Developer Experience
Two APIs. Flow + Render.
Validate AI outputs through gates and generate professional documents. Clean APIs, SDKs for Node.js, Python, and Java, and comprehensive docs.
How Flow Works
Define a gate. Submit AI output. Get a validated result — synchronously.
1
Define a Gate
Set a JSON schema (field types, required fields) and expression-based rules (e.g.
score >= 50). Create once in the dashboard or via API.2
Submit a Run
POST your AI output to
/api/flow/gates/:id/runs. Rynko validates the schema and evaluates every rule.3
Get Result + ID
Response includes
status, violations, and a tamper-proof validation_id that proves the data was validated.4
Verify Downstream
Before accepting agent-delivered data, your system calls
/flow/verify with the validation_id + payload. Catches bypass and tampering.Key Endpoints
Submit a Run — Approved
curl -X POST https://api.rynko.dev/api/flow/gates/YOUR_GATE_ID/runs \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"payload": {
"name": "John Smith",
"email": "john@example.com",
"score": 87,
"status": "active"
}
}'
# Response (201 Created):
# {
# "runId": "run_abc123",
# "status": "APPROVED",
# "validation_id": "val_4f546e9bcb76...",
# "violations": [],
# "passedRules": 5,
# "totalRules": 5
# }
# → Pass validation_id to downstream systems for verificationSubmit a Run — Rejected
# Same endpoint, different payload:
# -d '{ "payload": { "name": "Jo", "email": "not-an-email", "score": 12, "status": "inactive" } }'
# Response (201 Created):
# {
# "runId": "run_def456",
# "status": "REJECTED",
# "violations": [
# { "rule": "score_threshold", "message": "score must be >= 50 (got 12)" },
# { "rule": "valid_status", "message": "status must be one of: active, pending" },
# { "field": "email", "message": "must match format: email" }
# ],
# "passedRules": 2,
# "totalRules": 5
# }Get a Run Result (async polling)
curl https://api.rynko.dev/api/flow/runs/run_abc123 \
-H "Authorization: Bearer YOUR_API_KEY"
# Response:
# {
# "runId": "run_abc123",
# "gateId": "YOUR_GATE_ID",
# "status": "APPROVED",
# "submittedAt": "2026-03-05T10:00:00Z",
# "completedAt": "2026-03-05T10:00:00.042Z",
# "violations": [],
# "payload": { ... }
# }Verify Before Accepting (downstream system)
# Your receiving system verifies the agent didn't skip or tamper:
curl -X POST https://api.rynko.dev/api/flow/verify \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"validation_id": "val_4f546e9bcb76...",
"payload": {
"name": "John Smith",
"email": "john@example.com",
"score": 87,
"status": "active"
}
}'
# Verified:
# { "verified": true, "runId": "run_abc123", "gateName": "Lead Qualifier" }
# Tampered or bypassed:
# { "verified": false }One API call. Catches both agent bypass (no validation_id) and payload tampering (HMAC mismatch). Free — no run consumed.
Webhook Delivery
Configure a delivery URL per gate. Rynko POSTs a signed flow.run.completed event when a run finishes — check run.status for the outcome.
flow.run.completed
Fires when any run reaches a terminal state. Check
run.status for APPROVED, REJECTED, or REVIEW_REQUIRED.# POST to your gate's configured delivery URL
# Headers:
# X-Rynko-Signature: v1=<hmac-sha256>
# X-Rynko-Timestamp: 1741180800
# X-Rynko-Event-Type: flow.run.completed
{
"event": "flow.run.completed",
"timestamp": "2026-03-06T10:00:00.042Z",
"run": {
"id": "run_abc123",
"shortId": "flw_01jt4...",
"status": "APPROVED", // APPROVED | REJECTED | REVIEW_REQUIRED
"inputPayload": { ... },
"artefactUrl": "https://..." // if Render is configured on the gate
},
"gate": {
"id": "gate_xyz",
"name": "Invoice Validator",
"slug": "invoice-validator"
}
}APPROVED
All rules passed. Safe to act.
REJECTED
One or more rules failed.
REVIEW_REQUIRED
Routed to human approval inbox.
Ready to ship?
500 free Flow runs/month. Full API access. No credit card required.