User guideDeveloper guideInbound integrations
Developer guide

Inbound integrations

Create incidents from another system and submit public intake forms.

Inbound integrations

Two parts of VerifyWise are built to receive data from outside systems: incidents and intake forms. You can raise an incident from your own monitoring stack, and you can submit an intake form from a public website without a login.

Creating incidents from another system

If your monitoring or observability tooling detects an AI problem, it can record an incident in VerifyWise through the API. Incidents have full CRUD, all behind a token.

Method & pathDescription
GET /api/ai-incident-managementsList incidents.
GET /api/ai-incident-managements/:idFetch one incident.
POST /api/ai-incident-managementsCreate an incident.
PATCH /api/ai-incident-managements/:idUpdate an incident.
DELETE /api/ai-incident-managements/:idDelete an incident.

A create needs at least the affected project, a type, a severity, a status, a reporter and a description. Many more fields are accepted for a fuller record.

bash
curl -X POST "http://localhost:3000/api/ai-incident-managements" \
  -H "Authorization: Bearer <your-token>" \
  -H "Content-Type: application/json" \
  -d '{
    "ai_project": 1,
    "type": "Performance degradation",
    "severity": "High",
    "status": "Open",
    "reporter": "monitoring-bot",
    "description": "Model accuracy dropped below the alert threshold."
  }'

The response is the standard envelope with the created incident in data. From there your team picks it up in the app.

Submitting public intake forms

Intake forms collect AI project requests. Their public endpoints let an external site fetch a form and submit answers with no login, identified by the form's public id. These routes are rate-limited and protected by a CAPTCHA.

Method & pathDescription
GET /api/intake/public/by-id/:publicIdFetch the form definition, including its fields.
POST /api/intake/public/by-id/:publicIdSubmit a completed form.
GET /api/intake/public/captchaGet a CAPTCHA challenge to include with a submission.

Fetch the form to learn its fields, then post the answers. The submitter email, the answers as formData and a CAPTCHA token and answer are required.

bash
curl "http://localhost:3000/api/intake/public/by-id/<public-id>"

curl -X POST "http://localhost:3000/api/intake/public/by-id/<public-id>" \
  -H "Content-Type: application/json" \
  -d '{
    "submitterEmail": "requester@example.com",
    "submitterName": "Jane Doe",
    "formData": { "field-1": "New chatbot", "field-2": "Customer support" },
    "captchaToken": "<token-from-captcha-endpoint>",
    "captchaAnswer": 7
  }'
No token needed here
The public intake routes are the one part of the platform that does not use a bearer token, because forms are meant to be filled in by people outside your organization. They are rate-limited and CAPTCHA-gated instead. Everything else in the developer guide needs a token.

What is not available

VerifyWise does not send outbound webhooks for these events. Nothing calls your systems when an incident changes or a form is submitted; your side initiates every request. Automations can send email on events, but there is no action that posts to an external URL.

Related articles

Platform REST API

Auth, base URL, response shape and limits.

Automations API

Run an email action when an event happens.

PreviousCompliance, reports and exports
Inbound integrations - Developer guide - VerifyWise User Guide