Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.fact0.io/llms.txt

Use this file to discover all available pages before exploring further.

Security

API keys

PrefixUsage
alk_live_*Production API keys
Keys are bound to an organization tenant. Raw secrets are shown once at creation; only a SHA-256 hash is stored server-side.

Scopes

ScopePermissions
readList, verify, export, stream
writeIngest events (POST /v1/events*)
Write routes reject read-only keys with 403 forbidden.

Authentication surfaces

SurfaceAuth mechanism
Audit ingestBearer API key (write)
Audit readsAPI key or dashboard JWT (DualAuth)
SSE streamAPI key or single-use SSE ticket
Share linksShare bearer token
Dashboard /v1/me/*Better Auth JWT
Telemetry /api/v1/*None locally (API keys planned)

Key rotation

  1. Create a new key in Settings → API Keys
  2. Deploy the new key to your agents
  3. Revoke the old key — revoked keys return 401 immediately
Time-bounded, read-only access to a subset of audit events. Tokens are bearer credentials — do not embed in URLs.

Data retention

Retention sweeps are plan-scoped. See dashboard Settings → Plan for your organization’s retention window.