Amlok Project
API ReferenceStable v1

API Overview

Core API conventions, object model, and environment information for AMLOK.

Last updated Mar 8, 2026

Base URL and Versioning

https://api.amlok.ca/v1

Core Characteristics

  1. REST over HTTPS
  2. JSON payloads
  3. OAuth 2.0 bearer authentication
  4. Webhook delivery for async state changes
  5. Cursor pagination and idempotency for mutation safety

Object Model

Funder -> Policy -> Agent
SMB -> Verification -> Deal Card -> Offer -> Funding -> Collections -> Audit Trail

ID Format

All primary objects use prefixed ULIDs such as smb_, dc_, fdr_, pol_, agt_, ofr_, fnd_, col_, ver_, and evt_.

Response Conventions

List endpoints support cursor pagination:

{
  "data": [],
  "has_more": true,
  "next_cursor": "dc_01HXK5V2N8PQRS3T4UV5WX6Y"
}

For POST requests, include an idempotency key:

X-Idempotency-Key: unique-request-id-xxxxxxxx

Environments

EnvironmentBase URLPurpose
Sandboxhttps://sandbox.api.amlok.ca/v1Testing and simulated providers
Staginghttps://staging.api.amlok.ca/v1Pre-production validation
Productionhttps://api.amlok.ca/v1Live capital deployment

Failure Model

Errors should remain machine-readable and operationally useful:

{
  "error": {
    "code": "signature_invalid",
    "message": "The request signature could not be verified.",
    "request_id": "req_01JZ4Y3H6M8R9Q"
  }
}