Skip to main content

API Status Matrix

Status: PUBLIC_CONTRACT_DRAFT. This matrix tracks the maturity, audience, and implementation status of every documented API group.

API groupAudienceBase pathAuthRead supportWrite supportMaturityPublic contractOpenAPIUI mappingNoteNon-claim
Dashboard/BFF APIApp-facing/api/bff/v1Session, API keyYesYes (app-scoped)INTERNAL_ONLYNozen-bff.v1.yaml (private)All dashboard pagesAggregation layer; not a customer contractNot a public customer API
Customer APIExternal/v1/...Bearer JWT, HMACPlanned (reads) / Permissioned (writes)Permissioned (endpoint-group level)PLANNEDDraftNoNot globally read-only; write status per endpoint groupNot production-live; planned only
Webhook Ingest APIProviderPOST /webhooks/{provider}HMAC, signatureNo (ingest only)Provider sends eventsWIRED_SANDBOXDraftPartial (zen-back)Connect → EndpointsProvider-specific endpoints for Stripe, GitHub, etc.Sandbox-validated; not production-live
Targets APICustomer/v1/tenants/{tid}/destinationsBearer JWT, API keyYesCreate, update, deleteWIRED_SANDBOXDraftYes (zen-back)Connect → TargetsInternal model term: destinationSandbox-validated
Endpoints APICustomer/v1/tenants/{tid}/ingestersBearer JWT, API keyYesCreate, update, deleteWIRED_SANDBOXDraftYes (zen-back)Connect → EndpointsInternal model term: ingesterSandbox-validated
Flows APICustomer/v1/tenants/{tid}/delivery-flowsBearer JWT, API keyYesCreate, update, deleteWIRED_SANDBOXDraftYes (zen-back)Connect → Flows, Maintain → FlowsDeclarative delivery contractSandbox-validated
Delivery Attempts APICustomer/v1/tenants/{tid}/deliveriesBearer JWT, API keyYesNo direct public writeWIRED_SANDBOXDraftPartialTraffic → Deliveries, Traffic → AttemptsOne delivery execution; attempts created by runtimeNot production-live
DLQ APICustomer/v1/tenants/{tid}/deliveries?status=failedBearer JWT, API keyYesNo direct DLQ writeWIRED_SANDBOXDraftPartialTraffic → DLQFailed delivery attempts; retry via Retry APIDLQ proof is sandbox/local, not production
Retry APICustomer/v1/tenants/{tid}/events/{eid}/retryBearer JWT, API keyVia attempts APIYes (retry)WIRED_SANDBOXDraftNoTraffic → RetrySingle and batch retrySandbox-validated
Replay APICustomer/v1/tenants/{tid}/events/{eid}/replayBearer JWT, API keyEligibility/contextYes (gated by retained payload)WIRED_SANDBOXDraftNoTraffic → ReplayRequires retained payload/contextReplay gated by retained payload availability
Traces / Evidence Spine APICustomer/v1/tenants/{tid}/deliveriesBearer JWT, API keyYesNoWIRED_SANDBOXDraftNoTraffic → TracesDelivery trace spine; not full distributed tracingDelivery trace only; not distributed tracing
Saved Payloads APICustomer/v1/tenants/{tid}/saved-payloadsBearer JWT, API keyYesCreate, update, deleteWIRED_SANDBOXDraftNoTraffic → Payloads, Labs → Payload BuilderTest/template payloads, not production retained payloadsNot production retained payload history
Evidence APICustomer/v1/evidence/..., /v1/sources/.../evidenceBearer JWT, API keyYesNo direct writeWIRED_SANDBOXDraftPartialTrust → Evidence, Traffic → TracesIntegrity receipts; evidence created by platformSandbox-validated; not production evidence
API Keys APICustomer/v1/tenants/{tid}/api-keysSession, API keyYesCreate, revokeWIRED_SANDBOXDraftPartialSettings → API KeysCRUD for API credentialsSandbox-validated
Rate Limits APICustomerDocumentation onlyN/APUBLIC_CONTRACT_DRAFTDraftNoSettings → Rate LimitsPlan-based rate documentationNo SLA guarantee
MCP APICustomerMCP protocolMCP API key, mTLSYes (default-on)Permissioned, disabled by defaultPUBLIC_CONTRACT_DRAFTDraftNoSettings → MCPAI agent surface; read tools default-on, write tools disabled by defaultBusiness+ gating for write tools
Billing/Plan APIInternalInternalInternalN/AINTERNAL_ONLYNoNoSettings → BillingPlan entitlement and billingNot a public customer API
Sandbox/Test APITestInternalSandbox-onlySandbox-onlySANDBOX_ONLYNoNoLabs → SandboxTest event generation, failure simulationNot for production use
Internal/Admin APIInternalInternalInternalN/AINTERNAL_ONLYNoNoAdmin-only debug/diagnostic endpointsNot documented as public contract

Status definitions

See the API Overview for full status definitions.