Log inStart free
🛡️ AI Actions · safe by design

Let AI run real operations. Without the risk.

Action contracts let your AI execute approved backend operations — refund an invoice, suspend a license, route a ticket — without ever touching your raw database. Every call signed, every operation gated by role, every write requiring explicit confirmation.

Try free See pricing
0off-policy operations possible
100%of writes audited & reversible
HMACsigned every call
Per-rolegated & confirmation-policied
How it works

The AI cannot invent calls. It can only run yours.

An action is a registered, signed, role-checked, audited contract — never raw database access.

📜 Action registry

You declare what AI is allowed to do.

Each action is a JSON contract: name, parameters, scope, allowed roles, confirmation policy, endpoint URL. Drop it in actions.json, OpsIQ reads it, the AI now knows it exists. No code change needed in the AI itself.

🔐 HMAC-signed

Endpoints verify every call.

Your backend uses HMAC-SHA256 over the raw body to prove the call really came from OpsIQ. Replay protection via timestamp.

✋ Confirmation policy

Risky? Always confirm.

Per-action policy: never / once-per-session / always. Confirmation cards show the exact preview before execution.

🧾 Audit history

Who, what, when, what result.

Every action attempt and execution stored: actor, role, params, response, duration, IP.

🎭 Surface scoping

Admin-only, customer-safe, write-only.

Action surfaces let the same registry serve admin AI, client AI and writing AI without overlap.

🌍 Universal

Works with any backend that speaks JSON.

WHMCS, custom SaaS, WordPress, your internal portal, your ERP. The pattern is platform-neutral.

From intent to safe call

Plain English in. Audited operation out.

When an admin says "refund Adam's last invoice", the AI matches the intent against the registered action contracts, finds saas.refund_invoice, fills the parameters from your live data, returns a confirmation card. Admin clicks confirm. OpsIQ POSTs the signed action to your endpoint. AI History captures every step.

Intent matchingParam fillingRole checkConfirmationSigned POSTAudit row
Step 1intent matched to action contract
Step 2params resolved from live context
Step 3role + confirmation policy checked
Step 4admin confirms
Step 5HMAC POST to endpoint
Step 6response logged in AI History
Connector-driven

Each connector ships its own actions.

The WHMCS connector ships WHMCS-specific actions. The Stripe connector ships Stripe-specific actions. The opsiq_saas connector ships SaaS-specific actions. You enable the connectors you use, the actions appear automatically — your AI now knows how to talk to the platforms you actually run.

Per-connectorAuto-discoveredToggleableVersioned
Whereconnectors//actions.json
Discoveryautomatic on enable
Overrideper-workspace settings
Testsandbox endpoint per action
Common questions

Everything teams ask before they sign up.

Can the AI bypass the confirmation card?

No. Confirmation policy is enforced server-side. The AI cannot fake a confirmed=true flag — the action runner ignores AI-supplied confirmed values for actions whose policy requires human approval.

What if my endpoint returns an error?

OpsIQ shows the error in the audit log and surfaces it back to the admin. The action is not retried automatically for non-idempotent operations.

Can I write actions in any language?

The action contract is JSON. The endpoint can be in any language that handles HTTP and HMAC. PHP, Node, Python, Go, Rust — all fine.

AI Actions

Give the AI safe access to your backend.

Define your first action contract in 10 minutes. Read the developer docs for the schema.

Start free Book a demo