Continuous ingest
Mirror your existing traces in.
Keep LangSmith or Langfuse and forward a copy of every trace to Prova, so you adopt the control plane alongside what you already run instead of ripping it out. This is the continuous version of the one-shot migration CLI.
How it works
Point a webhook at POST /api/v1/ingest/webhook?source={source}. Prova maps each record into the signed AIDecisionEvent shape and runs it through the same ingest pipeline as the SDK (policies, detectors, cost, and an Ed25519 receipt). The mapping is identical to the migration CLI, so a backfill and a live mirror produce the same receipts.
source=langsmith: LangSmith run exports (run_type maps to model_call / tool_call / agent_run).source=langfuse: Langfuse observations (GENERATION maps to model_call, SPAN / EVENT to agent_step).source=openai: raw OpenAI ChatCompletion records.
Authenticate
Provide a Prova API key with audit.ingest permission, either as a bearer token or, for webhook senders that only let you customize the URL, as a ?key= query parameter.
# Configure your Langfuse / LangSmith webhook to POST here:
POST https://prova.cobound.dev/api/v1/ingest/webhook?source=langfuse
Authorization: Bearer prv_...
# ...or, when only the URL is configurable:
POST https://prova.cobound.dev/api/v1/ingest/webhook?source=langfuse&key=prv_...Body
Send a single record, an array, or an envelope with a records, data, or observations array (up to 1000 per request). The response reports how many were received, mapped, and ingested:
{ "source": "langfuse", "received": 12, "mapped": 12, "skipped": 0,
"ingest": { "mode": "authenticated", "count": 12, "receipts": [ ... ] } }Records without a stable id are skipped (no idempotency key). Idempotency keys are derived from the source row id, so replays and overlapping windows are safe. Vendor webhook signature verification (per-source HMAC) is on the roadmap; today the Prova key is the credential.