Private alpha documentation

OctynX documentation

Read-only product documentation for the current OctynX alpha. This page covers current implemented behavior only.

Overview

OctynX is a European-oriented control layer for governed AI model access. In this alpha, it provides one controlled place to send AI requests, inspect safe request metadata, and use an approved model/provider catalog.

Quickstart

Use short prompts and low token limits during alpha evaluation.

curl -sS -X POST http://localhost:8000/v1/chat/completions \
  -H "Content-Type: application/json" \
  -H "X-API-Key: <client-api-key>" \
  -d '{
    "model": "mistral-small-3.2-24b-instruct-2506",
    "target": "scaleway",
    "messages": [{"role": "user", "content": "<short prompt>"}],
    "max_tokens": 120
  }'

Authentication

POST /v1/chat/completions requires a client API key.
Accepted headers: X-API-Key: <client-api-key> or Authorization: Bearer <client-api-key>.
Missing or invalid keys return safe unauthorized responses.

Chat completions

Endpoint: POST /v1/chat/completions.
Routing posture: explicit model selection only.
Current approved model: mistral-small-3.2-24b-instruct-2506.
Current provider target: scaleway.

Approved model catalog

Endpoint: GET /v1/models.
Catalog scope: approved_alpha_only.
Routing: explicit_model_selection_only.
This is not provider discovery and not a model marketplace.

Guardrails and abuse controls

Max token cap, prompt-size cap, and request-body-size cap are enforced.
Rate limiting currently covers chat completions, lead capture, and dashboard login.
These controls are private-alpha abuse protections, not production quota/billing limits.

Dashboard visibility

Request visibility is metadata-only. The dashboard/request view can show:

timestamp, status, model, provider/target, latency;
request size, estimated input tokens, requested max_tokens;
safe error category.

It does not show prompt bodies, response bodies, API keys, raw provider errors, or internal admin tokens.

Demo notes

Design-partner demos should use short prompts and low max_tokens.
Public or semi-public exposure remains blocked until deployment security review is complete and non-placeholder secrets are confirmed.

Known alpha limitations

The current alpha does not include:

editable wiki/docs CMS features;
documentation search, version history, comments, collaborative editing, or uploads;
public self-serve onboarding, account/project/API-key self-management, or billing dashboards;
automatic multi-provider routing, provider marketplace behavior, enterprise RBAC, or mature policy-engine features.