← revvyn.com

Operations Runbook

CRITICAL Kill Switch Activated

Symptoms

All payments return status "halted". Dashboard shows red kill switch banner.

Steps

1. Check /ops dashboard — confirm kill switch is active
2. Check /v1/incidents — is there a related incident?
3. If intentional: monitor and deactivate when resolved
4. If accidental: deactivate immediately via API or dashboard

curl -X POST https://api.revvyn.com/v1/kill-switch \
  -H "X-API-Key: YOUR_KEY" \
  -d '{"enabled": false, "reason": "Deactivated — false alarm"}'

HIGH Investigate False Positive

Symptoms

Partner reports a legitimate payment was blocked.

Steps

1. Get the payment ID from the partner
2. Check the explainability endpoint
3. Review the counterfactual — what needs to change?
4. If policy threshold too low: adjust via PUT /v1/policies/{id}
5. If agent trust too low: review agent registration in KYA
6. Submit feedback via POST /v1/payments/{id}/feedback

curl https://api.revvyn.com/v1/payments/PAYMENT_ID/explain \
  -H "X-API-Key: YOUR_KEY"

Rotate API Keys

1. Create a new key: POST /v1/keys with label "rotation YYYY-MM-DD"
2. Update your application with the new key
3. Verify the new key works by calling /health
4. Revoke the old key: DELETE /v1/keys/{old_key_id}

Rollback Policy Change

1. Check policy version history: GET /v1/policies/{id}/versions
2. Identify the previous good version
3. Apply the old values via PUT /v1/policies/{id}
4. Use the simulation sandbox to verify the rollback

curl -X POST https://api.revvyn.com/v1/simulate \
  -H "X-API-Key: YOUR_KEY" \
  -d '{"scenario":"threshold_change","field":"approval_threshold","current_value":25000,"new_value":10000}'

SOC2 Audit Request

1. Generate compliance report: GET /v1/reports/compliance?from=...&to=...&format=csv
2. Export audit trail: GET /v1/export/audit-trail?from=...&to=...
3. Check retention status: GET /v1/export/retention
4. Review security controls: /static/docs/security.html
5. Provide framework coverage: GET /v1/compliance/frameworks