Rensei docs
API ReferenceAudit

Per-workspace JWKS for audit signature verification

Fully unauthenticated. Returns all Ed25519 public keys (active and revoked) for the workspace so external auditors can verify audit event signatures without Rensei systems. - Supports both `/{workspace_id}` and `/{workspace_id}.json` paths. - Unknown workspaces return `{ keys: [] }` with status 200 (no workspace-existence leakage via status code). - Caching: `public, max-age=300, stale-while-revalidate=3600` + ETag. - CORS: `access-control-allow-origin: *`.

GET
/.well-known/audit-keys/{workspace_id}

Path Parameters

workspace_id*string

Workspace (org) ID. Append .json suffix is also accepted.

Header Parameters

If-None-Match?string

ETag for conditional GET (304 Not Modified if unchanged).

Response Body

application/jwk-set+json

application/json

curl -X GET "https://example.com/.well-known/audit-keys/string"
{
  "keys": [
    {
      "kid": "string",
      "kty": "OKP",
      "crv": "Ed25519",
      "alg": "EdDSA",
      "use": "sig",
      "x": "string",
      "rensei:workspace_id": "string",
      "rensei:created_at": "2019-08-24T14:15:22Z",
      "rensei:revoked_at": "2019-08-24T14:15:22Z"
    }
  ]
}
Empty
{
  "error": "Session not found"
}

List tamper-evident audit events

Returns hash-chain audit events for the authenticated org. Events include a `prevHash` / `entryHash` linkage for integrity verification. Accepts optional filters by `entityId` and/or `entityType`.

Per-session MCP tool surface (JSON-RPC 2.0)

JSON-RPC 2.0 over HTTP POST. Exposes workflow tools, A2A peer agents as tools, and agent memory tools to running agent subprocesses. Supported methods: - `initialize` - protocol handshake, advertises `tools` capability. - `notifications/initialized` - client readiness signal; no response (202). - `tools/list` - lists tools available for this session. - `tools/call` - invokes a tool by name with arguments. Server-injected context: memory tools (`af_memory_recall`, `af_memory_remember`) and graph tools (`graph_*`) have their `context` argument overwritten from the authenticated session to prevent cross-tenant access. Auth: `Bearer rsk_*` via `getCliOrSessionAuth`. The authenticated org must match the session's `organizationId`. JSON-RPC error codes: - `-32700` Parse error - `-32601` Method not found / ToolNotFoundError - `-32602` Invalid params - `-32603` Internal error - `-32003` Rensei auth-denied (ToolNotAuthorizedForSessionError)