EU AI Act Article 50 β€” 20 days to seal | Get passport
πŸ‰

Partner Integration Guide

5 integration paths Β· Python / TypeScript / Go SDKs Β· MCP Federation Β· REST Β· WebSocket Β· C2 Bridge Β· SIGIL Sync

5 PATHS 3 SDKs
5
Integration Paths
30
MCP Tools
87
REST Endpoints
6
WS Streams
3
SDKs

πŸ—ΊοΈ Integration Paths Overview

#PathProtocolBest ForLatencyComplexity
1MCP FederationJSON-RPC 2.0 over stdio/SSEAI agents, LLM tool calling, sovereign mesh<1ms localLow
2REST APIHTTP/2 + JSONWeb apps, dashboards, third-party systems5-50msLow
3WebSocket StreamsWSS + Protobuf/JSONReal-time feeds: SIGIL events, drone telemetry, alerts<10msMedium
4C2 BridgeTAK Protocol + CoT XMLFreeTAKServer, ATAK clients, TAK-aware systems50-200msMedium
5SIGIL Chain SyncEd25519-signed hash chainAudit trails, compliance, evidence, inter-org trustBatchAdvanced

πŸ”Œ Path 1: MCP Federation (Recommended for AI Integration)

Connect your AI agent or LLM to DEFONEOS via the MCP (Model Context Protocol) federation. This is the native integration β€” your agent discovers and calls DEFONEOS tools the same way it calls any MCP server.

Python β€” Connect to DEFONEOS MCP Federation

# Install the SDK
pip install defoneos-sdk[python]

# Connect to the federation
from defoneos_sdk import DefoneosClient

client = DefoneosClient(
    endpoint="https://your-defoneos.example.com/mcp",
    auth_token="your-oauth2-token",  # OAuth2 JWT Ed25519
)

# Discover available tools (30 MCPs Γ— multiple tools each)
tools = client.discover_tools()
print(f"Available tools: {len(tools)}")
# β†’ Available tools: 142

# Call a sensor fusion tool
result = client.call("defoneos-fusion-mcp", "fuse_isr_feed", {
    "sources": ["sentinel2", "ais", "rtsp_cam_1"],
    "bbox": [-1.5, 53.7, -1.2, 53.9"],  # Yorkshire
    "time_window": "PT1H",
})
print(result.fused_track_count)  # β†’ 47 tracks

# Subscribe to SIGIL audit events
for event in client.stream("sigil.events", filter={"action": "drone_command"}):
    print(f"[SIGIL] {event.actor} β†’ {event.action}: {event.digest[:16]}...")

TypeScript β€” Connect with OAuth2

// npm install @defoneos/sdk
import { DefoneosClient } from '@defoneos/sdk';

const client = new DefoneosClient({
  endpoint: 'https://your-defoneos.example.com/mcp',
  auth: {
    type: 'oauth2',
    clientId: process.env.DEFONEOS_CLIENT_ID,
    clientSecret: process.env.DEFONEOS_CLIENT_SECRET,
    scopes: ['fusion:read', 'swarm:command', 'sigil:audit'],
  },
});

// List all MCP servers in the federation
const servers = await client.listServers();
console.log(`Federation: ${servers.length} MCP servers online`);

// Command a drone swarm (requires swarm:command scope)
const mission = await client.call('defoneos-swarm-mcp', 'launch_patrol', {
  drones: ['drone-01', 'drone-02', 'drone-03'],
  pattern: 'grid_search',
  area: { lat: 53.8, lng: -1.3, radius_km: 5 },
  altitude_m: 120,
  sigil_audit: true,  // Every command logged to SIGIL chain
});

🌐 Path 2: REST API

The REST API exposes all DEFONEOS capabilities over standard HTTP/2. Use this for web dashboards, third-party system integration, and non-AI workloads.

