← Back to HALMAI™

Integration Guide

Integrate HALMAI™ policy enforcement in 5 minutes.

1. Setup

# Set your API key
export API_KEY="your-api-key-here"
export BASE_URL="https://halm-mvp.abacusai.app"

2. Authorize

Submit a proposal for policy evaluation. Returns ALLOW, DENY, or HELD_FOR_VETO.

# Submit a proposal for policy evaluation
curl -X POST $BASE_URL/api/authorize \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $API_KEY" \
  -d '{
    "proposalId": "prop-001",
    "action": "data:write",
    "resource": "users",
    "context": { "agentId": "agent-1" }
  }'

# Response:
# { "status": "ALLOW", "allowed": true, "rule": "default-allow", ... }

3. Execute

Execute an authorized action. Idempotent: duplicate calls return 409.

# Execute the authorized action (idempotent)
curl -X POST $BASE_URL/api/execute \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $API_KEY" \
  -d '{ "proposalId": "prop-001", "payload": {} }'

# Response:
# { "success": true, "executedAt": "2026-02-25T12:00:00Z", ... }

4. Verify & Webhooks

Get proof packets for auditors. Verify webhook signatures with HMAC-SHA256.

# Get integrity proof for auditors
curl "$BASE_URL/api/proof/packet?proposalId=prop-001" \
  -H "X-API-Key: $API_KEY"

# Response includes:
# - Decision hash + execution hash
# - Merkle proof + anchor reference
# - Config snapshot + replay grade

Rate Limits & Retries

Response Headers

  • X-RateLimit-Limit — Requests allowed per window
  • X-RateLimit-Remaining — Requests remaining
  • X-RateLimit-Reset — Window reset time (Unix)
  • Retry-After — Seconds to wait (on 429)

Retry Strategy

On 429 (rate limited) or 503 (service unavailable), use exponential backoff: wait 1s, 2s, 4s, 8s. Max 3 retries. Respect Retry-After header when present.

Error Codes

CodeMeaningAction
401Missing/invalid API keyCheck X-API-Key header
403Policy deniedProposal not authorized
404Not foundCheck proposal ID
409Already executedIdempotency guard
429Rate limitedRetry with backoff
503Maintenance modeRetry after Retry-After
HALMAI™ v2.5 · Enterprise Governance Kernel