The work graph, in one place.
Most APIs hand you a database. ALLO hands you a graph that already knows what work exists, who owns it, what changed, and how it all links.
Read it with intent: search across tasks, canvases, OKRs, projects. Write narrowly: create a task, log a check-in, add a comment. Listen: signed webhooks for the events that matter.
Every request runs under the calling user's permissions, server-side. Tokens scope what an integration can see and do. Nothing comes back that the caller couldn't already open by hand.
Three primitives.
Built to compose.
Every integration we've seen built on ALLO uses some combination of these three. They're enough.
Search the graph.
Permission-aware search across canvases, tasks, projects, OKRs, comments, and activity. Compact, integration-friendly objects, not raw internal models.
Narrow commands.
Command-shaped writes. Create a task, add a comment, log an OKR check-in. No bulk destructive operations. No raw canvas editing.
Signed events.
Subscribe to work events. HMAC-signed payloads, exponential backoff retries, replayable delivery logs from the dashboard.
Eight resource types.
one graph.
Every resource links to its neighbors, so one ID is enough to walk from a task to its canvas to the decision behind it. Same permissions as the product, all the way down.
Every request scoped.
Every webhook signed.
Apps see what their token allows. Nothing more. Admins review logs, rotate secrets, and revoke access at any time. Every write is auditable.
Don't dump
your workspace into a model.
Retrieval and summary endpoints return compact, permission-aware context, sized for an LLM context window, with citations and URLs so the agent can show its work.
Tokens see only what their owner can see in ALLO. Filtered server-side. Never client-side. Never bulk-exported.