# Compliance

## Compliance dashboard composite

> Composite compliance dashboard — HIPAA status, retention, credentials summary.\
> \
> Aggregates compliance signals into a single dashboard view.\
> \
> Permissions: admin, owner.

```json
{"openapi":"3.1.0","info":{"title":"Platform API","version":"1.0.0"},"servers":[{"url":"https://api.platform.amigo.ai","description":"Production"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","description":"API key issued via `POST /v1/{workspace_id}/api-keys`. Pass the returned `api_key` value as a Bearer token."}},"schemas":{"ComplianceDashboardResponse":{"properties":{"hipaa_status":{"type":"string","title":"Hipaa Status"},"retention_days":{"anyOf":[{"type":"integer"},{"type":"null"}],"title":"Retention Days"},"legal_hold":{"type":"boolean","title":"Legal Hold"},"total_credentials":{"type":"integer","title":"Total Credentials"},"active_credentials":{"type":"integer","title":"Active Credentials"},"last_audit_export":{"anyOf":[{"type":"string"},{"type":"null"}],"title":"Last Audit Export"},"generated_at":{"type":"string","title":"Generated At"}},"type":"object","required":["hipaa_status","retention_days","legal_hold","total_credentials","active_credentials","last_audit_export","generated_at"],"title":"ComplianceDashboardResponse","description":"Composite compliance health overview."}}},"paths":{"/v1/{workspace_id}/compliance/dashboard":{"get":{"tags":["Compliance"],"summary":"Compliance dashboard composite","description":"Composite compliance dashboard — HIPAA status, retention, credentials summary.\n\nAggregates compliance signals into a single dashboard view.\n\nPermissions: admin, owner.","operationId":"get-compliance-dashboard","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ComplianceDashboardResponse"}}}},"429":{"description":"Rate limited"}},"parameters":[{"name":"workspace_id","in":"path","required":true,"schema":{"type":"string","format":"uuid","title":"Workspace Id"}}]}}}}
```

## HIPAA compliance evidence report

> HIPAA compliance evidence report.\
> \
> Aggregates audit statistics, retention policy, encryption status,\
> and API key summary for the specified period. Identity-specific\
> fields (MFA, SSO, lockout) return null pending integration.\
> \
> Permissions: admin, owner.

```json
{"openapi":"3.1.0","info":{"title":"Platform API","version":"1.0.0"},"servers":[{"url":"https://api.platform.amigo.ai","description":"Production"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","description":"API key issued via `POST /v1/{workspace_id}/api-keys`. Pass the returned `api_key` value as a Bearer token."}},"schemas":{"HipaaReportResponse":{"properties":{"generated_at":{"type":"string","title":"Generated At"},"report_period_days":{"type":"integer","title":"Report Period Days"},"workspace_id":{"type":"string","format":"uuid","title":"Workspace Id"},"audit_summary":{"additionalProperties":true,"type":"object","title":"Audit Summary"},"retention_policy":{"additionalProperties":true,"type":"object","title":"Retention Policy"},"encryption":{"additionalProperties":{"type":"boolean"},"type":"object","title":"Encryption"},"access_controls":{"additionalProperties":true,"type":"object","title":"Access Controls"},"api_key_summary":{"additionalProperties":{"type":"integer"},"type":"object","title":"Api Key Summary"},"compliance_status":{"type":"string","title":"Compliance Status"}},"type":"object","required":["generated_at","report_period_days","workspace_id","audit_summary","retention_policy","encryption","access_controls","api_key_summary","compliance_status"],"title":"HipaaReportResponse"},"HTTPValidationError":{"properties":{"detail":{"items":{"$ref":"#/components/schemas/ValidationError"},"type":"array","title":"Detail"}},"type":"object","title":"HTTPValidationError"},"ValidationError":{"properties":{"loc":{"items":{"anyOf":[{"type":"string"},{"type":"integer"}]},"type":"array","title":"Location"},"msg":{"type":"string","title":"Message"},"type":{"type":"string","title":"Error Type"},"input":{"title":"Input"},"ctx":{"type":"object","title":"Context"}},"type":"object","required":["loc","msg","type"],"title":"ValidationError"}}},"paths":{"/v1/{workspace_id}/compliance/hipaa":{"get":{"tags":["Compliance"],"summary":"HIPAA compliance evidence report","description":"HIPAA compliance evidence report.\n\nAggregates audit statistics, retention policy, encryption status,\nand API key summary for the specified period. Identity-specific\nfields (MFA, SSO, lockout) return null pending integration.\n\nPermissions: admin, owner.","operationId":"get-hipaa-report","parameters":[{"name":"workspace_id","in":"path","required":true,"schema":{"type":"string","format":"uuid","title":"Workspace Id"}},{"name":"report_period_days","in":"query","required":false,"schema":{"type":"integer","maximum":365,"minimum":1,"description":"Report period in days","default":90,"title":"Report Period Days"},"description":"Report period in days"}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HipaaReportResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}},"429":{"description":"Rate limited"}}}}}}
```

## Access review export

> Access review export for SOC2 attestation.\
> \
> Lists all API key credentials with role, status, and activity dates.\
> Download, review, and upload signed attestation for SOC2 compliance.\
> \
> Permissions: admin, owner.

```json
{"openapi":"3.1.0","info":{"title":"Platform API","version":"1.0.0"},"servers":[{"url":"https://api.platform.amigo.ai","description":"Production"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","description":"API key issued via `POST /v1/{workspace_id}/api-keys`. Pass the returned `api_key` value as a Bearer token."}},"schemas":{"AccessReviewResponse":{"properties":{"generated_at":{"type":"string","title":"Generated At"},"workspace_id":{"type":"string","format":"uuid","title":"Workspace Id"},"credentials":{"items":{"additionalProperties":true,"type":"object"},"type":"array","title":"Credentials"},"total_credentials":{"type":"integer","title":"Total Credentials"},"jwt_credentials_note":{"type":"string","title":"Jwt Credentials Note"}},"type":"object","required":["generated_at","workspace_id","credentials","total_credentials","jwt_credentials_note"],"title":"AccessReviewResponse"}}},"paths":{"/v1/{workspace_id}/compliance/access-review":{"get":{"tags":["Compliance"],"summary":"Access review export","description":"Access review export for SOC2 attestation.\n\nLists all API key credentials with role, status, and activity dates.\nDownload, review, and upload signed attestation for SOC2 compliance.\n\nPermissions: admin, owner.","operationId":"get-access-review","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AccessReviewResponse"}}}},"429":{"description":"Rate limited"}},"parameters":[{"name":"workspace_id","in":"path","required":true,"schema":{"type":"string","format":"uuid","title":"Workspace Id"}}]}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.amigo.ai/api-reference/readme/platform/compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.