Skip to main content

API Changelog

FieldValue
Document IDASCEND-REF-001
Version2026.04
Last UpdatedApril 2026
AuthorAscend Engineering Team
PublisherOW-KAI Technologies Inc.
ClassificationEnterprise Client Documentation
ComplianceSOC 2 CC6.1/CC6.2, PCI-DSS 7.1/8.3, HIPAA 164.312, NIST 800-53 AC-2/SI-4

Reading Time: 5 minutes | Skill Level: All Levels

Current Version

API Version: v1 Base URL: https://pilot.owkai.app/api/v1

note

This changelog documents breaking and non-breaking changes to the ASCEND API. Subscribe to the API changelog RSS feed or check this page before upgrading SDK versions.

Version History

v2.5.2 — April 28, 2026

Python SDK: ascend-ai-sdk 2.5.2

SDK Fix

  • AuthorizationDecision.risk_score type corrected from Optional[int] to Optional[float] to match the platform response (the API has always returned floats such as 51.0, 91.0).
  • Affects all code comparing or doing arithmetic on result.risk_score. Same correction applied to ActionDetails.risk_score, PolicyEvaluationResult.risk_score, AuthorizationError.risk_score, and AscendClient.evaluate_policy(risk_score=...).
  • Zero breaking changes — Python handles float/int comparison and arithmetic transparently.

Platform Fix (SEC-CONF-001)

  • The prompt-security analyzer now scans context.user_request and action_details["description"]. Pre-fix it scanned only the resource label (e.g. "email_composer"), so prompt-injection attacks routed through the canonical SDK fields silently scored zero findings.
  • The output filter now derives content from action_details["output"], action_details["response"], context.user_request, and action_details["description"] when the caller does not pass an explicit output_content field. Pre-fix every governed action returned output_scan_result="not_scanned".
  • Both fixes are transparent to SDK callers — no API change required.

Metrics Fix (METRICS-001)

  • decision_breakdown.denied on /api/authorization/metrics/approval-performance now returns the real org-scoped count of denied + rejected + denied_no_execution + auto_denied actions. Pre-fix it was hardcoded to 0.
  • decision_breakdown.approval_rate is now computed from the actual approve/deny ratio. Pre-fix it was assigned the SLA timing percentage (an unrelated metric).
  • The response now includes a live_metrics.database_actions block so the dashboard's Live Action Tracking panel renders.
  • ?status=denied and ?status=approved filters on /api/v1/actions now work. Pre-fix only ?status_filter= was honored — ?status= was silently ignored. Both forms are accepted, and the denied / approved / pending aliases map to all underlying status variants.

v2.5.1 — April 27, 2026

Python SDK: ascend-ai-sdk 2.5.1

SDK Changes

  • evaluate_action(): new optional kwargs model_id and mcp_server_name
  • AgentAction: new optional fields model_id and mcp_server_name
  • Both fields emitted at top-level of wire payload

Enforcement

  • model_id triggers G-P0-02 model registry compliance check. Non-compliant models → HTTP 403. SR-11-7 / EU AI Act Art. 9.
  • mcp_server_name triggers G-P0-01 Layer 13 MCP governance. Unregistered/deactivated servers → HTTP 403.

Response fields

  • model_governance.registry_checked
  • model_governance.compliance_status
  • mcp_governance.server_registered
  • supply_chain_findings (array, from BUG-29 pipeline stage 7.6)

v2.5.0 — April 2026

Python SDK: ascend-ai-sdk 2.5.0

SDK Changes

  • 25 new enterprise methods on AscendClient
  • 22 typed fields on AuthorizationDecision
  • cvss_score, cvss_severity, cvss_vector
  • mitre_tactic, mitre_technique
  • nist_control, nist_description
  • prompt_security analysis block
  • code_analysis block
  • model_governance block
  • mcp_governance block
  • supply_chain_findings array
  • Kill-switch polling: start_kill_switch_polling()
  • Policy evaluation: evaluate_policy()
  • Resource classification: get_resource_classification()
  • Audit log: query_audit_log()
  • Bulk evaluation: evaluate_actions()

