Solutions · Developer AI orchestration

Agents managed as code: audited by default

API-first orchestration: define workflows, agents, and policies as versionable objects, move them from development through staging to production in controlled promotions: and every call and decision lands in the audit trail automatically, with no logging line for you to write.

Start free Request an enterprise demo

The API

Everything the canvas does, the code does

Three snapshots of the orchestration API: create a workflow, define an agent policy, promote across environments.

# Create a governed support workflow: dev environment
$ curl -X POST https://api.novasyc.com/v1/workflows \
    -H "Authorization: Bearer $NOVA_TOKEN" \
    -d '{
      "name": "support-refund-flow",
      "env": "dev",
      "trigger": "whatsapp.message",
      "steps": ["intent.detect", "agent.support", "approval.gate", "erp.refund"]
    }'
✓ workflow created · id: wf_support_7f3a · audit: enabled

# Agent policy: explicit, versionable permissions
agent: support-agent
version: 12
permissions:
  read:  [orders, customers.contact]
  write: [tickets]
  deny:  [payments.execute]
approval:
  required_for: [refunds > 500 SAR]
  approver: role:support-lead
audit: always

// Promote the workflow from staging to production
import { nova } from "@novasyc/sdk";

const run = await nova.workflows.promote("wf_support_7f3a", {
  from: "staging",
  to: "prod",
  strategy: "gradual", // gradual rollout, observed
});
console.log(run.audit_ref); // every promotion leaves a trace

Illustrative examples of the API's shape and style: full documentation is available to platform customers from the dashboard.

Environments & promotion

Dev to production: a controlled promotion

No more “editing straight on production.”

Isolated environments across the agent lifecycle: test the workflow on sample data in development, show it to stakeholders in staging, then promote it to production with a documented decision and a gradual rollout: every promotion carries who approved it and when, in the audit trail.

Isolated environments

Test data never touches production: and vice versa.

Gradual rollout

Promote to a limited slice and watch its behavior before going wide.

Promotion as a documented decision

Every environment transition carries its approver, time, and reference.

Promotion path: support agent

DevelopmentTests on sample data: completed

Done

StagingStakeholder review and policy checks

Active

ProductionGradual rollout under live observation

Audit by default

An audit trail that needs no enabling

Logging is platform behavior: not developer discipline.

Every API call, every agent decision, every environment promotion: lands in the audit trail automatically with the executor's identity and the run reference. No logging library to add, no “forgot to log”: when security or compliance asks for a complete trace of a run, you export it in one request.

Audit trail: development workspaceLive

Latest recorded events

Service key ci-deploy

Created version 12 of the support-agent policy

evt_a91f1 min ago

Support agent

Requested an above-limit refund: escalated for approval

evt_77c28 min ago

Support team lead

Approved the workflow's promotion to production

evt_3b08yesterday

Review-ready bundles

Full run trace: wf_support_7f3a

Calls, decisions, and approvals for a single run

Export

Policy change log: 30 days

Every policy version: who changed it and when

Export

Good architecture makes the right thing easier than the wrong thing: so we made auditing a default behavior, not an option.

An engineering principle from NOVA's philosophy

FAQ

What developers ask first

Yes: the visual canvas and the API are two faces of one model: workflows, agents, and policies are objects you create and modify in code, and whatever you build through the API shows up on the canvas and vice versa. The full API is available from the Professional plan: see pricing.

Every API key is created with a defined permission scope and can be revoked at any time from the dashboard; system credentials are stored encrypted at rest (AES-256) and never printed in logs. In private-cloud (VPC) deployments, secrets stay inside your infrastructure, managed by your own tooling.

Workflows and policies are versionable objects managed as code, so they enter your repository and your pipeline like any other component: review the change the way you review any merge request, then promote it through the API as a step in your CI: and every promotion leaves an audit reference.

Failure is a recorded event, not silence: the failed run appears in the observability view with its step and cause, your retry or human-handover policies kick in: and the full trace of the attempt stays in the audit trail for diagnosis.

Go deeper

Build in code: governance comes with it.

Start free and try the API yourself, or request an enterprise demo where we walk through environments and policies on your own use case.

Request an enterprise demo Start free

Agents managed as code: audited by default

Everything the canvas does, the code does

Dev to production: a controlled promotion

DevelopmentTests on sample data: completed

StagingStakeholder review and policy checks

ProductionGradual rollout under live observation

An audit trail that needs no enabling

What developers ask first

Build on the same platform

Integrations & API

The security model

Workflow orchestration

Build in code: governance comes with it.