Observe first
Run mode=SHADOW to collect governed outcomes while the downstream application still follows its existing execution path.
Loading…
API documentation
Shadow Reports
Shadow Reports aggregate observe-only Decionis decisions before enforcement is activated. They show would-block, would-escalate, policy drift, near misses, and candidate enforcement paths from protocol evaluation records.
Purpose
Use shadow evidence to decide whether a workflow is ready for controlled enforcement.
Find boundaries
Near misses and policy drift show where Decionis would have stopped, escalated, or requested review.
Promote deliberately
Candidate enforcement paths identify workflows with enough traffic and low enough non-allow rates to consider enforcement.
Routes
Read reports for workspace display or export them as hashable evidence.
GET
/v1/protocol/shadow-reports?org_id=<org_uuid>&days=30&limit=50API keyAggregate shadow decisions into summary cards, candidate paths, near misses, and recent evaluations.
curl "https://api.decionis.com/v1/protocol/shadow-reports?org_id=11111111-1111-4111-8111-111111111111&days=30&limit=50" \
-H "Authorization: Bearer dcy_org_xxx"POST
/v1/protocol/shadow-reports/exportAPI keyReturn a JSON export artifact with artifact_sha256 for enforcement-readiness review.
Cards
Cards are compact proof units suitable for workspace dashboards and review meetings.
| Card | Meaning |
|---|---|
| would_block | Count of shadow decisions that would have stopped execution. |
| would_escalate | Count of shadow decisions that would have handed off for review. |
| policy_drift | Count of cases where shadow posture diverged from expected policy. |
| near_misses | Approved decisions near the policy boundary or confidence boundary. |
| candidate_enforcement_paths | Workflow paths with enough clean traffic to consider enforcement. |
Export
Exports keep the report body and hash together for audit trails and rollout signoff.
{
"service": "decionis",
"generated_at": "2026-05-05T10:00:00.000Z",
"artifact_sha256": "94fb...",
"artifact": {
"artifact_type": "decionis.protocol.shadow_report.export",
"version": "1.0",
"window_days": 30,
"report": {
"summary": {
"shadow_evaluations": 120,
"would_block": 4,
"would_escalate": 12,
"candidate_enforcement_path_count": 2
}
}
}
}Rollout use
Shadow reports should inform enforcement readiness, not replace policy review.
Promotion requires operator acceptance
Use /docs/policy-snapshot and /docs/reason-codes to review what Decionis was evaluating, then use /docs/execution-map to understand how enforcement artifacts will appear after promotion.