Contact Us
-
Email: info@igenticai.com
What is the Developer Version?
FAQ
Implementation
These answers provide implementation detail for developers and technical buyers.
Deployment and Hosting
Can i-GENTIC be deployed on premises, or is it only hosted on AWS?
Default deployment is AWS. We also support on-prem and hybrid installs using containerized agents (Docker or Kubernetes). Network egress and data residency are customer controlled, and the same governance and audit stack is available in all footprints.
How is data stored; does i-GENTIC keep any client data or credentials?
By default, no customer content leaves your environment. GENIE™ can operate in a zero retention mode or a customer defined retention mode. All traffic between agents and systems is encrypted in transit. At rest, customer data stays in your environment unless you explicitly opt in to storage for analytics or reporting.
Secrets and credentials: Stored in your enterprise vault such as AWS KMS and Secrets Manager, Azure Key Vault, or HashiCorp Vault. GENIE™ references secrets by handle. Credentials are never kept in plain text or embedded in model context.
Access scopes: Agents authenticate with short-lived, least-privilege tokens that map to each agent’s Passport.
Redaction and hashing: Sensitive fields can be redacted before any model call. Field level hashing supports record linkage without exposing raw values.
Audit metadata: Each action records agent ID, Passport version, tool invoked, resource identifier, micropolicy or policy ID, pre and post checksums, justification string, timestamp, and reviewer ID when human review is required.
Key management: Supports customer managed keys. Rotation policies are enforced by your KMS and reflected in Passport checks.
How does the platform handle containerization and client specific environments?
Each tenant runs isolated agent workloads. We support per-org namespaces, dedicated clusters, and air-gapped installs. Policies, logs, and credentials are segmented at the tenant boundary.
Integration and APIs
What APIs and connectors are provided out of the box?
GENIE™ connects through a catalog of reusable tools and a dynamic registry that discovers approved additions without rebuilds.
• Supported interfaces: REST and GraphQL APIs, JDBC and ODBC data sources, object storage, common SaaS endpoints, and message queues.
• Examples: Major clouds (AWS, Azure, GCP), identity providers (Okta, Entra, OIDC, SAML), data stores (PostgreSQL, Snowflake, S3, Azure Blob, GCS, SharePoint), and security or ops systems (Elastic, Splunk, ServiceNow).
• Generic connector: A generic REST or webhook connector covers most custom systems.
• New connector path: Import schema, scaffold a tool, declare the allow list and scopes, validate in a sandbox, then register it in the dynamic registry.
How long does it take to integrate i-GENTIC with external systems?
Typical timelines are hours for standard connectors and 1 to 3 days for custom REST or OpenAPI integrations depending on authentication and approval flows. Teams can parallelize builds because registry updates are hot loaded.
Can i-GENTIC connect to IoT or OT systems such as MQTT, OPC-UA, and edge devices?
Yes, via the edge agent. MQTT and OPC-UA are supported through pluggable connectors. Protocol coverage is deployment specific.
Does i-GENTIC support custom or in-house systems?
Yes. The Open API and connector SDK let you add tools while keeping them under governance through the Agent Passport. Scoped permissions, audit, and policy controls are enforced for each tool.
Security and Permissions
How are passwords and authentication handled?
SSO via SAML 2.0 or OIDC with MFA enforced by your IdP. We avoid long-lived passwords. Agents use short-lived, least-privilege tokens with rotation and expiry.
How does the Agent Passport system manage permissions?
The Passport is a signed manifest that defines an agent’s identity, permissions, and approval gates.
• Identity fields: Agent UUID, owner, environment, version, and signature.
• Permission model: Tool allow list, data scopes, rate and spend limits, workflow permissions, and escalation rules.
• Approval gates: Actions can require one or two human approvers based on risk tier. Break glass operations are time boxed and logged with reason codes.
• Change control: Passport updates are proposed via change requests, reviewed, signed, and versioned. Rollback returns the prior Passport version immediately.
• Tamper evidence: All Passport reads and writes are logged. Hashes allow external verification in your SIEM.
Can administrators restrict GENIE™ capabilities per user role?
Yes. Fine grained RBAC and ABAC controls restrict which actions each role can invoke. Sensitive actions can require multi party approval.
What guardrails exist to prevent misuse or prompt injection attacks?
Configure prompt and tool allow lists, retrieval isolation, output filtering, execution sandboxes, egress controls, and rate limits. All interactions are logged in a tamper evident way.
Functionality and Features
How are passwords and authentication handled?
SSO via SAML 2.0 or OIDC with MFA enforced by your IdP. We avoid long-lived passwords. Agents use short-lived, least-privilege tokens with rotation and expiry.
How does the Agent Passport system manage permissions?
The Passport is a signed manifest that defines an agent’s identity, permissions, and approval gates.
