https://builder.flowyte.com/api/v1.
Authenticate with
Authorization: Bearer flowyte_sk_…. Both endpoints below are replace (PUT) — send the full list each time.- A verifier skill that checks the caller’s answers against your system of record.
- A caller-verification config that ties a verification method to that verifier.
- A guardrail plus per-skill flags that block disclosure until the caller is verified.
What you’ll use
| Action | Endpoint | Scope |
|---|---|---|
| Create the verifier skill | POST /agents/{id}/skills | skills:write |
| Read / replace verification config | GET · PUT /agents/{id}/caller-verification | guardrails:read · guardrails:write |
| Read / replace guardrail policies | GET · PUT /agents/{id}/guardrails | guardrails:read · guardrails:write |
| Gate a disclosure skill | PATCH /agents/{id}/skills/{id} | skills:write |
Verification methods
method | The caller proves identity with |
|---|---|
dob_postcode | date of birth + postcode |
account_pin | an account PIN |
otp_sms | a one-time code sent by text |
knowledge_based | answers only the account holder would know |
otp_sms sends a text, which requires per-organization 10DLC brand and campaign registration
before sends are allowed.Create the verifier skill
The verifier is a skill (commonly
db_query or http_webhook) that takes the caller’s claimed
identity plus a secret and returns whether they match. Capture its id — you’ll reference it
as verifierSkillId.Wire the verification config
Tie a method to the verifier.
tokenTtlSeconds controls how long a verification stays valid
on the call; maxAttempts caps retries; stepUpFor names actions that demand a re-check even
after basic verification.