Skip to main content
POST
/
cases
/
{case_id}
/
verdict
Submit a verdict for a case
curl --request POST \
  --url https://api.truu.ai/api/v1/external/cases/{case_id}/verdict \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "outcome": "SAFE",
  "comment": "<string>",
  "event_ids": [
    "3c90c3cc-0d44-4b50-8888-8dd25736052a"
  ]
}
'
{
  "success": true,
  "case_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "outcome": "SAFE",
  "resolved": true,
  "processed_at": "2023-11-07T05:31:56Z",
  "verdict_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}

Authorizations

X-API-Key
string
header
required

Domain-scoped API key. Generate and manage keys from the API Keys page in Settings. Pass via the X-API-Key header.

Path Parameters

case_id
string<uuid>
required

Body

application/json
outcome
enum<string>
required

What happened to the case. One label, no ambiguity:

  • SAFE — Benign, no threat
  • TRUE_POSITIVE — Confirmed threat, actioned
  • FALSE_POSITIVE — Incorrectly flagged
  • DUPLICATE — Already handled under another case
  • ESCALATED — Passed to investigation or SOC tier
Available options:
SAFE,
TRUE_POSITIVE,
FALSE_POSITIVE,
DUPLICATE,
ESCALATED
comment
string
Maximum string length: 2000
event_ids
string<uuid>[]

Optional event IDs supporting this verdict

Maximum array length: 200

Response

Verdict accepted and applied

success
boolean
required
case_id
string<uuid>
required
outcome
enum<string>
required

What happened to the case. One label, no ambiguity:

  • SAFE — Benign, no threat
  • TRUE_POSITIVE — Confirmed threat, actioned
  • FALSE_POSITIVE — Incorrectly flagged
  • DUPLICATE — Already handled under another case
  • ESCALATED — Passed to investigation or SOC tier
Available options:
SAFE,
TRUE_POSITIVE,
FALSE_POSITIVE,
DUPLICATE,
ESCALATED
resolved
boolean
required
processed_at
string<date-time>
required
verdict_id
string<uuid> | null

ID of the case version created by this verdict, if available