Authentication
All requests are authenticated via mutual TLS (mTLS) plus a per-counterparty bearer token issued during onboarding. Token rotation is enforced on a 90-day cycle.
Authorization: Bearer <counterparty_token> X-Client-Certificate-Fingerprint: <sha256_of_client_cert>
Endpoints (Public Sample)
GET /v1/signals
Returns a list of anonymized signal packets available to the requesting counterparty. Edge metrics and historical performance are omitted from the public schema.
GET /v1/signals/{id}
Returns the structure of a single signal packet. All numeric values in the public sample are placeholders.
{
"signal_id": "sig_sample_2026_001",
"asset_class": "sports_market",
"market_scope": "anonymized",
"confidence_band": "sample_only",
"validation_window": "rolling_90d_placeholder",
"model_version": "redacted",
"disclosure_level": "public_sample",
"nda_required_for": [
"full_validation_metrics",
"historical_performance",
"feature_attribution",
"counterparty-specific outputs"
]
}
GET /v1/validation/summary
Returns aggregated validation summary metrics for the counterparty's active models. Full historical series are disclosed only under NDA.
GET /v1/audit-trail/{id}
Returns the audit trail for a specific signal or validation run. Public samples contain mock event entries; production audit trails reflect the real validation history.
POST /v1/access/request
Initiates an institutional access request. Used during onboarding only.
Error Model
{
"error": {
"code": "ACCESS_DENIED",
"message": "Counterparty token not authorized for this resource.",
"request_id": "req_01HZ...",
"documentation_url": "https://sportindex.ai/api"
}
}
Rate Limits
Rate limits are tier-dependent and disclosed during onboarding. Default placeholder: 60 requests per minute per token. Burst tolerance and concurrency limits are negotiated per engagement.