API Documentation
Integrate the Student Protection Readiness Check into your application, AI agent, or automation workflow.
All API requests require authentication using a Bearer token in theAuthorization header.
Authorization: Bearer YOUR_API_KEY
Obtaining Your API Key
API keys are issued securely and are never displayed publicly. Contact the administrator at [email protected] to request an API key.
🔐 Keys are delivered via secure channel only
🔄 Use POST /api/keys/rotate to rotate your key anytime
📋 Use GET /api/keys/info to check your key status
API keys can be rotated at any time to maintain security. When you rotate, the old key is immediately invalidated and a new key is generated. You can optionally set an expiration date on the new key.
How Rotation Works
POST /api/keys/rotateexpires_in_days for auto-expirationRotate via cURL
curl -X POST https://sprchecklist.abacusai.app/api/keys/rotate \\
-H "Content-Type: application/json" \\
-H "Authorization: Bearer YOUR_API_KEY" \\
-d '{"expires_in_days": 90}'Check Key Status
curl https://sprchecklist.abacusai.app/api/keys/info \\ -H "Authorization: Bearer YOUR_API_KEY"
Check Your Key Status
Enter your API key to check its status, expiration, and last usage.
Rotate Your Key
Warning: Rotating your key immediately invalidates the old one. All systems using the old key will lose access.
Never Expose in Client Code
API keys must only be used in server-side code (backend, serverless functions). Never embed keys in JavaScript bundles, mobile apps, or browser-visible code.
Rotate Keys Regularly
Rotate your API key every 60–90 days. Set an expiration when rotating so keys auto-expire if forgotten.
Use Environment Variables
Store your API key in environment variables (e.g., .env files, secret managers). Never commit keys to git repositories.
Monitor Key Usage
Use GET /api/keys/info to check your key's last usage and expiration status. Rotate immediately if you suspect a compromise.
Revoke Compromised Keys
If a key is exposed, rotate it immediately. The old key is invalidated instantly — no grace period, no overlap.
Use HTTPS Only
All API requests must use HTTPS. Never send API keys over unencrypted HTTP connections.
🛡️ If You Suspect Exposure
- Immediately rotate the key via
POST /api/keys/rotate - Update all integrations with the new key
- Review access logs for any unauthorized usage
- Consider setting a shorter expiration (30 days) on the new key
/api/student-protection-checkEvaluates a parent's readiness to recognize and respond to student safety concerns. Accepts answers to 12 questions across 5 categories and returns a normalized score, classification, top protection gaps, and interpretation.
Question Categories & IDs
Each answer is an integer: 1 (lowest readiness) to 4 (highest readiness).
Score Bands
Code Examples
curl -X POST https://sprchecklist.abacusai.app/api/student-protection-check \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d '{"answers":{"q1":2,"q2":3,"q3":1,"q4":2,"q5":3,"q6":2,"q7":1,"q8":2,"q9":1,"q10":2,"q11":3,"q12":2}}'Try It (Sample Request)
Send a sample request with placeholder answers to see the response format. Note: this requires a valid API key.
Response Schema
scoreintegerNormalized readiness score (0–100)score_bandstringClassification: "Elevated Vulnerability", "Protection Gaps Present", "Moderate Readiness", or "Stronger Readiness"top_gapsstring[]Top 3 protection gap areas identifiedinterpretationstringHuman-readable interpretation of the scorerecommendationstringSuggested next stepcategory_scoresobject[]Per-category averages (category name + average score)cta_urlstringLink to the Safety Over Silence platformThe MCP (Model Context Protocol) server enables AI agents (ChatGPT, Claude, custom agents) to discover and invoke the Student Protection Readiness Check as a callable tool. It uses the JSON-RPC 2.0 protocol.
MCP Server Details
safety-over-silence-mcphttps://sprchecklist.abacusai.app/api/mcpstudent_protection_readiness_checkSupported Methods
initializeReturns server capabilities and infotools/listReturns the list of available tools with input schemastools/callInvokes a tool with provided arguments and returns resultsExample: Call Tool via MCP
curl -X POST https://sprchecklist.abacusai.app/api/mcp \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d '{
"jsonrpc": "2.0",
"method": "tools/call",
"params": {
"name": "student_protection_readiness_check",
"arguments": {
"answers": {
"q1": 2, "q2": 3, "q3": 1, "q4": 2, "q5": 3,
"q6": 2, "q7": 1, "q8": 2, "q9": 1, "q10": 2,
"q11": 3, "q12": 2
}
}
},
"id": 1
}'Discover MCP Server
Fetch the MCP server info and available tools (no auth required for discovery GET).
The full OpenAPI 3.0.3 specification is available as a machine-readable JSON document. Use it to generate client libraries, import into Postman, or connect with API platforms.
Spec URL
https://sprchecklist.abacusai.app/api/openapi.jsonQuick Import
Import the OpenAPI spec into tools like Postman, Insomnia, or any OpenAPI-compatible platform using the URL above. Client libraries can be auto-generated usingOpenAPI Generator.
Integration Use Cases
AI Agent Integration
ChatGPT, Claude, or custom agents can call the MCP endpoint to evaluate parent readiness scenarios as part of conversation flows.
CRM Automation
Connect via Zapier, Make, or direct webhook to automatically score leads and trigger follow-up workflows in GoHighLevel.
Voice AI
Voice assistants can ask the 12 questions conversationally and submit answers to get instant readiness scores.
Multi-DSA Ecosystem
Plug this API into future TBFA decision support applications for a unified agent ecosystem.