Developers

The Context Contract, behind one bearer.

Five endpoints. The Context Contract v1 envelope on every retrieval. Scoped keys with per-action rate limits and a metadata-only audit trail. No SDK lock-in — plain HTTP.

Read the quickstart →Open console

01 · API surface

Five endpoints. Most agents only need one.

/v1/context is the primary surface. /v1/ask synthesizes the answer for you. /v1/search returns raw ranked memory. /v1/memory-canvas exposes the graph. /v1/audit-events lets admins read the trail.

request · POST /v1/context

curl -X POST https://api.userepo.com/v1/context \
  -H "Authorization: Bearer $REPO_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "query": "What did we decide about brand assets?",
    "limit": 8
  }'

02 · Context Contract v1

Every response is a receipt.

The contract names itself, identifies the actor, declares the access scope applied, reports retrieval stats, attaches evidence with freshness and access policy, lists exclusions and limitations, and ships citations plus raw ranked chunks for back-compat.

response · 200v1 · stable

{
  "contract": {
    "name": "repo.context",
    "version": "v1",
    "requestId": "2cbbf8c1-5c83-4d58-a765-6f8f8ce57db0",
    "generatedAt": "2026-05-23T17:42:00.000Z",
    "endpoint": "/v1/context"
  },
  "actor":     { "apiKeyId": "key-…", "name": "support-agent", "type": "agent" },
  "access":    {
    "organizationId": "org-…",
    "requiredAction": "context",
    "allowedActions": ["context", "memory:read"],
    "allowedProviders": ["slack", "google_drive"],
    "providerFilterApplied": false,
    "providersReturned": ["slack", "google_drive"],
    "exclusions": []
  },
  "retrieval": {
    "strategy": "semantic_vector",
    "requestedLimit": 8,
    "returnedChunks": 6,
    "returnedSources": 3,
    "ranking": [ { "rank": 1, "chunkId": "…", "sourceItemId": "…", "score": 0.81, "citationIndex": 1 } ]
  },
  "evidence":  [
    {
      "citationIndex": 1,
      "sourceItemId": "…",
      "title": "repo-mark.svg",
      "provider": "google_drive",
      "connectorName": "Google Drive · brand@",
      "sourceKind": "file",
      "url": "https://drive.google.com/...",
      "sourceCreatedAt": "...",
      "sourceUpdatedAt": "...",
      "ingestedAt": "...",
      "syncedAt": "...",
      "freshness": { "status": "known", "sourceAgeHours": 12.0, "syncAgeHours": 0.4 },
      "accessPolicy": { "provider": "google_drive", "mode": "metadata_only", "ownerEmails": ["brand@…"] },
      "topScore": 0.81,
      "snippets": [ { "chunkId": "…", "text": "…", "score": 0.81, "metadata": {} } ]
    }
  ],
  "citations": [ /* compact [n] → source map */ ],
  "context":   [ /* raw ranked chunks */ ],
  "limitations": []
}

03 · Scoped agent keys

Bind every key to a contract.

Each key carries an actorType, an allowedActions set, and an optional allowedProviders list. Retrieval is filtered server-side; over-scope requests get 403 with the missing scope named in the response.

request · POST /v1/api-keysadmin scope required

curl -X POST https://api.userepo.com/v1/api-keys \
  -H "Authorization: Bearer $REPO_ADMIN_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "support-agent",
    "actorType": "agent",
    "allowedActions": ["context", "memory:read"],
    "allowedProviders": ["slack", "google_drive"]
  }'

04 · Limits & auth

Ship from anywhere.

Bearer auth on every /v1/* route. Per-key, per-action rate windows in Postgres — 429s carry Retry-After and full X-RateLimit-* headers. Over-budget calls never reach retrieval or audit.

AuthScoped API keys · Bearer

Rate limitPer-key, per-action / minute

ConnectorsSlack · Drive · Notion · Gmail

ContractContext Contract v1

Get a key

Wire your first agent
in fifteen minutes.

The quickstart walks you from /v1/api-keys to a first source-backed response. Private beta — we mint your initial key on demo.