Kautio for developers
Safety check-ins as a primitive.
One POST puts a check-in on any job. Kautio's servers run the timing, the escalation, and the follow-through. Your product gets thin lifecycle webhooks.
curl -X POST "$KAUTIO_API/apiCreateCheckin" \
-H "Authorization: Bearer kk_live_..." \
-H "Content-Type: application/json" \
-d '{
"member_uid": "uWq83XkT2fRz9pLmA1sB",
"title": "Water heater install — 148 Alder Ct",
"start_at": "2026-07-14T14:00:00-04:00",
"trigger_delay_mins": 30,
"activation_lead_mins": 15,
"tiers": [
{ "tier_index": 0, "recipient_uids": [] },
{ "tier_index": 1, "recipient_uids": ["uH7dN4vGq6cJe2yKp8Mz"] }
]
}'
201 Created
{
"id": "Jm3kQ9pXw2aZbY4cD7eF",
"event_state": "scheduled",
"title": "Water heater install — 148 Alder Ct",
"start_at": "2026-07-14T18:00:00.000Z",
"trigger_delay_mins": 30,
"activation_lead_mins": 15,
"tier_count": 2,
"final_checkin_enabled": false
}
Three calls, no new infrastructure
Mint a key
Create org-scoped API keys in the Kautio console. Keys carry explicit scopes (checkins:read, checkins:write) and are shown once. We store only a SHA-256 hash.
POST a check-in per job
One call schedules a check-in owned by a seat-holding member of your organization. Validation is identical to the consumer app, and no member credits are consumed: API usage meters to your org.
Receive lifecycle webhooks
Six checkin.* events cover the full lifecycle, delivered signed to your endpoints. Your product knows a check-in completed without ever handling who was notified, or where anyone was.
Where the API fits
Field service platforms
A check-in on every dispatched job
Your users already schedule the job, the tech, and the window. One POST attaches a safety check-in to that same record: start time from the job, contacts from the tech's own circle. When the job closes quietly, so does the check-in.
Staffing and marketplaces
Shift-shaped coverage
Shifts have a start, an end, and a worker who is often somewhere new. Create a check-in when the shift is claimed and cancel it if the shift is dropped. The lifecycle maps one-to-one.
Association member portals
A benefit your portal can wire in
Associations buy seats; portals make them real. Surface check-in status alongside the member profile using the thin read API: state and timing, never contents.
Six events. Thin by design.
Every event carries state, timing, and org context — never phone numbers, recipient identities, locations, notes, or attachments. PII-free by allowlist, not by redaction.
| Event | Fires when |
|---|---|
checkin.scheduled | A check-in is created and validated |
checkin.active | The activity starts and the check-in goes live |
checkin.follow_up.pending | Tiers are exhausted; an opt-in follow-up is still open |
checkin.completed | The check-in ran its course and resolved |
checkin.cancelled | Ended before anyone was notified |
checkin.dismissed | Ended by the member after a contact was notified |
{
"id": "Jm3kQ9pXw2aZbY4cD7eF_active",
"type": "checkin.active",
"timestamp": "2026-07-14T18:00:02.184Z",
"data": {
"checkin_id": "Jm3kQ9pXw2aZbY4cD7eF",
"org_id": "T4uNb8RpP0aMhS2VgK6L",
"event_state": "active",
"previous_state": "scheduled",
"occurred_at": "2026-07-14T18:00:02.184Z"
}
}
Built like the escalation engine it fronts
- Signed webhooks. Deliveries are HMAC-signed following the Standard Webhooks spec. Verify with any standard library.
- Scoped keys, hashed at rest.
checkins:readandcheckins:writescopes per key. Keys are displayed once and stored only as SHA-256 hashes: a database read cannot recover one. - Uniform 401 and 404. Invalid, revoked, and unknown keys receive identical responses. Check-ins outside your org return the same 404 as ids that never existed. The API is not an oracle.
- Per-key rate limits. 120 requests per minute per key by default, with
Retry-Afteron 429. An organization can hold multiple keys; per-key overrides are available. - No API dismiss — by design. The API can cancel a check-in before escalation to contacts begins. Once escalation has reached real people, standing down is the member's decision, on the member's device. Software can start a safety process; only the person it belongs to can call it off. That is a feature.
Pricing
Platform pricing is usage-based: metered per API call, billed to your organization. Talk to us while the beta is open.
Buying seats for a team instead? See Kautio for business.
Where the platform is today
The API is in beta. Request and response contracts are final; stable /v1/checkins paths arrive with the dedicated API domain. The full surface (authentication, errors, rate limits, idempotency) is specified in the API docs.
A changelog will live here from the first public release.