Developer platform

Make your platform AI-operable in an afternoon.

OpsIQ exposes a clean REST API, signed webhooks, an action-contract registry, and ready-to-ship SDKs. Define what events fire from your system, what actions the AI is allowed to run, and what data is safe to read — OpsIQ handles signatures, retries, audit logs and confirmation flows for you.

Read the docs Get an API key SDKs on GitHub

curl

# Run a contracted action via REST curl -X POST https://api.opsiq.ai/v1/actions/run \ -H "X-OpsIQ-Key: opsiq_pk_live_xxx" \ -H "X-OpsIQ-Timestamp: $(date +%s)" \ -H "X-OpsIQ-Signature: $SIGNATURE" \ -H "Content-Type: application/json" \ -d '{ "action": "saas.refund_invoice", "params": { "invoice_id": 8421 }, "actor": { "id": "admin_19", "role": "owner" }, "confirmed": true }' # OpsIQ verifies signature, scope, role, and # the action's confirmation policy before execution.

3SDKs — PHP, Node, Python

HMACSHA-256 signed every request

40+universal events

100%audit log coverage

How it fits together

One connector pattern. Five clean primitives.

Anything platform-specific lives in a connector. The OpsIQ core stays generic, the AI stays predictable, and your integration stays auditable.

1 · Triggers

Tell OpsIQ what just happened.

Fire universal events from your platform — invoice.paid, ticket.created, subscription.cancelled, customer.signed_up, or your own custom event names. OpsIQ subscribers (the AI brain, automation rules, mirror connectors, your webhook endpoints) react in real time, in priority order.

Event reference

OpsIQEvents::fire('invoice.paid', $payload)core fires

opsiq_saas → BillingMirrorwrites opsiq_conversions

webhook_endpoints (signed)POST to your URL

automation_rules"on invoice.paid send Slack alert"

AI brain (admin)updates live context

2 · Action contracts

Tell OpsIQ what the AI is allowed to do.

An action contract is a signed JSON declaration: what the action does, which roles can run it, what parameters it accepts, whether confirmation is required, and the endpoint to call. The AI cannot invent actions — it can only ask to run ones you've registered. Risky actions trigger a confirmation card before any side-effect.

Action schema

action contract · JSON

{ "key": "saas.refund_invoice", "label": "Refund a paid invoice", "surface": ["admin"], "roles": ["owner", "billing_admin"], "requires_confirmation": true, "params": { "invoice_id": { "type": "int", "required": true }, "reason": { "type": "string", "max": 500 } }, "endpoint": "https://api.you.com/refund", "audit": true }

3 · Signed webhooks

Push events to your stack — with cryptographic proof.

Subscribe any URL to any event. OpsIQ POSTs the JSON payload signed with HMAC-SHA256 over the raw body. Every webhook carries a replay-protection timestamp, an idempotency key, and a delivery ID you can trace in our admin or your logs.

Webhook reference

verify webhook · php

$raw = file_get_contents('php://input'); $sig = $_SERVER['HTTP_X_OPSIQ_SIGNATURE'] ?? ''; $secret = getenv('OPSIQ_WEBHOOK_SECRET'); $expected = 'sha256=' . hash_hmac('sha256', $raw, $secret); if (!hash_equals($expected, $sig)) http_response_code(401); $event = json_decode($raw, true); switch ($event['event']) { case 'invoice.paid': grant_access($event['customer_id']); break; }

4 · SDKs

Drop-in clients for the language you already use.

Three official SDKs handle authentication, signing, retries, idempotency keys and typed responses. Or stay framework-free — every SDK is a thin wrapper around the same REST surface.

PHP 8.3+ Node.js 18+ Python 3.10+ REST · OpenAPI 3.1

official sdks

import { OpsIQ } from "@opsiq/sdk"; const ops = new OpsIQ({ publicKey: process.env.OPSIQ_KEY, secretKey: process.env.OPSIQ_SECRET, }); // Fire an event from your backend await ops.events.fire("order.shipped", { customer_id: 421, order_ref: "NB-9182", carrier: "DHL", }); // Run a contracted action const result = await ops.actions.run("saas.send_kb_link", { ticket_id: 5519, article: "how-to-reset-password", });

use OpsIQ\Client; $ops = new Client([ 'public_key' => getenv('OPSIQ_KEY'), 'secret_key' => getenv('OPSIQ_SECRET'), ]); // Fire an event $ops->events->fire('order.shipped', [ 'customer_id' => 421, 'order_ref' => 'NB-9182', ]); // Run a contracted action $result = $ops->actions->run('saas.send_kb_link', [ 'ticket_id' => 5519, 'article' => 'how-to-reset-password', ]);

from opsiq import OpsIQ ops = OpsIQ( public_key=os.environ["OPSIQ_KEY"], secret_key=os.environ["OPSIQ_SECRET"], ) # Fire an event ops.events.fire("order.shipped", { "customer_id": 421, "order_ref": "NB-9182", }) # Run a contracted action result = ops.actions.run("saas.send_kb_link", { "ticket_id": 5519, "article": "how-to-reset-password", })

5 · The connector pattern

Build once. Plug into anything.

A connector is a folder with one PHP class. Implement identityProviders(), contextProviders(), registerActions(), subscribers() and handleWebhook(). OpsIQ discovers it, the registry wires the events, and your platform-specific code stays cleanly separated from the core.

Connector guide

connector.phpextends AbstractConnector

actions.jsonaction contract manifest

settings.jsonadmin-facing config schema

SaasContextProvider.phplive data into AI prompt

SaasIdentityProvider.phpresolve admin / customer

BillingMirror.phpsubscribe to invoice.paid

From intent to safe action

Plain English in. Audited operation out.

OpsIQ never invents the right call. It walks through the registered contracts, prepares the payload, asks for confirmation when the action requires it, and produces a complete audit row when it executes.

🧠 Step 1 · Intent resolution

The AI matches the request to a registered action.

Admin types "refund Adam's last invoice". The AI scans the action contract registry, finds saas.refund_invoice, and starts assembling parameters from your live data — never inventing a call that doesn't exist.

prompt → "refund Adam's last invoice"
→ matched: saas.refund_invoice
→ surface: admin · role required: owner

🛡️ Step 2 · Validate

Lookup, role check, payload build.

Resolves "Adam" → customer, fetches the most recent paid invoice, validates parameters, checks the admin's role and the action's confirmation policy.

✅ Step 3 · Confirm & sign

Admin sees a preview card. Confirms. Signed.

For risky actions, OpsIQ surfaces a confirmation card with the exact params. After confirm, OpsIQ POSTs the action to your endpoint with HMAC-SHA256.

🧾 Step 4 · Audit

Every prompt, every response, every action — recorded.

AI History captures the rendered prompt, the response, the action result, the actor, the duration. Owner-only, exportable as CSV.

Reference

API surface at a glance.

Endpoint	Auth	Idempotent	Rate limit
`POST /v1/events/fire`	HMAC	Yes	1000 / min
`POST /v1/actions/run`	HMAC	Yes	200 / min
`GET /v1/customers/{id}`	HMAC	Yes	2000 / min
`GET /v1/tickets`	HMAC	Yes	2000 / min
`POST /v1/webhooks/test`	HMAC	Yes	60 / min
`GET /v1/connectors`	HMAC	Yes	2000 / min

Build with us

Make your platform AI-operable in production.

Sign up, generate an API key, and you'll have a working integration in under an hour. Need help? Our engineers will pair with you live.

Get an API key Book engineering session