Skip to main content
The Intent resource is the core of the Inviolet API. Every intent.evaluate call extracts the intent class, matches against published purposes, evaluates policy, and returns the access decision plus (when allowed) a short-lived intent token.

Endpoints

MethodPathDescription
POST/v1/intent/evaluateEvaluate one tool call
GET/v1/intent/historyPage through recent evaluations
POST/v1/tokens/verifyVerify a previously issued intent token

Evaluate

Request: 
POST /v1/intent/evaluate
Authorization: Bearer <INVIOLET_API_KEY>
Content-Type: application/json

{
  "user_id": "user_2pX9...",
  "session_id": "sess_abc",
  "tool_call": {
    "name": "lookup_customer",
    "arguments": { "customer_id": "12345" }
  },
  "data_source_id": "salesforce_prod",
  "shadow_mode": false
}
Response (200): 
{
  "outcome": "allowed",
  "intent_event_id": "ie_2pX9...",
  "intent_label": "customer_support_lookup",
  "intent_class": "lookup",
  "confidence": 0.94,
  "data_elements": ["customer.name", "customer.email"],
  "shadow_mode": false,
  "processing_time_ms": 38
}
Possible outcome values: allowed, denied, pending_approval, approved, shadow_denied. When outcome = pending_approval, the response includes approval_request_id for polling.

Node SDK example

import { InViolet } from "@inviolet/sdk"

const inviolet = new InViolet({ apiKey: process.env.INVIOLET_API_KEY! })

const decision = await inviolet.intent.evaluate({
  userId: "user_2pX9...",
  toolCall: { name: "lookup_customer", arguments: { customer_id: "12345" } },
  dataSourceId: "salesforce_prod",
})

History

const history = await inviolet.intent.history({
  limit: 50,
  outcome: "denied",
  since: "2026-04-25T00:00:00Z",
})
Returns paginated events. Use next_cursor to walk forward.

Verify a token

const result = await inviolet.tokens.verify({ token: intentToken })
// result.valid === true / false
// result.purp.data_elements is the approved column set

Errors

401 missing/invalid API key · 400 invalid request body · 429 rate-limited · 5xx retryable.