API Explorer
Interactive navigation of the Lattix SDK control-plane API — operations, parameters, request and response shapes, driven by the published OpenAPI spec.
/ API EXPLORER
Lattix SDK Control Plane API
Version bootstrap
Authoritative machine-readable contract for the public `/v1/sdk/*` routes exposed by `lattix-platform-api`. These endpoints are intentionally metadata-only control-plane contracts. SDKs use them to discover capabilities, resolve policy, obtain key-handling guidance, register protected artifacts, and emit evidence without sending routine customer plaintext through the platform API.
Authentication
BearerAuth· bearer (JWT)Public callers use OAuth/OIDC access tokens as bearer tokens on `/v1/sdk/*`. When `auth_configuration.proof_of_possession=mtls`, the token is sender-constrained: the caller presents a client certificate at the trusted edge and the access token must carry `cnf.x5t#S256` for that certificate. Callers do not send an extra proof header on `/v1/sdk/*`; the ingress tier validates the certificate and forwards the bound identity to `lattix-platform-api`.
TrustedHeaders· apiKey in header (x-lattix-tenant-id)Transitional trusted ingress/header mode for internal or non-production deployments. Deployments using this pattern also forward `x-lattix-user-id` when required by configuration. Public SDK clients should use `BearerAuth`.
Operations
Pick an operation from the sidebar to see its request and response shape. Every link uses a shareable hash URL like #/operations/<operationId>.
discovery
Caller introspection, capability discovery, and bootstrap metadata.
3 operations
protection
Metadata-only planning for protection, policy, and key access workflows.
3 operations
registration
Protected artifact registration after local enforcement.
1 operation
evidence
Metadata-only evidence ingestion for protected artifact lifecycle events.
1 operation
Download the spec
The authoritative machine-readable contract is published as an OpenAPI 3.0 YAML document you can feed to code generators or linters.