What is the AiT Hosted Agents API?

The AiT Hosted Agents API is a REST interface that lets engineering teams trigger HIPAA-compliant AI agents programmatically. Every call passes through DLP middleware, is SHA-256 hash-chained for tamper-evident audit logs, and routes only to BAA-covered model tiers.

Is a BAA available for API customers?

Yes. A Business Associate Agreement is available on the Professional and Enterprise tiers. Enterprise customers receive a white-glove BAA with legal review before any PHI or regulated data touches the API.

How does per-tenant isolation work via the API?

Each customer receives a dedicated virtual key scoped to their tenant. All agent runs, audit logs, and data are partitioned by tenant ID at the infrastructure level. Enterprise customers can request a dedicated GCP subproject for full hardware-level isolation.

What compliance frameworks does the API support?

HIPAA, SOC 2 Type II (audit in progress), BAA-covered model routing for PHI, and 42 CFR Part 2 Ready data handling. Every API response includes a chain hash reference for audit trail verification.

AiT Hosted Agents API: Programmatic HIPAA Compliant AI Agents

Why the API

Compliance built into every API call, not bolted on afterward.

Three properties that separate the AiT Hosted Agents API from generic LLM wrappers in regulated environments.

Zero PHI Exposure

DLP middleware sits between your API call and every model. Protected health information, social security numbers, and regulated identifiers are intercepted and masked before they reach any inference layer. Your PHI never touches uncontrolled infrastructure.

Immutable Audit Chain

Every agent run produces a SHA-256 hash of its input, output, model version, and timestamp. Each hash links to the previous entry, forming a tamper-evident chain. Auditors verify chain integrity with the open-source CLI without touching your data or infrastructure.

Per-Tenant Isolation

Each customer receives a dedicated virtual key scoped to their tenant. All agent runs, logs, and stored context are partitioned at the infrastructure level. Enterprise customers can provision a dedicated GCP subproject for full hardware-level isolation with no shared compute.

Developer preview

One POST to trigger a compliance-grade agent run.

Pass your virtual key, pick an agent, and send an input. The response includes the run result, a chain hash, and a signed audit reference — no extra configuration required.

bash — curl

curl -X POST https://api.hosted-agents.intelligentit.io/v1/agent/run \
  -H "Authorization: Bearer <your-virtual-key>" \
  -H "Content-Type: application/json" \
  -d '{
    "agentId": "compliance-evidence-collector",
    "input": "Run SOC2 audit for Q2 2026"
  }'

Full endpoint reference, authentication guide, response schema, and error codes available in the API documentation.

Compliance posture

Infrastructure built to meet the auditors, not avoid them.

Every API tier ships with the same underlying compliance controls. Upgrade tiers unlock dedicated infrastructure and white-glove BAA review, not baseline compliance.

HIPAA Compliant

SOC 2 Type II Audit in progress

BAA Available Pro & Enterprise

42 CFR Part 2 Ready SUD data handling

Pricing

Predictable API pricing for regulated teams.

All tiers include DLP middleware, SHA-256 audit chain, and BAA-covered model routing. Higher tiers add dedicated infrastructure and SLA guarantees.

Starter

API Starter

$199 / mo

1,000 agent runs per month. Shared infrastructure.

1,000 runs per month
Shared Cloud Run infrastructure
DLP middleware on every call
SHA-256 audit chain included
Virtual key per tenant
Email support

Book a Demo

API Professional

$799 / mo

10,000 runs/mo. 99.9% uptime SLA. BAA available.

10,000 runs per month
99.9% uptime SLA
Dedicated virtual key with scoped data
BAA available
Priority Slack support
Evidence pack export on demand
Named technical contact

Book a Demo

Enterprise

API Enterprise

Custom

Unlimited runs. Dedicated GCP subproject. White-glove BAA.

Unlimited agent runs
Dedicated GCP subproject per tenant
White-glove BAA with legal review
SIEM export (Splunk, Chronicle, Sentinel)
24/7 support with incident response SLA
Custom agent development
Named account engineer

Book a Demo

Ready to add compliant AI agents to your stack?

Thirty minutes with a compliance engineer. We walk through your regulatory environment and show you exactly what an AiT Hosted Agents API deployment looks like with your data and your workflows.

Get API Access See the full platform →

Page as of 2026-05-12. Pricing reflects current AiT Hosted Agents API reference tiers; final scope confirmed in discovery. Manuel Ruiz, Founder / CEO / CISO. © Intelligent Group (DBA Intelligent iT) · intelligentit.io

Run HIPAA-compliant AI agents via API. SOC 2-ready, BAA-backed, audit-logged.

Compliance built into every API call, not bolted on afterward.

Zero PHI Exposure

Immutable Audit Chain

Per-Tenant Isolation

One POST to trigger a compliance-grade agent run.

Infrastructure built to meet the auditors, not avoid them.

Predictable API pricing for regulated teams.

API Starter

API Professional

API Enterprise

Ready to add compliant AI agents to your stack?