dragon governance decision

{
  "pr_id": "pr-456",
  "status": "created",
  "decision_gate": {
    "decision_id": "dec-xyz789",
    "approved": true,
    "status": "approved"
  }
}

Examples

curl -X POST https://dragon.klynxai.com/api/pr \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"repo": "org/repo", "branch": "feat/rate-limiting", "title": "Add rate limiting", "description": "..."}'

POST/api/ci/eventBearer JWT

Ingest CI/CD pipeline event

Receives CI/CD pipeline events (GitHub Actions, GitLab CI, Jenkins). Auto-creates incidents for failed pipelines.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`provider`	string	Required	CI provider (GitHub, GitLab, Jenkins)
`status`	string	Required	Pipeline status (success, failed)
`project`	string	Required	Project/repo name
`pipeline_id`	string	Optional	Pipeline run ID
`url`	string	Optional	Pipeline URL
`logs`	string	Optional	Failure logs
`metrics`	object	Optional	Pipeline metrics

{
  "provider": "GitHub",
  "status": "failed",
  "project": "klynxai/api-service",
  "pipeline_id": "run-12345",
  "url": "https://github.com/klynxai/api-service/actions/runs/12345",
  "logs": "Error: test_auth_flow FAILED"
}

Response (200)

Name	Type	Required	Description
`status`	string	Required	"incident_created" or "ok"
`incident`	object	Optional	Created incident details (if status=failed)

{
  "status": "incident_created",
  "incident": {
    "incident_id": "inc-ci-12345",
    "status": "open"
  }
}

Examples

curl -X POST https://dragon.klynxai.com/api/ci/event \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"provider": "GitHub", "status": "failed", "project": "org/repo"}'

POST/api/observability/alertBearer JWT

Ingest observability alert

Receives alerts from monitoring tools (Datadog, Splunk, OTEL). Maps severity and auto-creates incidents.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`source`	string	Required	Monitoring tool (Datadog, Splunk, OTEL)
`severity`	string	Required	Alert severity (high, critical, etc.)
`title`	string	Required	Alert title
`description`	string	Optional	Alert details
`metrics`	object	Optional	Related metrics
`logs`	string	Optional	Related log lines

{
  "source": "Datadog",
  "severity": "critical",
  "title": "Memory usage > 90% on prod-db-1",
  "description": "Memory has been above 90% for 10 minutes"
}

Response (200)

Name	Type	Required	Description
`status`	string	Required	"incident_created"
`incident`	object	Required	Created incident details

{
  "status": "incident_created",
  "incident": {
    "incident_id": "inc-obs-abc123",
    "status": "open"
  }
}

Examples

curl -X POST https://dragon.klynxai.com/api/observability/alert \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"source": "Datadog", "severity": "critical", "title": "Memory > 90%"}'

POST/api/autofix/suggestBearer JWT

Suggest an autofix

Analyzes the issue and suggests a fix. Requires human confirmation before execution via /api/autofix/confirm.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`target`	string	Optional	Target resource or service

{"target": "prod-api-3"}

Response (200)

Name	Type	Required	Description
`status`	string	Required	"suggested"
`note`	string	Required	Human confirmation requirement notice
`next`	string	Required	Next step instructions

{
  "status": "suggested",
  "note": "Autofix requires human confirmation.",
  "next": "POST /api/autofix/confirm with approval"
}

Examples

curl -X POST https://dragon.klynxai.com/api/autofix/suggest \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"target": "prod-api-3"}'

POST/api/autofix/confirmBearer JWT

Confirm or reject autofix

Human-in-the-loop confirmation step. Must explicitly approve before autofix executes. Returns 403 if not approved.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`approved`	boolean	Required	true to execute, false to reject
`target`	string	Optional	Target resource

{"approved": true, "target": "prod-api-3"}

Response (200)

Name	Type	Required	Description
`status`	string	Required	"queued" if approved, "rejected" if denied
`detail`	string	Required	Execution detail

{"status": "queued", "detail": "autofix queued after approval"}

Examples

curl -X POST https://dragon.klynxai.com/api/autofix/confirm \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"approved": true}'

POST/webhooks/githubHMAC Signature

GitHub webhook receiver

Receives GitHub webhook events for CI/CD monitoring. Processes workflow_run and check_suite failures. Auto-creates incidents, decision gates, and Slack approval requests. Idempotent via run_id deduplication.

