Skip to content

Governance Service Overview

Governance Service is the core platform API for organizations, projects, policies, controls, declarations, reviews, indicators, credentials, evidence attachments, activity logs, and governance certificates.

It is deployed behind the platform ingress and is normally reached through the /governanceService path.

  • Manage organizations, projects, policies, applied policies, and controls.
  • Store declarations, reviews, activity history, and evidence attachment metadata.
  • Evaluate indicator events and store evaluation results.
  • Coordinate with Auth Service for bearer credential validation and permissions.
  • Coordinate with Integrity Service for statements, CIDs, lineage, and certificates.
  • Run database migrations when configured by the deployment chart.
  • Browser traffic from Governance Studio.
  • External API traffic for supported governance workflows.
  • Event ingestion and indicator APIs for customer monitoring integrations.
  • Health and readiness endpoints for operators.

Governance Service requires PostgreSQL, Auth Service, configured object storage for production evidence attachments, and Integrity Service for integrity-backed workflows.