Developer SDK

Build DPDP compliance
into your product.
API-first.

RuleExpert is designed for engineering teams who want to automate consent capture, DSR workflows, breach response, and vendor governance — not manage them manually in a dashboard.

Explore API
Explore API

54

REST API endpoints across 9 modules

18+

Pre-built integrations — AWS, Razorpay, WhatsApp

100%

India data residency — AWS ap-south-1 Mumbai

OAS 3.1

OpenAPI 3.1 spec — importable to Postman

API OVERVIEW

One API.
Every DPDP obligation.

RuleExpert exposes a clean REST API across all nine compliance modules — consent, data rights, breach, registry, vendor governance, and AI. Every endpoint returns structured JSON. Every write operation generates a signed audit log entry automatically.

The API is designed for two patterns: direct integration for teams building compliance into their own products, and webhook-driven automation for teams who want RuleExpert to push events to their existing infrastructure.

Authentication

API key + Bearer token · OAuth 2.0 for Enterprise

Data Residency

All data stays in AWS ap-south-1 Mumbai — always

OpenAPI 3.1 Spec

Full spec available · Postman collection on request

Rate Limits

1,000 req/min Starter · 10,000 req/min Growth

API Design

Built for how engineers actually work.

No SDK lock-in. No proprietary protocols. Clean REST, standard JSON, and webhooks — so your team integrates in days, not weeks.

REST + JSON — nothing proprietary

Standard REST verbs, standard JSON payloads. Works with any HTTP client in any language.

Every write auto-signed

Every API write that creates a compliance record, automatically generates an HMAC-SHA256 signed audit log entry.

Webhook-first event model

Subscribe to any compliance event — and RuleExpert pushes to your endpoint in real time.

India-first design decisions

Built for Indian engineering teams and Indian compliance realities.

OpenAPI 3.1 — importable everywhere

The full 54-endpoint OpenAPI 3.1 spec is available to registered developers.

Versioned — no surprise breaking changes

We give 6 months notice before any breaking change — with a migration guide included.

API REFERENCE

54 endpoints.
Every DPDP obligation covered.

The full OpenAPI 3.1 spec is available to registered developers. Below is a representative overview of the key endpoints by module.

WEBHOOKS

Real-time compliance events pushed to your stack.

Subscribe to any RuleExpert event and receive a signed JSON payload at your endpoint — so your systems stay in sync with every consent change, DSR, and breach automatically.

SDKS & INTEGRATIONS

Connect the tools
your team already uses.

Official SDKs, a Postman collection, and pre-built connectors for the platforms Indian engineering teams run on.

Get Started

Consent capture that stands up in an audit.

HMAC-signed. Append-only. Live in 10 minutes.

Book a Demo

Client Testimonials

What Our Clients Speak About Us

"We always thought DPDP compliance was the client’s responsibility since we were only executing services. But the evaluation made it clear that how we handle client data also creates risk on our side. It changed how we approach data handling internally."

Founder, A Digital Services Firm

Founder, A Digital Services Firm

"We had a basic understanding of DPDP requirements, but the scorecard highlighted gaps we hadn’t identified internally — especially around consent handling and data visibility. It gave us a much clearer starting point."

Founder, A B2B SaaS Company

Founder, A B2B SaaS Company

"We had a basic understanding of DPDP requirements, but the scorecard highlighted gaps we hadn’t identified internally — especially around consent handling and data visibility. It gave us a much clearer starting point."

Founder, A Logistics Company

Founder, A Logistics Company

"The DPDP score was surprisingly insightful. Within minutes, we could see where we stood and what needed immediate attention. It simplified something that initially felt quite complex."

Product Head, A Fintech Platform

Product Head, A Fintech Platform

"After reviewing our score, we opted for a consultation. The discussion was very practical — we got clear direction on what to fix first and how to approach DPDP compliance in a structured way."

CTO, Food Delivery Tech Platform

CTO, Food Delivery Tech Platform

"What we found valuable was the focus on actual system-level gaps, not just policies. It helped us understand where compliance could break in real operations."

Engineering Lead, A SaaS Company

Engineering Lead, A SaaS Company

"As a CTO, I didn’t want my developers to become compliance experts. The SDK and APIs abstract a lot of the DPDP complexity into something the engineering team can actually implement. It makes compliance feel more like a system capability rather than a legal burden."

CTO, CPaaS Technologies

CTO, CPaaS Technologies