• Identity fields: Agent UUID, owner, environment, version, and signature.
• Permission model: Tool allow list, data scopes, rate and spend limits, workflow permissions, and escalation rules.
• Approval gates: Actions can require one or two human approvers based on risk tier. Break glass operations are time boxed and logged with reason codes.
• Change control: Passport updates are proposed via change requests, reviewed, signed, and versioned. Rollback returns the prior Passport version immediately.
• Tamper evidence: All Passport reads and writes are logged. Hashes allow external verification in your SIEM.
Can administrators restrict GENIE™ capabilities per user role?
Yes. Fine grained RBAC and ABAC controls restrict which actions each role can invoke. Sensitive actions can require multi party approval.
What guardrails exist to prevent misuse or prompt injection attacks?
Configure prompt and tool allow lists, retrieval isolation, output filtering, execution sandboxes, egress controls, and rate limits. All interactions are logged in a tamper evident way.
Agents
Which four agents come preconfigured?
AI Governance, Data Governance, Privacy, and Cybersecurity.
Can users create new agents, and is there a cost or limit?
Yes. Creation is self service. Limits and pricing depend on package tier. Enterprise can be unlimited.
Do agents require training to interpret regulations?
No model training is required. Agents use policies and your SOPs. You can extend them via configuration and connector permissions.
Risk and Compliance
How does i-GENTIC calculate risk scores and compliance maturity?
Risk scoring combines rule violations, severity, and asset criticality. Maturity can map to frameworks such as NIST, ISO 27001 and 27701, CIS Controls, and the EU AI Act.
What reporting options are available?
Immutable audit logs that differentiate AI and human actors, compliance scorecards by system and regulation, and planned ROI dashboards such as cost or time saved and violation reduction. Exports include PDF, CSV, and JSON.
Can audits be scheduled?
Yes, on a schedule or on demand, with notifications and API or webhook delivery.
Licensing and Usage
Are tokens or inquiries limited?
The Developer tier is capped by package using rate limits and monthly allotments. Enterprise tiers raise or remove caps.
What is the difference between small and enterprise packages?
Primarily the number of AI tokens available, which impacts the number of actions and the size of the content that can be handled. With more tokens you can process more and larger documents, policies, and reports.
Do all users get access to GENIE™, or only admins?
All licensed users can access GENIE™. Capabilities are role based. Admins manage policies and approvals.
Support and Onboarding
What onboarding or training is provided?
Quick start guides, admin runbooks, and optional live training. Enterprise includes white glove onboarding and solution architect support.
Is technical documentation available on cloning, permissions, and integrations?
Yes. Full docs cover agent configuration, API and connector setup, and permission management.
FAQ
i-GENTIC API
The i-GENTIC API is the integration layer of the i-GENTIC compliance platform. It transforms static regulations into micropolicies, binds them to agents, and enforces them continuously. Every action is captured as immutable evidence: scorecards for organizations and passports for agents. This is not just another SaaS API, it is a governance operating system.
For Developers
What is the i-GENTIC API designed for?
The API is the integration layer of the i-GENTIC compliance platform. It is REST first and JSON over HTTPS, with synchronous CRUD endpoints and asynchronous task handling. It provides programmatic access to user management, project lifecycle, policy ingestion, agent orchestration, reporting, and auditing.
The API provides REST first, JSON over HTTPS access to:
• Projects → Governance Programs
• Policies and Micropolicies → Machine enforceable compliance rules
• Agents → Autonomous compliance actors
• Reports → Audit scorecards
• Teams → RBAC and segregation of duties controls
• Admin Logs and Alerts → Immutable audit trails and early warnings
Endpoints are synchronous for CRUD, with asynchronous task handling for long running operations.
How do I authenticate?
• Authentication is via Bearer tokens at /auth/token.
• Tokens include organization, user, and role metadata.
• Tokens must be rotated every 90 days.
• Roadmap version 2: OAuth2 and JWT with scoped access.
See the central Authentication section for details.
How is RBAC enforced?
RBAC is applied system wide to enforce least privilege:
• Each token is bound to a role such as Super Admin, Admin, or User.
• The permission matrix at /admin/permission-matrix is exportable as audit evidence.
• Role assignments and changes are logged to support regulatory audits.
What are Agents and how do I use them?
Agents are not just scanners. They are evergreen compliance actors that enforce micropolicies in real time, accept plain language prompts or structured definitions, call external tools, track historical violations for escalation, and produce an agent passport that records actions and decisions.
Endpoints:
• Create → /agents
• Orchestrate → /tasks/scan, continuous monitoring, or webhook triggers
What are micropolicies?
Micropolicies are JSON objects representing enforceable rules derived from regulations such as “Encrypt PHI at rest.”
