● Getting started
Authentication.
Every request carries a bearer protocol key. Keys are organization-bound and scope-limited: an operation runs only if the key holds its scope (60 scopes across the surface, e.g. judgments:validate, packets:export).
Authorization: Bearer md_live_xxxxxxxxxxxxxxxx MD-Version: 2026-06-11 Idempotency-Key: 4f8a-bd31 # all write operations, 24h replay window
Envelope headers
| Header | |
|---|---|
| MD-Version | Date-pinned API version. Pinned at first call if omitted; breaking changes only ship under a new date. |
| Idempotency-Key | Safe retries on every write. Same key + same body inside 24h returns the original result. |
| MD-Request-Id | Returned on every response. Quote it in support and audit queries. |
| MD-Signature | HMAC-SHA256 signature on every webhook delivery: t=<ts>,v1=<sig>. |
The gates are the contract
Three domain gates sit above scopes and never soft-pass: authority_required, sanctions_gate, stay_in_effect. A blocked call is the protocol working as designed. See errors →