BioLayer.tech

API

Integrate human execution into your automated workflows.

API Overview

REST API for task creation, tracking, and cancellation

Webhooks for every lifecycle transition with signed payloads

Schema-first contracts: explicit inputs, outputs, and SLA

Authentication Model

API keys with scoped permissions (org, pool, and endpoint scopes)

Optional OAuth 2.0 for delegated access

IP allowlisting available for enterprise tenants

Key Endpoints Summary

POST /v1/tasks — Create a new task. Returns task_id and initial status.

GET /v1/tasks/{task_id} — Retrieve task status and output (if complete).

GET /v1/tasks — List tasks with filters (status, domain, urgency, pool).

POST /v1/tasks/{task_id}/cancel — Cancel a pending task.

Webhook Events List

task.created

task.queued

task.matched

task.offered

task.accepted

task.started

task.submitted

task.verified

task.completed

task.failed

task.cancelled

task.sla_breached

Code Example (task creation)

POST /v1/tasks
POST /v1/tasks
{
  "origin": {
    "org_id": "uuid",
    "product": "threatlabs",
    "request_id": "IR-48219",
    "created_by": "system",
    "created_at": "2026-02-04T19:21:00Z"
  },
  "task_type": "verification",
  "domain": "security",
  "title": "Verify endpoint owner activity",
  "instructions": "Call the endpoint owner and confirm the 03:42 UTC PowerShell session.",
  "context": {
    "background": "EDR flagged anomalous activity; automation needs human confirmation.",
    "constraints": ["Do not disclose internal case ID"],
    "risk_notes": ["Potential active compromise"]
  },
  "sla": {
    "urgency": "high",
    "deadline": "2026-02-04T19:36:00Z",
    "target_latency_seconds": 600
  },
  "requirements": {
    "skills": ["phone_verification", "incident_response"],
    "certifications": ["soc-operator"],
    "trust_level": 4,
    "min_rating": 4.8,
    "worker_pool_id": "pool-uuid"
  },
  "output": {
    "expected_format": "structured_json",
    "schema": {
      "reached_user": "boolean",
      "user_confirmed": "boolean",
      "notes": "string"
    },
    "evidence_required": true
  },
  "handoff": {
    "callback_url": "https://example.com/webhooks/biolayer",
    "callback_auth": { "type": "bearer", "token": "redacted" },
    "retry_policy": { "max_retries": 6, "backoff_seconds": 30 }
  },
  "audit": { "log_required": true, "retain_days": 365 }
}