Authentication

# Step 1: Get OAuth2 token
curl -X POST https://your-defoneos.example.com/auth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials" \
  -d "client_id=$CLIENT_ID" \
  -d "client_secret=$CLIENT_SECRET" \
  -d "scope=fusion:read swarm:command sigil:audit"

# Response:
# {"access_token":"eyJ...","token_type":"Bearer","expires_in":3600}

# Step 2: Use token for API calls
curl https://your-defoneos.example.com/api/v1/fusion/tracks \
  -H "Authorization: Bearer eyJ..." \
  -H "Accept: application/json"

Key REST Endpoints

MethodEndpointDescriptionScope Required
GET/api/v1/fusion/tracksGet fused ISR tracks (current or historical)fusion:read
POST/api/v1/fusion/ingestIngest sensor data (satellite, AIS, camera, RSS)fusion:write
POST/api/v1/swarm/launchLaunch a drone swarm missionswarm:command
GET/api/v1/swarm/status/{mission_id}Get swarm mission status + telemetryswarm:read
POST/api/v1/c2/cotSend a Cursor-on-Target (CoT) eventc2:write
GET/api/v1/sigil/chainQuery the SIGIL audit chainsigil:audit
POST/api/v1/sigil/verifyVerify SIGIL chain integrity (re-compute hashes)sigil:audit
GET/api/v1/governance/proposalsList BFT council proposalsgovernance:read
POST/api/v1/governance/voteCast a BFT council votegovernance:vote
GET/api/v1/mcp/serversList all MCP servers in the federationmcp:read
POST/api/v1/mcp/callCall any MCP tool (JSON-RPC bridge)mcp:call
POST/api/v1/yolov8/detectRun YOLOv8 object detection on an imagevision:read
POST/api/v1/jsp936/generateGenerate a JSP 936 compliance documentcompliance:write
GET/api/v1/cesium/sceneGet Cesium 3D COP scene state (GeoJSON)cop:read
…73 more endpoints β€” see full API reference

Rate Limits

TierRequests/minBurstConcurrent StreamsPrice
Citizen (Free)601002Β£0
Partner6001,00010Β£499/mo
Government6,00010,00050Β£2,499/mo
Sovereign (On-prem)UnlimitedUnlimitedUnlimitedΒ£9,999+/mo

πŸ“‘ Path 3: WebSocket Real-Time Streams

Subscribe to real-time event streams for live updates β€” SIGIL events, drone telemetry, alerts, and fusion track changes.

Python WebSocket Client

import websockets
import asyncio
import json

async def defoneos_stream():
    uri = "wss://your-defoneos.example.com/ws/v1/stream"
    async with websockets.connect(
        uri,
        extra_headers={"Authorization": f"Bearer {token}"}
    ) as ws:
        # Subscribe to channels
        await ws.send(json.dumps({
            "action": "subscribe",
            "channels": ["sigil.events", "fusion.tracks", "swarm.telemetry", "alerts.critical"]
        }))

        async for message in ws:
            event = json.loads(message)
            if event["channel"] == "alerts.critical":
                print(f"🚨 ALERT: {event['data']['title']}")
            elif event["channel"] == "sigil.events":
                print(f"[SIGIL] {event['data']['digest'][:16]} {event['data']['action']}")

asyncio.run(defoneos_stream())

Available WebSocket Channels

ChannelEventsFormatTypical Rate
sigil.eventsSIGIL chain emissions (all actions)JSON1-50/sec
fusion.tracksFused track create/update/deleteGeoJSON10-500/sec
swarm.telemetryDrone position, battery, statusProtobuf1-10Hz per drone
alerts.criticalCritical alerts (geofence, low battery, threat)JSONEvent-driven
c2.cotCursor-on-Target events (TAK compatible)CoT XML1-100/sec
governance.votesBFT council proposal + vote eventsJSONEvent-driven

πŸ›°οΈ Path 4: C2 Bridge (TAK/FreeTAKServer)

DEFONEOS includes a native C2 bridge that speaks the TAK protocol β€” making it compatible with ATAK, WinTAK, iTAK, and FreeTAKServer out of the box.

Architecture

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”     CoT XML      β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    MCP JSON-RPC   β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  ATAK Client β”‚ ←──────────────→ β”‚ FreeTAKServerβ”‚ ←───────────────→ β”‚  DEFONEOS    β”‚
β”‚  (Android)   β”‚    (TAK Proto)   β”‚   (Bridge)   β”‚  (Bidirectional)  β”‚  MCP Suite   β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                   β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
       ↑                                                                ↑
       β”‚ CoT display                                                    β”‚ ISR Fusion
       β”‚ (tracks, alerts)                                               β”‚ Swarm control
       β”‚                                                                β”‚ SIGIL audit
β”Œβ”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”                                                  β”Œβ”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”
β”‚  ATAK User  β”‚                                                  β”‚  Cesium COP β”‚
β”‚  (Operator) β”‚                                                  β”‚  (3D Map)   β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                                                  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Configure FreeTAKServer β†’ DEFONEOS Bridge

