ceven

Rkvst

Automates the collection of supply chain evidence and verifies the chain of custody for assets and events in real time.

Try Rkvst in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Rkvst integration

    • Describe the outcome and Ceven picks the right Rkvst calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Rkvst data, across all 24 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Rkvst access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Rkvst, when, and on whose behalf.
    • The agent pauses and asks when Rkvst is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Rkvst.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Rkvst action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Rkvst, and when to use it.

Download Event Attachment
Use this when you have asset uuid, event uuid, and attachment uuid and want the raw binary content.
Get Asset
Pull details for a specific asset. Set at time to retrieve the historical state of the asset.
Get Event
Use this to pull full metadata, attributes, and associated trails of an existing event.
Get IAM Subject
Fetch identity details for a specific IAM subject by its unique id.
List Asset Events
Pull all events associated with a specific asset uuid.
List Assets
Retrieve asset metadata in batches using page size and next page tokens.
List Members
Pull a complete overview of all users registered within the current tenant.
Promote Member
Elevate a tenant member to the owner role after verifying their identity.
Retrieve Event Attachment Metadata
Pull the size, hash, and scan status for an attachment on a specific event.
Search Events
Query events using odata filters and page through large result sets.
Update App Registration
Modify an application display name or custom claims for a registered app.
List Public Assets
Pull a list of all assets that have been marked as public.
Get App Registration
Tool to retrieve details for a given app registration id. use after obtaining the application's uuid to inspect its configuration and credentials.
Get Blob
Tool to retrieve details of a blob by id. use after confirming the blob id.
Get Member
Tool to retrieve details for a given member id. use after obtaining a valid member uuid.
Get Public Asset
Tool to retrieve details for a public asset. use when you have a public asset uuid.
Get Public Asset Event
Tool to retrieve a specific public asset event. use when you have public asset and event uuids.
Get Tenancy
Tool to retrieve details for a specific tenancy. use after you have a tenancy id.
List App Registrations
Tool to list all app registrations. use after acquiring a valid auth token to retrieve the applications registered under the tenant.
List IAM Subjects
Tool to list iam subjects. use when you need to retrieve provider managed subjects, optionally filtering by display name. use after authenticating the tenant.
List Public Asset Events
Tool to list events for a specific public asset. use when you need to retrieve the event history of a public asset after confirming its public availability.
List Tenancies
Tool to list all tenancies. use after authenticating to retrieve the tenancy records available to the current tenant.
Retrieve asset attachment metadata
Tool to retrieve metadata for an attachment on a specified asset. use after obtaining asset and attachment uuids.
Retrieve Caps
Tool to retrieve resource limit quotas for a specified service. use when checking quota availability before provisioning resources.
Retrieve Public Asset Attachment Metadata
Tool to retrieve metadata for an attachment on a specified public asset. use when you have the public asset uuid and attachment uuid, before downloading the content.
Retrieve Public Event Attachment Metadata
Tool to retrieve metadata for an attachment on a public asset event. use after you have the public asset uuid, event uuid, and attachment uuid.

26 actions · scroll to see them all

Frequently asked questions

Ceven uses a two step process to handle attachments. First, the agent calls the metadata endpoint to retrieve the file hash and scan status to ensure the file is safe and authentic. Once validated, it uses the download event attachment tool to pull the raw binary content. This ensures that the chain of custody is maintained and that no corrupted or unauthorized files are processed into your downstream workflows. You can set up a trigger so that any new attachment in Rkvst is automatically mirrored to your secure cloud storage for long term backup and redundancy.
Yes, Ceven can perform administrative tasks like promoting members to the owner role. You can build a workflow where a request in a ticketing system triggers the promote member action in Rkvst after a manager provides a digital sign off. This reduces the need for a dedicated administrator to manually manage the tenant. However, the agent can only promote users who already exist as members within the tenant, as it cannot create brand new identity subjects from scratch without a prior invitation flow.
The most efficient method is using the search events tool with odata filters. Instead of listing every event and filtering locally, Ceven sends the specific criteria to the Rkvst API. This allows you to isolate events by date, asset type, or specific attribute values. For very large datasets, Ceven automatically handles the pagination tokens, walking through the result sets until all matching events are gathered. This prevents timeouts and ensures that no evidence is missed during a compliance audit or a forensic investigation.
Ceven can access public assets and their associated events without requiring the same level of restrictive permissions as private assets. This is useful for creating public facing transparency portals. The agent can list public assets, pull their event history, and retrieve metadata for public attachments. You can automate a workflow that takes a private asset, marks it public via the Rkvst dashboard, and then uses Ceven to generate a public summary report based on the available public event trail for external auditors.
One specific quirk is the way Rkvst handles asset state. To get a historical view of an asset, you must explicitly set the at time parameter in the get asset call. If this is omitted, the API only returns the current state. Additionally, Rkvst employs strict rate limiting on the search events endpoint to protect system performance. If a workflow attempts to pull thousands of events in a tight loop, you may see 429 errors. Ceven manages this by implementing an exponential backoff strategy to ensure data is eventually retrieved.
Ceven relies on the native evidence management capabilities of Rkvst. Every time an attachment is retrieved, the agent can pull the associated hash from the metadata endpoint. By comparing this hash against the file content, Ceven verifies that the data has not been tampered with since it was first recorded. This creates a verifiable link between the physical event and the digital record, which is critical for industries like pharma or aerospace where data integrity is a legal requirement for product release.
Ceven can list and update existing app registrations. If you need to change a display name or update custom claims for an integration, the agent can do this via the update app registration tool. This is particularly useful for teams managing multiple environments where registration details might change during a migration from staging to production. Note that while Ceven can update existing registrations, the initial creation of an app registration usually requires a manual security handshake in the Rkvst console.
Ceven can list and retrieve details for multiple tenancies if the connected account has the necessary cross tenant permissions. This allows a global administrator to run reports across different business units or geographic regions. The agent can switch context between tenancies to pull asset lists or member details, providing a single pane of glass view of evidence across the entire organization. This eliminates the need to log into separate accounts to verify that supply chain standards are being met globally.

Alternatives to Rkvst

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

Provenance logoProvenanceKeepTruckin logoKeepTruckin

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Rkvst and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free