Veritrellis is the signed, fail-closed permit boundary before high-risk AI-agent and backend actions execute. No valid permit, no action.
All topics
Get started
Install, configure, and send your first authorization request.
⬡Node SDK
authorizeRequest, verifyPermit, and Express/Fastify middleware.
⊞REST API
Full endpoint reference, auth requirements, and response shapes.
⬡Policy and permits
Decision model, approval flows, reason codes, and permit JWT claims.
⬖HubSpot connector
Map CRM workflow actions to authorization requests.
⬖Intercom
Gate support agent actions through the Intercom connector.
⬖Zendesk
Permit-based authorization for Zendesk agent actions.
⊙Operations
Billing entitlements, audit lanes, and compliance baseline.
Call authorize before any risky action
Your agent or backend calls POST /v1/authorize with the action type and payload. Veritrellis evaluates the policy for your workspace and environment.
Receive a signed permit — or a denial
Allowed requests get a signed ES256 permit JWT scoped to the exact action. Requests that require human approval come back as pending_approval with a request_id you can poll.
Verify the permit before executing
Before your code touches the database, refund provider, or external API, call verifyPermit(). No valid permit, no execution. The permit is cryptographically bound to the workspace and action scope.