Validation Baseline
Current release uses stratified simulation validation across workflow-specific cohorts and operating points.
- Calibrated probability outputs with confidence signals in every score response.
- Deterministic model versioning with per-request
model_versionvisibility. - Regime-aware denial routing with explicit
distribution_profilecontrols and response routing metadata. - Workflow-scoped details under
details.denial,details.prior_auth, anddetails.reimbursement. - Runtime lock checks for model artifacts, calibration snapshots, and threshold snapshots before API startup.
Governance Controls
- Drift monitoring and downgrade alerting with structured scoring telemetry.
- Support for explicit
model_versionpinning and fallback controls. - Readiness endpoint
/readyzfor dependency and startup health checks. - Metrics endpoint family:
/metrics(public Prometheus scrape) and/metrics.json(protected operator snapshot withmetrics:read). - Incident-first posture: if material degradation is detected, deployments roll back to known-good locked artifacts.
Latest Evidence Snapshot (2026-02-17 UTC)
- Local full 5-seed pack: denial
20/25, prior-auth20/20, reimbursement13/15, cross-model35/35. - Fly fast 5-seed pack: denial
20/25, prior-auth20/20, reimbursement11/15, cross-model30/35. - Fly dual-machine rerun held both API machines started through benchmark + simulation and produced overall p95 latency
529.02 ms. - Machine profile used in dual-machine rerun: API
2 x shared 4 vCPU / 4096 MB, DBshared 4 vCPU / 4096 MB, token serviceshared 2 vCPU / 1024 MB.
Security Overview
- API auth is enabled by default with bearer token enforcement.
- Token and API key issuance require admin-token protected flows.
- TLS is enforced at the Fly edge via HTTPS-only routing.
- Operational endpoints:
/health,/readyz, and/metricsare public;/metrics.jsonrequiresmetrics:read.
Reference
For API integration details and endpoint behavior: /portal/docs-home
For machine-readable schema: /openapi.json