Platform

  • MCP Layer 13 governance enforcement (G-P0-01)
  • Model registry enforcement (G-P0-02)
  • Supply chain CVE detection (Stage 7.6)
  • Orchestration risk scoring (Stage 7.7)
  • 20 unified-governance routes now support API key authentication (DOGFOOD-014)

v2.3.0 (April 2026) — SDK companion release

Python SDK: ascend-ai-sdk 2.3.0 Node SDK: stays at @ascend-ai/sdk 2.1.1 (parity planned for next release)

New REST endpoints

  • Kill-switch HTTP fallback (SEC-103)
    • GET /api/registry/agents/{agent_id}/commands — list pending + delivered commands for agent; includes org-broadcast commands
    • POST /api/registry/agents/{agent_id}/commands/{command_id}/ack — receipt-only acknowledge; fail-secure 403 on off-tenant / mismatched-agent
    • Auth: admin JWT or admin-role API key
    • Immutable audit events: AGENT_COMMAND_ACKNOWLEDGED, AGENT_COMMAND_ACK_REJECTED

Endpoint changes

  • POST /api/v1/actions/submit — now accepts three optional orchestration fields:
    • orchestration_session_id (string, ≤255)
    • parent_action_id (int, must belong to caller's org — otherwise HTTP 403 + ORCHESTRATION_FIELD_REJECTED)
    • orchestration_depth (int, 0..5 — otherwise HTTP 422)
    • Session-graft attempts produce HTTP 403 + ORCHESTRATION_GRAFT_ATTEMPT (CRITICAL audit)
  • POST /api/v1/supply-chain/components — auth relaxed from require_admin (JWT only) to require_admin_or_api_key (SEC-096 dual auth). Role gating unchanged — still admin-only.
  • PUT /api/registry/agents/{agent_id}model_id field now honored for linking an agent to a DeployedModel (FEAT-001B). Backend validates same-tenant + compliance status (approved or partially_approved).

MCP endpoint consolidation

  • Retired legacy /api/mcp-governance/* paths in documentation. Use:
    • POST /api/v1/mcp/actions/submit for MCP tool evaluation (FEAT-008 pipeline)
    • /api/registry/mcp-servers for MCP server registration
    • /api/v1/actions/{action_id}/approve|reject for MCP action approvals (unified with agent actions)

New SDK methods (Python 2.3.0)

  • AscendClient.evaluate_action(..., orchestration_session_id=, parent_action_id=, orchestration_depth=) — orchestration pass-through
  • AscendClient.link_model_to_agent(agent_id, model_id) — FEAT-001B
  • AscendClient.register_supply_chain_component(...) — FEAT-005
  • AscendClient.get_pending_commands(agent_id=None) — SEC-103 HTTP fallback
  • AscendClient.ack_command(command_id, agent_id=None) — SEC-103 receipt ack

Breaking changes

None. All additions are backwards-compatible.

Upgrade guide

pip install -U ascend-ai-sdk==2.3.0

No code changes required for existing callers. To adopt new capabilities, see the Python SDK 2.3.0 section.

v1.5.0 (December 2025)

New Features

  • MCP Governance - Full Model Context Protocol support (FEAT-008)

    • POST /api/registry/mcp-servers - Register MCP servers
    • POST /api/v1/mcp/actions/submit - Evaluate MCP tool calls through the dedicated pipeline
    • GET /api/registry/mcp-servers - List registered servers
    • PUT /api/registry/mcp-servers/{server_name} - Update server config (including kill-switch)

  • Data Rights API - GDPR/CCPA compliance

    • POST /api/data-rights/access/request - Access requests
    • POST /api/data-rights/erasure/request - Erasure requests
    • POST /api/data-rights/consent/record - Record consent
    • GET /api/data-rights/requests/{id} - Request status

  • BYOK (Bring Your Own Key) - Customer-managed encryption

    • POST /api/byok/configure - Configure BYOK
    • POST /api/byok/rotate - Rotate keys
    • GET /api/byok/status - Encryption status

Improvements

  • Reduced action submission latency by 30%
  • Enhanced risk assessment with new PII detection
  • Improved audit log query performance

Breaking Changes

None

v1.4.0 (November 2025)

