Base URL
Authentication
All endpoints (except/health) require a Bearer token:
rail_. Generate yours from the dashboard.
Endpoints
| Method | Endpoint | Description |
|---|---|---|
POST | /railscore/v1/eval | Evaluate content across 8 RAIL dimensions |
POST | /railscore/v1/safe-regenerate | Evaluate and regenerate until the threshold is met |
POST | /railscore/v1/compliance/check | Regulatory compliance check |
POST | /railscore/v1/agent/tool-call | Evaluate an agent tool call before execution |
POST | /railscore/v1/agent/tool-result | Scan a tool result for PII and injection |
POST | /railscore/v1/agent/prompt-injection | Detect prompt injection in text |
GET | /railscore/v1/config | Read the policy and configuration for your application |
GET | /railscore/v1/dimensions | The RAIL dimensions and your weights/thresholds |
GET | /railscore/v1/capabilities | Features and limits for your plan |
POST | /verify | Verify an API key and view identity |
GET | /health | Service health check |
Error codes
| Status | Meaning |
|---|---|
400 | Invalid request - check parameters |
401 | Missing or invalid API key |
402 | Insufficient credits |
403 | Key revoked or plan restriction |
422 | Validation error - content too short/long |
429 | Rate limit exceeded |
503 | Service temporarily unavailable |