← All lessons/Enterprise
46
Enterprise

SOX Compliance

Designate SOX-tier agents, enforce dual-admin controls, and generate SOX audit reports.

Prerequisite: Lesson 45 complete

What you'll learn

  • SAPIX_SOX=true env var enables SOX mode
  • POST /v1/agents/:id/sox with {tier: 'sox_critical'}
  • Dual-admin approval required for schema changes and agent deletion on SOX-tier agents
  • GET /v1/compliance/sox/report?period=2026-Q2 — SOX audit report
  • Append-only storage satisfies SOX tamper-evident requirement by design
Challenge

Enable SOX mode. Tag financial-ledger as SOX-critical. Write a financial record. Generate the SOX audit report.

Interactive Walkthrough

What you'll learn

Designate SOX-tier agents, enforce dual-admin controls, and generate SOX audit reports.

SOX mode

SOX (Sarbanes-Oxley) compliance requires: 1. Financial data cannot be altered — guaranteed by SapixDB's append-only model 2. Changes require dual authorization (two administrators approve) 3. Audit trail for all financial data access

Enable SOX mode

environment:
  SAPIX_SOX: "true"

Tag an agent as SOX-tier

curl -s -X POST http://localhost:7475/v1/agents/financial-ledger/sox \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer spx_root_YOUR_ROOT_KEY" \
  -d '{"tier": "sox_critical"}' \
  | python3 -m json.tool

Dual-admin approval for SOX operations

Once an agent is SOX-tier, certain operations (like schema changes or agent deletion) require a second administrator key to co-sign the request.

Generate a SOX audit report

curl -s "http://localhost:7475/v1/compliance/sox/report?period=2026-Q2" \
  -H "Authorization: Bearer spx_root_YOUR_ROOT_KEY" \
  | python3 -m json.tool

Challenge

Enable SOX mode and tag a financial-ledger agent as SOX-critical. Write a financial record. Generate the SOX audit report for the current month.

---

← Previous
Lesson 45: HIPAA Compliance Mode
Next →
Lesson 47: Codios Authorization