Headers

Name	Type	Required	Description
`X-Hub-Signature-256`	string	Required	HMAC-SHA256 signature for payload verification
`X-GitHub-Event`	string	Required	Event type (workflow_run, check_suite)
`X-GitHub-Delivery`	string	Required	Unique delivery ID

Request Body

Name	Type	Required	Description
`action`	string	Required	Event action (completed, etc.)
`workflow_run`	object	Optional	Workflow run details (for workflow_run events)
`check_suite`	object	Optional	Check suite details (for check_suite events)

{
  "action": "completed",
  "workflow_run": {
    "id": 12345,
    "conclusion": "failure",
    "name": "CI Pipeline",
    "html_url": "https://github.com/org/repo/actions/runs/12345"
  },
  "repository": {
    "full_name": "org/repo"
  }
}

Response (200)

Name	Type	Required	Description
`status`	string	Required	"incident_created", "ignored", or "duplicate"
`data`	object	Optional	Incident and decision details

{
  "status": "incident_created",
  "data": {
    "incident_id": "inc-gh-12345",
    "decision_id": "dec-gh-12345",
    "risk": {}
  }
}

Examples

# Configure in GitHub repo Settings > Webhooks
# URL: https://dragon.klynxai.com/webhooks/github
# Content type: application/json
# Secret: your-webhook-secret
# Events: Workflow runs, Check suites

POST/api/approvalsBearer JWTRate: 20/hour

Approve or deny a decision

Human-in-the-loop approval for governance decisions. If approved and an autofix PR is pending, automatically opens the PR on GitHub. Strictly rate-limited.

Headers

Name	Type	Required	Description
`Authorization`	string	Required	Bearer token (JWT or API key). Example: "Bearer operator-token"
`X-Correlation-ID`	string	Optional	Auto-generated if not provided. Used for distributed tracing.

Request Body

Name	Type	Required	Description
`incident_id`	string	Required	Related incident ID
`decision_id`	string	Required	Decision to approve/deny
`approved`	boolean	Required	true to approve, false to deny
`approver`	string	Required	Approver identity
`justification`	string	Optional	Reason for decision

{
  "incident_id": "inc-gh-12345",
  "decision_id": "dec-gh-12345",
  "approved": true,
  "approver": "jane@company.com",
  "justification": "Reviewed fix, looks safe to deploy"
}

Response (200)

Name	Type	Required	Description
`status`	string	Required	"executed" if approved, "denied" if rejected
`pr_url`	string	Optional	GitHub PR URL (if approved and autofix PR created)

{
  "status": "executed",
  "pr_url": "https://github.com/org/repo/pull/42"
}

Examples

curl -X POST https://dragon.klynxai.com/api/approvals \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"incident_id": "inc-123", "decision_id": "dec-456", "approved": true, "approver": "jane@co.com"}'

Dragon Playground API

Public demo endpoints for testing Dragon's governance engine without authentication. Safe to test — all decisions are tagged as demo_mode.

Base URL: https://dragon.klynxai.com

GET/api/playground/healthPublic

Playground health check

Returns playground service health status.

Response (200)

Name	Type	Required	Description
`status`	string	Required	"healthy"
`service`	string	Required	"dragon-playground"
`version`	string	Required	Service version

{"status": "healthy", "service": "dragon-playground", "version": "1.0.0"}

Examples

curl https://dragon.klynxai.com/api/playground/health

GET/api/playground/scenariosPublic

List available test scenarios

Returns all 6 built-in test scenarios with varying risk levels. Use these to demonstrate Dragon's governance engine without affecting real systems.

Response (200)

Name	Type	Required	Description
`success`	boolean	Required	Always true
`scenarios`	Scenario[]	Required	Array of scenario objects with id, title, icon, difficulty, expected_risk, and data

{
  "success": true,
  "scenarios": [
    {
      "id": "prod-deployment",
      "title": "Production Deployment",
      "icon": "\u26a0\ufe0f",
      "difficulty": "high",
      "expected_risk": "HIGH",
      "data": {
        "title": "Deploy v2.0 to Production",
        "action": "terraform apply -target=production",
        "rationale": "New feature release with DB changes",
        "impact": "All users, 50K+ txn/day",
        "risk": {"blast_radius": "entire_production"}
      }
    }
  ]
}

Examples

curl https://dragon.klynxai.com/api/playground/scenarios

POST/api/playground/submit-decisionPublic

Submit a decision for analysis

Submits a decision to Dragon's governance engine for risk analysis. Returns risk score, policy triggers, and gate decision (approve/review/block). All decisions are tagged as demo_mode and are safe to test.

