API Usage Policy

Rate limits, scopes, authentication, prohibited automation and developer responsibilities.

Version 1.0.0Effective May 30, 2026Last reviewed May 30, 2026
Plain-English summary. The HookPilot API gives you programmatic access to Caption Studio, AI Music Video, Agents, and workspace data. Authenticate with OAuth or API keys. Respect rate limits, scopes, and the AUP. Don't scrape, don't abuse, and don't use the API to bypass HookPilot's hallucination self-check or veto authority.

1. Scope

This policy governs use of any HookPilot Caption Studio LLC public API — REST, GraphQL, webhook, streaming, and the agent-orchestration SDK. It is part of the Terms of Service and incorporates the Acceptable Use Policy.

2. Authentication

  • API keys — server-side only. Never embed in mobile or browser apps.
  • OAuth 2.0 with PKCE for end-user-delegated access.
  • mTLS available for Enterprise integrations.
  • All requests must be over TLS 1.2+; HTTP requests are refused.

3. Scopes

API keys are issued with explicit scopes (e.g., caption:write, video:render, agent:run, workspace:admin). Request the narrowest scope your integration needs. Scopes can be reduced from the developer dashboard at any time.

4. Rate Limits

Rate limits are tiered by plan and surfaced in response headers (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset). Exceeding the limit returns HTTP 429; respect the Retry-After header. Sustained abuse triggers automatic throttling by the HookPilot Internal Security (-HPS) Guard role. Enterprise plans can request higher limits via support@hookpilot.co.

5. Webhooks

HookPilot signs webhook payloads with HMAC-SHA256 over a shared secret. Verify the signature before acting. Webhooks retry on 5xx and on timeouts with exponential backoff for up to 24 hours. Disable webhooks you no longer use; persistent failures may be auto-disabled with notice.

6. Prohibited API Behavior

  • No credential sharing across organisations.
  • No reverse-engineering, scraping, or screen-scraping authenticated surfaces.
  • No probing for vulnerabilities outside the responsible-disclosure process.
  • No use of the API to build a substantially similar competing product or to train a competing AI model on HookPilot output.
  • No automation of activities prohibited by the AUP (mass spam, manipulation, impersonation).

7. AI Safety

The API exposes the same governance layer as the product UI. You may not use API parameters, prompt overrides, or developer modes to bypass: hallucination self-check, veto authority, framework constraints, or the human-in-the-loop attestation prompts (see AI Disclosure and AI Governance). High-risk endpoints expose review-queue identifiers your integration must surface to the human reviewer.

8. Versioning & Deprecation

API versions follow a YYYY-MM-DD date scheme passed in the HookPilot-Version header (default: latest stable). Breaking changes ship under a new version; the prior version remains supported for at least 12 months. Deprecation is announced in the changelog and via the developer email list. Removing an endpoint requires a deprecation period; emergency security removals can be faster but are explained after the fact.

9. Status & Incidents

API uptime is part of the SLA. Real-time status lives at status.hookpilot.co. During incidents the API may shed load by category (lower priority endpoints first) to keep Tier 1 surfaces available.

10. Contact

API support: support@hookpilot.co. Security disclosures: security@hookpilot.co.