Skip to main content
API Philosophy

Seven principles.
One system of record.

The Factify API is built around core principles that ensure documents remain trustworthy, governable, and actionable. Each principle unlocks specific capabilities through dedicated resources.

01

Governance & Identity

Identity and boundaries are explicit.

You can always tell who a request acts for, where it belongs (org/space), and how it was authenticated—without guessing.

Tenancy is never inferred—resources and access checks are always scoped to an organization or space
Humans and machines are managed separately via service-accounts
Identity lifecycle is fully traceable with auditable artifacts
02

Document System of Record

Every document has one canonical ID, and every meaningful change becomes a new immutable version.

Version creation is explicit—you can tell whether a change produced a new version, a draft update, or a derived artifact. Historical state is always referenceable.

Fetch any historical state by version ID without “latest” semantics
External systems attach via aliases—no parallel document forks
Compare versions deterministically across time
Key Resources
03

Permissions & Access

You can predict access outcomes before you ship, and denied requests return actionable reasons.

Sharing is a first-class artifact. Time-bounded access is represented as explicit grants, not ad-hoc side effects. Policy changes can be dry-run before binding.

policy-simulations show impact before you bind a policy
Every decision is recordable as immutable policy-decisions
Access grants are time-bounded and reversible
Key Resources
04

Trust & Compliance

When you need to prove what happened, export evidence that stands on its own—cryptographically and procedurally.

Signatures bind to immutable versions. Audits produce append-only evidence. Compliance constraints are explicit resources, not tribal knowledge.

Signatures always bind to a specific document-version
Critical actions produce queryable verification-events
Retention, legal holds, and disposition are explicit resources
05

Interaction & Distribution

Distribute governed documents across any channel without losing policy enforcement or auditability.

Sharing produces inspectable objects, not hidden side effects. Rendering is reproducible. Collaboration signals bind to stable content references that survive re-renders.

share-links and entry flows are explicit, inspectable artifacts
Exports are version-bound—same inputs produce same outputs
Comments and annotations survive document updates
Key Resources
06

Document Lifecycle

Lifecycle is explicit state—model, execute, and audit document processes as first-class resources.

Workflow steps, approvals, and transitions are queryable objects with actors and timestamps. Automation behaves predictably and emits integrable events.

Every workflow step is traceable with actor and timestamp
Triggers and bulk operations emit predictable events
Lifecycle changes respect governance, audit, and retention
07

Data, Search & AI

Turn documents into machine-usable knowledge without breaking governance.

Retrieval, analytics, and AI respect policy boundaries and remain explainable. Search never overexposes. Extracted meaning links back to source spans.

Queries return only what the caller is allowed to see
Entities and classifications link to source spans for explainability
AI operations are governed and auditable like any other action

Ready to build?

Start with our guides to see these principles in action.