An API
that knows
your work.

Every project, canvas, task, OKR, and comment in ALLO is a node in one graph. The API exposes that graph — to your internal tools, to chat, to the agents you're building. Permission-aware. No raw workspace dumps.

Search the work graph
POST /v1/search
curl https://api.allo.io/v1/search \
  -H "Authorization: Bearer $ALLO_TOKEN" \
  -d '{ "query": "customer onboarding", "limit": 3 }'

# 200 OK
{
  "results": [
    { "type": "canvas",
      "title": "Customer Onboarding",
      "summary": "Plan, owners, checklist." },
    { "type": "task",
      "title": "Prepare rollout",
      "due":    "2026-05-08" }
  ]
}

The work graph, in one place.

Most APIs hand you a database. ALLO hands you a graph that already knows what work exists, who owns it, what changed, and how it all links.

Read it with intent — search across tasks, canvases, OKRs, projects. Write narrowly — create a task, log a check-in, add a comment. Listen — signed webhooks for the events that matter.

Every request runs under the calling user's permissions, server-side. Tokens scope what an integration can see and do. No raw workspace dumps, ever.

Three primitives.
Built to compose.

Every integration we've seen built on ALLO uses some combination of these three. They're enough.

Read

Search the graph.

Permission-aware search across canvases, tasks, projects, OKRs, comments, and activity. Compact, integration-friendly objects — not raw internal models.

POST /v1/search
GET /v1/resources/:id/summary
GET /v1/projects/:id/activity
Write

Narrow commands.

Command-shaped writes. Create a task, add a comment, log an OKR check-in. No bulk destructive operations. No raw canvas editing.

POST /v1/tasks
POST /v1/comments
POST /v1/okr/checkins
Listen

Signed events.

Subscribe to work events. HMAC-signed payloads, exponential backoff retries, replayable delivery logs from the dashboard.

task.created task.completed
comment.created
canvas.updated okr.checkin

Eight resource types.
one graph.

ALLO already knows what work exists, who owns it, what changed, and what's linked to what. The API exposes that graph with the same permissions your team uses inside the product.

Workspaces
Top-level container. Members, plan, settings.
workspace:read
People & teams
Member directory, roles, team membership.
people:read
Projects
Cross-functional work units. Anchor for canvases, tasks, OKRs.
project:read · write
Canvases
Free-form planning surfaces. Metadata, summaries, links.
canvas:read · create
Tasks
Assignable work items. Status, due, assignee, parent.
task:read · write
OKRs
Objectives, key results, sessions, check-ins.
okr:read · checkin
Comments
Threaded comments on any resource.
comment:read · write
Activity
Append-only stream of every meaningful change.
activity:read

Every request scoped.
Every webhook signed.

Apps see what their token allows — nothing more. Admins review logs, rotate secrets, and revoke access at any time. Every write is auditable.

OAuth 2.0 apps
Three-legged flow for apps acting on a user's behalf.
Workspace tokens
Server-to-server tokens scoped to a workspace.
Signed webhooks
HMAC-SHA256 signatures, replay protection, rotation.
Idempotency keys
Safe retries on writes. We dedupe within 24 hours.
Audit logs
Admins see every action a token took, with diffs.
Verify a webhook
import { createHmac, timingSafeEqual } from "crypto"

export function verify(req, secret) {
  const sig    = req.headers["x-allo-signature"]
  const body   = req.rawBody
  const digest = createHmac("sha256", secret)
                       .update(body).digest()

  return timingSafeEqual(
    Buffer.from(sig, "hex"),
    digest,
  )
}

Don't dump
your workspace into a model.

Retrieval and summary endpoints return compact, permission-aware context — sized for an LLM context window, with citations and URLs so the agent can show its work.

Tokens see only what their owner can see in ALLO. Filtered server-side. Never client-side. Never bulk-exported.

Retrieve context for an agent
const ctx = await allo.search({
  query: "customer onboarding",
  types: ["canvas", "task"],
  limit: 5,
})

const reply = await model.complete({
  messages: [{
    role: "user",
    content: render(ctx),
  }],
  tools: [allo.createTask, allo.addComment],
})

Common questions.

Can I edit a canvas through the API?+
Not in v1. Canvas body editing is intentionally out of scope for the first release. v1 covers metadata, permission-aware summaries, links between resources, and safe creation.
What's the difference between read and write?+
Reads are broad: search the graph, fetch summaries, list tasks, list activity. Writes are narrow and command-shaped: create a task, add a comment, log an OKR check-in.
Are search results permission aware?+
Yes. Every read endpoint enforces the token owner's ALLO permissions server-side.
How do AI agents stay safe?+
Agents call the same scoped endpoints as anything else. Summary and search return compact, permission-filtered context — sized for LLM windows, with citations.
Is there a public app marketplace?+
Not yet. The first releases focus on internal tooling, private OAuth apps, and direct API access for customer engineering teams.
How do I get access?+
The platform is in private beta. Request access on the quickstart page and we'll provision a sandbox workspace and a test token within a business day.

Build on the same graph
your team works in.

Read the docs, request a sandbox, ship something useful.