K
Kakunin API
v1.0.0
openapi.json ↗Docs →

API Reference

Kakunin API

KYC compliance infrastructure for AI agents. Issues X.509 certificates, monitors behavioral events, and generates MiCA/EU AI Act compliance reports.

If you are evaluating Kakunin rather than jumping straight into implementation, start with the CTO integration overview, the non-human identity model, and the live sandbox.

Quick Facts

Version: 1.0.0
Endpoints: 10
Base URL: https://api.kakunin.ai
Auth: Bearer API key

Available Groups

Agents2Certificates4Events1Webhooks2Audit1

Agents

Register and manage AI agents

post/v1/agents

Register an AI agent

AuthenticationRequires Authorization: Bearer <api_key>
Request Body
application/json
Responses
201Agent registered
400Validation error
get/v1/agents/{id}

Get agent by ID

AuthenticationRequires Authorization: Bearer <api_key>
Responses
200Agent
404Not found

Certificates

Issue, verify, and revoke X.509 certificates

post/v1/agents/{id}/certify

Issue X.509 certificate for agent

Issues an RSA-2048 certificate via AWS KMS. Fails if agent already has an active certificate.

AuthenticationRequires Authorization: Bearer <api_key>
Responses
201Certificate issued
404Agent not found
409Agent already has active certificate
422Agent is retired or invalid state
503KMS not configured
post/v1/certificates/{id}/revoke

Revoke a certificate

AuthenticationRequires Authorization: Bearer <api_key>
Request Body
application/json
Responses
200Revoked
404Certificate not found
409Already revoked
422Certificate is expired
get/v1/verify/{serial}

Verify agent certificate by serial number

Public endpoint — no auth required. Rate limited: 100 req/60s per IP.

Responses
200Certificate status
404Certificate not found
429Rate limit exceeded
get/v1/crl

Get Certificate Revocation List

Returns current CRL. Accept: application/pkix-crl for DER, text/plain for PEM.

Responses
200CRL in requested format
503CRL not yet generated

Events

Ingest behavioral events and risk scores

post/v1/events

Ingest behavioral event

Records an agent action and computes a risk score. High-risk events (≥0.85) trigger auto-revocation after 3 in 15 min.

AuthenticationRequires Authorization: Bearer <api_key>
Request Body
application/json
Responses
201Event recorded
400Validation error
404Agent not found
429Rate limit exceeded

Webhooks

Register and manage webhook endpoints

get/v1/webhooks

List webhooks

AuthenticationRequires Authorization: Bearer <api_key>
Responses
200Webhooks list
post/v1/webhooks

Register a webhook endpoint

AuthenticationRequires Authorization: Bearer <api_key>
Request Body
application/json
Responses
201Webhook registered. Secret shown once — store it securely.
400Validation error

Audit

Query append-only audit log

get/v1/audit-log

Query audit log

AuthenticationRequires Authorization: Bearer <api_key>
Responses
200Audit log entries