• Created with /policies/ingest
• Traceable to source regulation for audit evidence
• Schema definitions will be published in version 2
Endpoints:
• Create → /agents
• Orchestrate → /tasks/scan, continuous monitoring, or webhook triggers
What are Tools?
Tools are compliance enforcement utilities that agents can invoke. Examples:
• AWS IAM scanner checks least privilege
• Okta RBAC checker validates role segregation
• PII detector redacts sensitive fields
Planned endpoint: /tools
Endpoints:
• Create → /agents
• Orchestrate → /tasks/scan, continuous monitoring, or webhook triggers
What is the Prompt API?
The Prompt API defines how agents enforce compliance:
• Natural language such as “If PHI is detected, redact and notify”
• Structured JSON logic for if or then enforcement
• Roadmap: /prompts endpoint for versioned prompt management
Endpoints:
• Create → /agents
• Orchestrate → /tasks/scan, continuous monitoring, or webhook triggers
How do I ingest regulations?
curl -X POST https://api.igenticai.com/v1/policies/ingest \
-H “Authorization: Bearer igpk_abc123” \
-F file=@hipaa.pdf
Accepted formats: PDF, DOCX, TXT. Parsed micropolicies become immediately available for agents.
What reporting is available?
/reports/{id} returns JSON scorecards including:
• Compliance scores
• Violations detected
• Audit evidence traceable to source micropolicies
Reports are designed for regulator ready submission.
How are long running tasks handled?
Asynchronous tasks return 202 Accepted with a Location header at /tasks/{id}. Webhook notifications are supported. Retries use exponential backoff and dead letter handling is documented.
How are errors returned?
Standard JSON error format:
{
“error”: {
“code”: “VALIDATION_ERROR”,
“message”: “Phone number invalid”,
“fields”: [“phone”]
}
}
Status codes:
• 400 = Validation failed
• 401 = Unauthorized
• 403 = Forbidden
• 404 = Not found
• 409 = Conflict
• 500 = Internal error
What is the difference between soft delete and permanent delete?
Delete endpoints are soft deletes. Data is hidden from active use but preserved in the database for auditability. Permanent delete is not exposed in version 1.
What SDKs or developer tools are available?
• cURL accessible OpenAPI 3.0 spec in version 1
• Roadmap: Postman collections and SDKs for Python, Node, and Java
What is the roadmap for version 2?
Planned enhancements:
• OAuth2 and JWT with scoped access
• Tool and Prompt APIs
• Agent Passport endpoints
• JSON Schemas for micropolicies, scorecards, and violations
• Changelog driven deprecations with 90 day windows
For Compliance Officers
What is the compliance value of i-GENTIC?
The i-GENTIC API is not just an integration layer. It is a governance operating system. It converts static regulations into enforceable micropolicies, deploys them via agents, enforces continuously, and provides immutable audit records.
How do agents support compliance?
Agents provide continuous enforcement:
• Monitor systems in real time
• Remediate violations automatically
• Record every decision in an auditable passport
• Maintain historical memory for escalation of repeat issues
What is an Agent Passport for compliance?
The passport is the audit identity of an agent:
• Policies enforced
• Tools used
• Actions taken
• Violations found
• Remediation outcomes
It is exportable for internal audits or regulators.
What is a micropolicy in compliance terms?
A micropolicy is a single compliance rule derived from a larger regulation. Instead of a 200 page HIPAA document, you get hundreds of micropolicies such as “PHI must be encrypted at rest” or “Logs must retain user IDs for 12 months.” Each micropolicy is traceable back to its source regulation for audit purposes.
How do tools extend compliance enforcement?
Tools are integrations that let agents act on violations. For example, a redaction tool can mask PHI, or a sanctions API can check transactions against blacklists. This ensures violations are not just reported but actively remediated.
What is the role of prompts?
Prompts let compliance teams define real time enforcement logic without coding.
How is auditability ensured?
• Immutable logs of every action
• Soft deletes to preserve history
• Permission matrices for role audits
• Alerts for governance breaches
• Reports and Passports for evidence
How does i-GENTIC ensure evergreen compliance?
When regulations change:
• New documents are ingested and new micropolicies are created
• Agents adopt updated policies automatically
• No manual rewrites are required
What is the SLA for compliance critical environments?
The system targets 99.5 percent uptime per month excluding four hours of scheduled maintenance. Support response is available within four hours.
What kinds of reports are produced?
Reports include compliance scorecards, violation logs, and remediation records. These can be exported for internal compliance dashboards or submitted directly as audit evidence.
How does RBAC support compliance controls?
RBAC enforces least privilege. Role assignments are logged and auditable. The permission matrix provides a complete map of who can access what, which is critical for regulatory audits.
How does memory support compliance enforcement?
