Quick Start
This guide takes you from zero to a cited, agent-generated answer in four steps:
- Get your API key
- Upload a document to your corpus
- Ask the expert (or run a workflow)
- Read the grounded result
All requests are authenticated with your Secberus API key, passed in the authorization header. The base URL is https://compliance.secberus.ai.
Prerequisites
- A Secberus AI account with an active subscription
- An API key (create one from your dashboard)
The Agents product uses the same API key as the Pipeline product. If you already have a key for
/v1/map, it works here too.
1. Verify your key
curl -H "authorization: YOUR_API_KEY" \
https://compliance.secberus.ai/v1/frameworks
A 200 response with a JSON list of frameworks confirms your key is valid. Note the framework id values (e.g. pci_dss_v4, iso_27001_2022) — you'll use them to scope agent requests.
2. Upload a document
Agents reason over a corpus of documents you upload. Add a policy document so the agents have something to analyze:
curl -X POST https://compliance.secberus.ai/v1/documents \
-H "authorization: YOUR_API_KEY" \
-F "file=@access-control-policy.pdf" \
-F "type=policy"
The response includes a document_id — keep it to reference this document in later requests:
{
"document_id": "doc_01h9z…",
"filename": "access-control-policy.pdf",
"type": "policy",
"file_type": "pdf",
"chunks": 42,
"uploaded_at": "2026-06-04T15:04:05Z"
}
See the Documents API for the full set of document types (policy, evidence, questionnaire, custom_framework) and fields.
3. Ask the expert
Send a question to the expert chat endpoint. The endpoint streams its answer back as Server-Sent Events:
curl -N -X POST https://compliance.secberus.ai/v1/expert \
-H "authorization: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"messages": [
{ "role": "user", "content": "Does my uploaded policy meet PCI DSS password requirements?" }
],
"frameworks": ["pci_dss_v4"],
"document_ids": ["doc_01h9z…"]
}'
The -N flag disables curl buffering so you see tokens stream in real time. The agent retrieves the relevant passages from your document and the PCI DSS control set, then answers with citations to specific control IDs.
4. Or run a workflow
For structured analysis, trigger a workflow by sending a slash command as your message. For example, to run a full per-control coverage report of your corpus against PCI DSS:
curl -N -X POST https://compliance.secberus.ai/v1/expert \
-H "authorization: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"messages": [
{ "role": "user", "content": "/policy-coverage --frameworks pci_dss_v4" }
]
}'
List the available commands any time with:
curl https://compliance.secberus.ai/v1/slash-commands
Next steps
- Expert Chat API — full request/response reference, multi-turn conversations, and SSE handling
- Workflows —
/policy-coverageand/policy-generatorin depth - Audit Readiness — assess evidence sufficiency before an audit
- Documents API — manage your corpus
- MCP Server — call agents from Claude Desktop, Cursor, or your own agents