Diagnostics
Runtime governance health
Redacted view only. No bearer token, Authorization header, cert_text, cert_encoded or signed envelope is shown here. Stage 1 = key-name propagation. Stage 2 = secret-value activation.
/api/health
{
"status": "ok",
"service": "referralcierge",
"timestamp": "2026-05-20T21:22:43.047869+00:00"
}/api/katlas/status
KATLAS node active- Mode
- live
- Node URL present
- true
- katlas_bearer_token_present
- true
- token_source_used
- KATLAS_BEARER_TOKEN
- HTTP status
- 200
- Reason
- —
Runtime visibility — env key names only
Key
Present
Value length
Non-empty
Notes
KATLAS_MODE
true
4
true
—
KATLAS_NODE_URL
true
41
true
—
KATLAS_BEARER_TOKEN
true
44
true
Stage 2: live
KATLAS_ALLOW_SIMULATION_FALLBACK
true
5
true
—
KATLAS_TIMEOUT_SECONDS
true
1
true
—
Stage discipline
- Stage 1 — Required backend env names are visible to the runtime, even if blank. Diagnostics show KATLAS_BEARER_TOKEN with value_length: 0, non_empty: false. Status: unconfigured (acceptable).
- Stage 2 — Real secret value injected securely at runtime into the production backend. Diagnostics show katlas_bearer_token_present: true and token_source_used: KATLAS_BEARER_TOKEN. Status: active.
- If the token value is wrong, status will be auth_rejected — never unreachable.