Request Body

Name	Type	Required	Description
`scenario_id`	string	Optional	Built-in scenario ID (optional)
`title`	string	Required	Decision title
`action`	string	Required	Proposed action/command
`rationale`	string	Required	Why this action is needed
`impact`	string	Required	Expected impact description
`risk`	object	Optional	Custom risk metadata

{
  "scenario_id": "database-delete",
  "title": "Drop unused staging database",
  "action": "DROP DATABASE production_customers;",
  "rationale": "Cleanup after migration",
  "impact": "Remove old customer database",
  "risk": {"blast_radius": "critical", "data_loss": "irreversible"}
}

Response (200)

Name	Type	Required	Description
`success`	boolean	Required	Analysis success
`decision_id`	string	Required	Unique playground decision ID
`risk_assessment`	object	Required	Contains risk_level, risk_score (0-100), blast_radius, data_risk, rollback_complexity, reversibility (0-100), policy_triggers
`decision_gate`	object	Required	Contains required, approvers, estimated_time, auto_approved
`status`	string	Required	"approved", "pending_approval", or "blocked"
`message`	string	Required	Analysis result message

{
  "success": true,
  "decision_id": "playground-9ba13549a524",
  "risk_assessment": {
    "risk_level": "CRITICAL",
    "risk_score": 95,
    "blast_radius": "high",
    "data_risk": "high",
    "rollback_complexity": "high",
    "reversibility": 5,
    "policy_triggers": [
      "Detected: production",
      "Detected: drop"
    ]
  },
  "decision_gate": {
    "required": true,
    "approvers": ["CTO", "Security Lead"],
    "estimated_time": "30-60 min",
    "auto_approved": false
  },
  "status": "blocked",
  "message": "Analyzed with fallback engine"
}

Examples

curl -X POST https://dragon.klynxai.com/api/playground/submit-decision \
  -H "Content-Type: application/json" \
  -d '{"title": "Drop DB", "action": "DROP DATABASE prod;", "rationale": "cleanup", "impact": "data loss"}'

GET/api/playground/decision/{decision_id}Public

Get decision result

Retrieves a previously submitted playground decision by ID. Checks local storage first, then Dragon API.

Path Parameters

Name	Type	Required	Description
`decision_id`	string	Required	Playground decision ID (e.g. playground-abc123)

Response (200)

Name	Type	Required	Description
`success`	boolean	Required	Lookup success
`decision`	object	Required	Decision data (request, response, scenario_id, timestamp)
`source`	string	Required	"local_storage" or "dragon_api"

{
  "success": true,
  "decision": {
    "request": {"title": "Deploy v2.0", "action": "terraform apply"},
    "response": {"risk_assessment": {"risk_level": "HIGH"}},
    "scenario_id": "prod-deployment",
    "timestamp": "2024-02-06T12:00:00Z"
  },
  "source": "local_storage"
}

Examples

curl https://dragon.klynxai.com/api/playground/decision/playground-abc123

GET/api/playground/statsPublic

Get playground statistics

Returns aggregate statistics including total decisions analyzed, high-risk catches, incidents prevented, and estimated cost savings.

Response (200)

Name	Type	Required	Description
`success`	boolean	Required	Always true
`stats`	object	Required	Aggregate stats object

{
  "success": true,
  "stats": {
    "total_decisions_analyzed": 12847,
    "high_risk_caught": 3291,
    "critical_incidents_prevented": 247,
    "estimated_cost_saved": "$4.2M",
    "avg_response_time_ms": 450,
    "uptime_percentage": 99.97
  }
}

Examples

curl https://dragon.klynxai.com/api/playground/stats

Dragon API v1.0 · Klynx AI · Governed AI Decision Control

klynxai.com · dragon.klynxai.com