1. Introduction
Welcome to the Cognify API Agreement. This agreement governs your access to and use of the Cognify Application Programming Interface (the "API"), which enables programmatic interaction with our Cognitive Task Analysis platform. The API allows developers and organizations to retrieve, process, and integrate knowledge artifacts—including Gold Standard Protocols, Guided Experiential Learning (GEL) Lesson Plans, and Process Flowcharts—into their own systems and workflows.
By accessing or making calls to the API, you agree to be bound by this Agreement in addition to our Terms of Service and Privacy Policy. If you are using the API on behalf of an organization, you represent that you have the authority to bind that entity to these terms.
2. API Definitions
- "API" The RESTful interface provided by Cognify for programmatic access to the CTA platform, including endpoints for topic management, conversation retrieval, artifact generation, and report access.
- "API Key" A unique credential issued to authorized developers for authenticating requests to the API. Keys are scoped to specific topics and user accounts.
- "Artifacts" Structured outputs generated by the CTA engine, including Gold Standard Protocols, GEL Lesson Plans, Process Flowcharts, and aggregated expert conversation summaries.
- "Topic" A discrete knowledge domain within Cognify, containing one or more guided AI conversations with Subject Matter Experts (SMEs) and the resulting aggregated analysis.
- "SME Session" An individual guided conversation between an invited Subject Matter Expert and the Cognify AI chat, capturing detailed process knowledge, decision points, and procedural nuances.
- "Aggregated Response" The consolidated output produced by Cognify from multiple SME sessions within a single topic, synthesizing expert knowledge into a cohesive knowledge base.
3. Authentication & Access
All API requests must include a valid API Key in the request header. API Keys are generated per-topic and must be managed through the Cognify dashboard. You are responsible for:
- check_circle Storing API Keys securely and never embedding them in client-side code, public repositories, or unsecured environments.
- check_circle Rotating API Keys regularly and immediately revoking any keys that may have been compromised.
- check_circle Not sharing API Keys with unauthorized third parties or using them outside the scope of your invite.
- check_circle Ensuring that API access is restricted to environments with appropriate security controls and access logging.
Authentication Header Format
Authorization: Bearer <API_KEY>
4. Rate Limits & Usage
To ensure fair and reliable access to the API for all developers, the following rate limits apply. Limits may vary based on your plan and may be adjusted by Cognify with advance notice.
Invite Tier
1,000 requests/hour
10,000 requests/day
Pro Tier
10,000 requests/hour
100,000 requests/day
Enterprise
Custom limits
Dedicated throughput
API responses will include X-RateLimit-Remaining and X-RateLimit-Reset headers to help you monitor your usage. When rate limits are exceeded, the API will return an HTTP 429 (Too Many Requests) response.
You agree to implement appropriate backoff and retry logic in your integrations. Excessive retries after receiving rate limit responses may result in temporary or permanent suspension of API access.
5. Developer Obligations
As an API user, you agree to the following obligations:
- check_circle Use the API solely for lawful purposes and in accordance with applicable data protection and intellectual property laws.
- check_circle Not scrape, cache, or redistribute API response data beyond the scope of your authorized integration without explicit written permission from Cognify.
- check_circle Not reverse engineer, decompile, disassemble, or attempt to derive the source code or underlying algorithms of the CTA engine or any API responses.
- check_circle Not use the API to generate, train, or fine-tune competing AI models or knowledge management systems.
- check_circle Ensure that any integration using the API properly attributes outputs to Cognify where required and does not misrepresent the provenance of generated artifacts.
- check_circle Report any bugs, vulnerabilities, or unexpected behavior discovered in the API to developers@cognify.team in a responsible manner.
- check_circle Not use the API to process data belonging to third parties without their explicit consent and in compliance with applicable law.
6. Data Handling & Privacy
The Cognify API transmits and receives sensitive knowledge content, including detailed procedural data from Subject Matter Experts. You acknowledge and agree to the following data handling principles:
You retain all rights to your topics, SME sessions, and artifacts. Cognify does not use your data to train base models or share with unauthorized third parties.
All API traffic is encrypted in transit via TLS 1.3. Data at rest is encrypted using AES-256 with keys managed through Hardware Security Modules (HSM).
API Keys are scoped to specific topics and user accounts. Keys cannot access data outside their authorized scope, providing granular access control.
API data handling processes are SOC2 Type II compliant. HIPAA-compliant handling is available for clinical research and healthcare environments under enterprise agreements.
Sensitive Knowledge Data
API responses may contain detailed procedural knowledge, trade secrets, or proprietary process information from Subject Matter Experts. You are responsible for handling this data with appropriate security controls consistent with its sensitivity.
7. Service Levels & Availability
Cognify strives to maintain high availability of the API, but does not guarantee uninterrupted access. The following service level expectations apply:
schedule Uptime Target
Cognify targets 99.5% monthly API uptime for invite-tier users and 99.9% for enterprise customers, as defined in applicable Enterprise Agreements.
notifications Maintenance Windows
Planned maintenance will be announced at least 72 hours in advance via our developer status page and API changelog. Unplanned outages will be communicated as soon as practicable.
update Versioning & Deprecation
The API follows semantic versioning. Breaking changes will be accompanied by at least 6 months of deprecation notice. Deprecated endpoints will remain available during the transition period.
support_agent Developer Support
API support is available via developers@cognify.team. Enterprise customers receive dedicated support channels and response time guarantees per their MSA.
Cognify reserves the right to modify, suspend, or discontinue any aspect of the API, including specific endpoints or response formats, with reasonable notice. We encourage you to implement robust error handling and fallback mechanisms in your integrations.
8. Liability & Termination
Limitation of Liability
To the fullest extent permitted by applicable law, Cognify shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, data, or revenue, whether incurred directly or indirectly, arising from your use of or inability to use the API.
Cognify's aggregate liability for all claims related to the API shall not exceed the greater of $100 USD or the total amount paid by you to Cognify during the preceding twelve (12) months.
Termination
Cognify may suspend or terminate your API access immediately, without prior notice or liability, if you violate this Agreement, our Terms of Service, or applicable law. Upon termination:
- Your API Keys will be immediately revoked.
- All ongoing API sessions will be terminated.
- Your right to access or retrieve data via the API will cease.
- You may export your data through the web dashboard within 30 days of termination, subject to your account status.
Changes to this Agreement
Cognify may update this API Agreement from time to time. Material changes will be communicated via our developer portal, status page, or by email at least 30 days before they take effect. Continued use of the API after changes become effective constitutes your acceptance of the revised Agreement.
If you have questions about this API Agreement, please contact developers@cognify.team. For general legal inquiries, reach us at legal@cognify.team.
Last Updated: July 1, 2026