Checks API
The Checks API provides access to the extensible verification check library. Create, test, and manage check types for automated delivery verification.
Check Domains
httpHTTP/API verification (status, JSON schema, headers, body hash)artifactFile/blob integrity (SHA256, MIME type, size bounds)code_repoGit/repository checks (commit exists, diff threshold, required files)cicd_deployCI/CD and deployment verificationdataDataset validation (schema, row counts)ml_modelML model verification (accuracy, bias checks)image_videoMedia validation (dimensions, format, content)documentDocument checks (PDF signatures, structure)identity_authIdentity/auth verification (JWT, OAuth, webhooks)blockchainOn-chain checks (tx inclusion, contract state, events)financialPayment/settlement verificationsecuritySecurity scanning (vulnerabilities, secrets)performancePerformance validation (latency, throughput)humanManual/approval gatesai_llmAI-assisted evaluation (summarization, grading)compliance_legalCompliance checks (licenses, regulations)supply_chainProvenance/SBOM verification (SLSA, Sigstore)Endpoints
List Check Types
List all available check types with optional filtering by domain or search query.
Parameters
domainoptionalstringFilter by check domain (e.g., "http", "artifact", "code_repo")
searchoptionalstringSearch check names and descriptions
include_deprecatedoptionalbooleanInclude deprecated check versions (default: false)
Response
{
"data": [
{
"id": "ct_abc123",
"slug": "http_status_check",
"name": "HTTP Status Check",
"description": "Verifies an endpoint returns expected status code",
"domain": "http",
"is_builtin": true,
"latest_version": "1.0.0",
"created_at": "2026-01-15T10:00:00Z"
}
],
"plugins": ["http_status_check", "http_json_schema", "artifact_sha256"],
"total": 30
}Check Result Model
Every check execution returns a standardized result with status, evidence, and timing information.
statusenumpass | fail | indeterminatereason_codestringMachine-readable result code for dashboards/alertssummarystringHuman-readable explanation of the resultevidencearrayEvidence artifacts proving the resulttimingobjectExecution timing (started_at, ended_at, duration_ms)costobjectCost tracking for AI/LLM checks (optional)Verification Runs
Execute multiple checks together in a verification run. Runs track overall status, timing, costs, and collect evidence from all checks.
/api/v1/verification/runsExecute a verification run with multiple checks.
{
"contract_id": "contract-123",
"delivery_id": "delivery-456",
"checks": [
{ "check_type": "http_status", "params": { "url": "https://api.example.com", "expected_status": 200 } },
{ "check_type": "artifact_sha256", "params": { "url": "https://cdn.example.com/file.zip", "expected_hash": "abc123..." } }
],
"budget": { "max_cost_cents": 100, "max_runtime_ms": 60000 }
}/api/v1/verification/runsList verification runs with optional filtering.
Query params: contract_id, delivery_id, status, limit, offset
/api/v1/verification/runs/:runIdGet verification run details including all check results and evidence artifacts.
SDK Usage
// Execute a verification run
const run = await ftx.checks.executeRun({
contract_id: 'contract-123',
delivery_id: 'delivery-456',
checks: [
{ check_type: 'http_status', params: { url: 'https://api.example.com', expected_status: 200 } }
]
});
// Get run details
const details = await ftx.checks.getRun(run.data.id);
// List runs for a contract
const runs = await ftx.checks.getRunsForContract('contract-123');Security: SSRF Protection
All HTTP checks use SSRF-safe fetching that blocks access to internal networks and cloud metadata endpoints:
- - Private IP ranges blocked (10.x, 172.16.x, 192.168.x, 127.x)
- - Cloud metadata endpoints blocked (169.254.169.254, metadata.google, etc.)
- - DNS rebinding protection (IP resolved before fetch)
- - Redirect limits (max 5 hops, same-scheme enforcement)
- - Response size limits (default 20MB)