# /opt/freetakserver/config/defoneos_bridge.yml
defoneos:
  endpoint: "https://your-defoneos.example.com/mcp"
  auth_token: "${DEFONEOS_TOKEN}"
  
  # Routes: which CoT types to forward to DEFONEOS
  cot_routes:
    - type: "a-f-A"          # Friendly air track
      forward_to: "defoneos-fusion-mcp.ingest_cot"
    - type: "a-h-A"          # Friendly ground track
      forward_to: "defoneos-fusion-mcp.ingest_cot"
    - type: "b-m-r"          # Emergency alert
      forward_to: "defoneos-sigil-mcp.emit_alert"
  
  # Reverse: DEFONEOS fusion tracks β†’ CoT for ATAK display
  fusion_to_cot:
    enabled: true
    min_confidence: 0.7
    cot_type_template: "a-f-A-C-M"  # Friend, Air, Combat, Manual
    sigil_signed: true            # Attach SIGIL digest to each CoT

πŸ”— Path 5: SIGIL Chain Sync (Inter-Organisational Audit)

For multi-organisation deployments (e.g., joint operations, coalition partners), DEFONEOS supports SIGIL chain synchronisation β€” allowing each party to maintain a verifiable, tamper-evident audit trail.

Python β€” SIGIL Chain Subscriber

from defoneos_sdk import SigilSync

# Connect to partner's SIGIL chain as read-only auditor
partner_chain = SigilSync(
    endpoint="https://partner-defoneos.example.com/api/v1/sigil",
    auth_token="coalition-audit-token",
    mode="read_only",  # We can verify, not write
)

# Verify the entire chain integrity
report = partner_chain.verify_chain()
print(f"Chain entries: {report.entry_count}")
print(f"Hash chain valid: {report.hash_chain_valid}")
print(f"Signatures valid: {report.signatures_valid}")
print(f"Tamper detected: {report.tamper_detected}")

# Subscribe to new SIGIL events (live audit feed)
async for entry in partner_chain.stream():
    # Verify each new entry's signature independently
    assert entry.verify_signature(), "Invalid signature!"
    assert entry.verify_hash_link(), "Hash chain broken!"
    log_audit(entry)

SIGIL Entry Structure

{
  "seq": 47823,
  "timestamp": "2026-07-06T07:45:01.234Z",
  "actor": "swarm-mcp",
  "action": "launch_patrol",
  "payload_hash": "sha256:a1b2c3...",
  "prev_digest": "sha256:9z8y7...",
  "digest": "sha256:e5d4f3...",
  "signature": "ed25519:8b7a6...",
  "signing_key": "ed25519:pub:11a2b..."
}

βš™οΈ Environment Setup Checklist

StepActionCommand / ConfigVerified
1Install DEFONEOS SDKpip install defoneos-sdk[python] or npm i @defoneos/sdkβœ…
2Request OAuth2 credentialsFrom DEFONEOS admin console β†’ API Keysβœ…
3Set environment variablesDEFONEOS_ENDPOINT, DEFONEOS_CLIENT_ID, DEFONEOS_CLIENT_SECRETβœ…
4Test connectivitypython -c "from defoneos_sdk import DefoneosClient; c=DefoneosClient(); print(c.health())"βœ…
5Verify SIGIL chain read accesscurl -H "Authorization: Bearer $TOKEN" $ENDPOINT/api/v1/sigil/chain?limit=1βœ…
6Test MCP tool discoveryclient.discover_tools() β†’ should return 142+ toolsβœ…
7Subscribe to alert stream (if real-time needed)WebSocket connect + subscribe to alerts.criticalβœ…
8Configure SIGIL audit logging (compliance)Enable sigil_audit: true on all write callsβœ…

🀝 Partner Onboarding Process

PhaseDurationActivitiesOutput
1. Discovery1 weekUse case workshop, data flow mapping, security reviewIntegration plan
2. Sandbox2 weeksSandbox credentials, test data, SDK setup, proof-of-conceptWorking POC
3. Integration2-4 weeksProduction OAuth2, webhook setup, C2 bridge (if needed), SIGIL syncIntegrated system
4. Security Audit1 weekPen test review, scope verification, SIGIL chain auditSecurity sign-off
5. ProductionOngoingGo-live, monitoring, SLA activation, quarterly reviewLive operational