Skip to main content
MeshQu is not yet publicly available. The API and SDK are in early access. To request access, contact [email protected].
Audience: These docs are for engineers integrating MeshQu, and for security, risk, and audit teams validating its behaviour. MeshQu provides governance infrastructure for automated and AI-assisted decisions that must follow explicit policy. Integrate MeshQu into your application to evaluate transactions, operations, or events against configurable policies and receive structured decisions.
Mental model: MeshQu sits at the decision boundary. You send context, it returns a governed verdict and a verifiable receipt. You own enforcement.

Why MeshQu exists

Modern systems increasingly make automated or AI-assisted decisions, but cannot prove that those decisions followed policy at the moment they mattered. Logs show what happened. They do not prove what should have happened. MeshQu exists to make decisions governable, replayable, and independently verifiable — at the decision boundary. Key concepts: Decision context · Policy · Decision · Alert

What MeshQu does

You send a decision context (the data describing what is about to happen). MeshQu evaluates it against your active policies and returns a decision: ALLOW, REVIEW, DENY, or ALERT, along with any violations. Your application decides what to do with the decision. MeshQu does not block or allow anything on its own — it provides the verdict and your code acts on it.
If you remember one thing: MeshQu is called at the decision boundary, not after. 
curl -X POST https://api.meshqu.com/v1/decisions/evaluate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "X-MeshQu-Tenant-Id: YOUR_TENANT_ID" \
  -H "Content-Type: application/json" \
  -d '{
    "context": {
      "decision_type": "trade_execution",
      "fields": { "account_id": "ACC-001", "instrument": "AAPL", "quantity": 100 }
    }
  }'

{
  "result": {
    "decision": "ALLOW",
    "violations": [],
    "rules_evaluated": 3
  }
}
Evaluate vs Recordevaluate is fast, stateless, nothing stored. record persists the result for audit. Most production systems use evaluate on the hot path and record for compliance-critical actions. See Evaluate vs Record.

What happens after you integrate

  1. Your system calls MeshQu before or after the decision boundary — the moment an outcome becomes irreversible.
  2. MeshQu evaluates the context against your active policies and returns a verdict and a cryptographic receipt.
  3. Your code decides how to act — proceed, queue for review, or block.
  4. Auditors can independently replay and verify any recorded decision later.

Key capabilities

CapabilityDescription
Policy evaluationEvaluate a context against one or many policies in a single call.
Decision recordingPersist evaluation results for audit and compliance.
Idempotent recordingSupply an idempotency_key to safely retry without duplicate records.
Alert webhooksReceive real-time notifications when alerts are raised.
Multi-tenantEvery request is scoped to a tenant via the X-MeshQu-Tenant-Id header.
Scoped API keysFine-grained access control with per-key scopes.

Base URLs

EnvironmentURL
Productionhttps://api.meshqu.com
Staginghttps://api-staging.meshqu.com
Local devhttp://localhost:3010
All endpoints are prefixed with /v1.

OpenAPI

A machine-readable OpenAPI 3.0 spec is available at: 
GET /openapi.json
Interactive Swagger UI is available at /docs when enabled.