New Features

  • Agent Health Monitoring

    • POST /api/agents/{id}/heartbeat - Send heartbeat
    • GET /api/agents/{id}/health - Health status
    • Automatic health degradation detection

  • Notification Channels

    • POST /api/notifications/channels - Create channel
    • POST /api/notifications/channels/{id}/test - Test delivery
    • Slack and Teams support

  • Smart Alerts

    • GET /api/alerts/active - Active alerts
    • POST /api/alerts/{id}/acknowledge - Acknowledge
    • WebSocket streaming: ws://pilot.owkai.app/api/alerts/stream

Improvements

  • Added processing_time_ms to action responses
  • Enhanced webhook retry logic (exponential backoff)
  • Improved error messages with resolution hints

Deprecations

  • GET /api/agents/status → Use GET /api/agents/{id}/health

v1.3.0 (October 2025)

New Features

  • Compliance Export

    • POST /api/compliance-export/exports - Generate reports
    • GET /api/compliance-export/exports/{id} - Download
    • SOC 2, HIPAA, PCI-DSS templates

  • Bulk Operations

    • POST /api/v1/actions/bulk - Submit multiple actions
    • POST /api/governance/bulk-decision - Bulk approve/deny

  • Analytics Enhancements

    • GET /api/analytics/risk-trends - Risk score trends
    • GET /api/analytics/agent-performance - Agent metrics

Improvements

  • Increased rate limits for Enterprise tier
  • Added correlation_id support for request tracing
  • Enhanced audit log filtering

v1.2.0 (September 2025)

New Features

  • SSO Support

    • SAML 2.0 integration
    • OIDC support
    • JIT user provisioning

  • Multi-Tenant Isolation

    • Row-Level Security enabled
    • Per-tenant encryption keys
    • Organization-scoped API keys

Improvements

  • Reduced P99 latency to 250ms
  • Enhanced smart rule condition operators
  • Improved documentation

v1.1.0 (August 2025)

New Features

  • Smart Rules Engine

    • POST /api/smart-rules - Create rules
    • Conditional logic support
    • Priority-based evaluation

  • Agent Kill Switch

    • POST /api/agents/{id}/kill - Emergency stop
    • POST /api/agents/{id}/reactivate - Resume

  • Webhook System

    • POST /api/webhooks - Create webhook
    • HMAC signature verification
    • Retry with exponential backoff

Improvements

  • Added metadata field to actions
  • Enhanced error responses
  • Improved rate limit headers

v1.0.0 (July 2025)

Initial Release

  • Actions API

    • POST /api/v1/actions - Submit action
    • GET /api/v1/actions/{id} - Get action
    • POST /api/v1/actions/{id}/approve - Approve
    • POST /api/v1/actions/{id}/deny - Deny

  • Agents API

    • POST /api/agents/register - Register agent
    • GET /api/agents - List agents
    • GET /api/agents/{id} - Get agent

  • Authentication

    • API key authentication
    • JWT token authentication
    • MFA support

  • Risk Assessment

    • Automatic risk scoring
    • Configurable thresholds
    • Risk factor breakdown

Deprecation Policy

  • Notice Period: 6 months minimum
  • Migration Support: Documentation and examples provided
  • Sunset Process:
    1. Deprecation announcement
    2. Warning headers added
    3. Rate limiting on deprecated endpoints
    4. Endpoint removal

Versioning Strategy

ASCEND follows semantic versioning:

  • Major (vX.0.0): Breaking changes
  • Minor (v1.X.0): New features, backwards compatible
  • Patch (v1.0.X): Bug fixes

API Stability

Endpoint CategoryStability
/api/v1/actionsStable
/api/agentsStable
/api/smart-rulesStable
/api/mcpBeta
/api/data-rightsBeta

Migration Guides

Subscribe to Updates

# Get API changelog via webhook
curl -X POST "https://pilot.owkai.app/api/webhooks" \
  -H "Authorization: Bearer <admin_jwt>" \
  -d '{
    "url": "https://your-endpoint.com/webhook",
    "events": ["api.changelog"]
  }'

Document Version: 2026.04 | Last Updated: April 2026