Submit a verdict for a case

curl --request POST \ --url https://eris.devops.truu.ai/api/v1/external/cases/{case_id}/verdict \ --header 'Content-Type: application/json' \ --header 'X-API-Key: <api-key>' \ --data ' { "outcome": "<string>", "comment": "<string>", "event_ids": [ "3c90c3cc-0d44-4b50-8888-8dd25736052a" ] } '

Authorizations

X-API-Key

string

header

required

Domain-scoped API key. Generate and manage keys from the API Keys page in Settings.

Accepted in two forms:

X-API-Key: <key> header (preferred)
Authorization: Bearer <key> header (also accepted)

Path Parameters

case_id

string<uuid>

required

Body

application/json

outcome

string

required

What happened to the case. One label, no ambiguity:

SAFE — Benign, no threat (enforcement Mark Safe; not triage swipe)
TRUE_POSITIVE — Confirmed threat, actioned
FALSE_POSITIVE — Incorrectly flagged (same enforcement Mark Safe as SAFE)
DUPLICATE — Already handled under another case
ESCALATED — Passed to investigation or SOC tier

comment

string

Maximum string length: 2000

event_ids

string<uuid>[]

Optional event IDs supporting this verdict

Maximum array length: 200

Response

Verdict accepted and applied

success

boolean

required

case_id

string<uuid>

required

outcome

string

required

What happened to the case. One label, no ambiguity:

SAFE — Benign, no threat (enforcement Mark Safe; not triage swipe)
TRUE_POSITIVE — Confirmed threat, actioned
FALSE_POSITIVE — Incorrectly flagged (same enforcement Mark Safe as SAFE)
DUPLICATE — Already handled under another case
ESCALATED — Passed to investigation or SOC tier

resolved

boolean

required

processed_at

string<date-time>

required

Documentation

Cases

Users

Personas

Threats

Drift

Integrations

Submit a verdict for a case

Authorizations

Path Parameters

Body

Response

Documentation

Cases

Users

Personas

Threats

Drift

Integrations

Documentation Index

Authorizations

Path Parameters

Body

Response