Agents track historical violations and actions, enabling escalation for repeat issues and avoiding duplicate alerts. This provides context to regulators that issues were not only detected but addressed consistently over time. GENIE™, our AI based digital assistant, has a memory system that learns over time and provides additional context from prior events to answer questions better.
FAQ
Trial and Subscription
Trial and Subscription FAQ
Is there a free trial available for the i-GENTIC API?
Yes. Organizations can sign up for a free trial of the i-GENTIC Developer API. The trial provides access to the core set of endpoints including regulation ingestion, micropolicy parsing, agent creation, and reporting. To activate the trial, a valid credit card must be added at signup. No charges are made during the trial period, but billing details are required to ensure a seamless transition to a paid subscription if the account is upgraded.
What are the differences between the free trial and a paid subscription?What are the differences between the free trial and a paid subscription?
The free trial has limited capacity and features. Trial accounts may support a small number of agents such as two active agents, capped API calls per month, and restricted webhook delivery. Paid subscriptions unlock unlimited agents, higher API throughput, advanced reporting, custom tool integration, SLA backed uptime, and dedicated support. Paid tiers may also include advanced features such as Agent Passports, full audit logs, RBAC customization, and enterprise IdP integration.
How is usage metered during the trial?
Usage is measured by API call volume, the number of active projects, the number of concurrent agents, and the number of compliance scans. If limits are exceeded, you will be notified that AI use is unavailable until the next billing cycle or until upgraded to a paid subscription.
What happens when the trial ends?
At the end of the trial, the credit card on file is automatically charged for the selected subscription tier. If no plan has been selected, the account is suspended. All data, projects, and agents are retained in a read only state for a limited grace period to allow reactivation without data loss.
Can trial data and configurations be carried over to a paid account?
Yes. All trial activity, including uploaded regulations, parsed micropolicies, created projects, and configured agents, is preserved when upgrading. Audit logs and compliance reports are also retained. Migration does not require re-ingestion or reconfiguration.
What support is included during the trial?
Trial users have access to documentation, FAQs, sample code, and community updates. Email support is available on a best effort basis. Paid subscriptions include SLA backed support, guaranteed response times under four hours, and access to dedicated support channels such as Slack or GitHub issues.
What billing options are available?
Billing can be monthly or annual. Annual subscriptions may include discounted pricing. All billing is handled automatically through the credit card on file. Enterprise contracts can support invoicing and purchase orders upon request.
Can I upgrade or downgrade my subscription?
Yes. You can upgrade from trial to paid at any time, or between paid tiers, without disruption. Downgrades are possible at the end of a billing cycle, subject to usage limits in the lower tier.
Do you offer enterprise trials or pilots?
Yes. In addition to the standard free trial, enterprise organizations may qualify for extended pilot programs that include higher limits, dedicated support, and co-development opportunities. These require a signed agreement and may include proof of concept deliverables.
How does i-GENTIC handle compliance data during trials?
All uploaded regulations, micropolicies, projects, and compliance reports are treated with the same security and governance standards as in paid plans. Data is encrypted in transit and at rest, and access is governed by role based access control.
Is my data deleted if I do not upgrade after the trial?
Data is retained for a grace period of 30 days after trial expiration. During this period, you can upgrade and restore full access. After the grace period, data may be archived or permanently deleted depending on compliance requirements.
Can multiple users share a trial account?
Yes. A trial account can be configured with multiple users and roles. This allows teams to test both developer and compliance officer workflows within the same organization.
What is included in paid subscriptions that is not in trial?
Paid subscriptions include enterprise grade features such as:
• Unlimited agents and projects
• Full webhook and integration support
• Custom tool creation and API connectors
• SLA backed uptime commitments
• RBAC customization and advanced role mapping
• Audit ready Agent Passports and full access logs
• Enterprise authentication such as SSO, SAML, Okta, and Azure AD
• Dedicated compliance and developer support channels
Can I switch from the developer API trial to a SaaS subscription later?
Yes. The system is designed for portability. All trial activity can be carried into SaaS or enterprise deployment models without reingestion of policies.
How do I know which subscription tier is right for me?
During the trial, usage metrics are tracked and available in the dashboard. These metrics help organizations understand typical API volume, agent load, and project scale. The i-GENTIC team can provide recommendations based on these metrics before the trial ends.
Do you offer volume based or custom pricing?
Yes. Enterprise accounts may negotiate custom pricing based on projected agent count, regulatory frameworks supported, or data processing volume.
Does the trial include audit reporting?
The trial includes basic reporting and scorecards. Paid subscriptions expand this to include full audit logs, passports, and exportable compliance artifacts suitable for regulators.
Can trial accounts use external integrations?
Trial accounts support limited integrations. Paid accounts unlock advanced integrations with identity providers, cloud platforms, and third party compliance systems.
