REST Endpoints

All endpoints verified at commit 4b572c2. Organized by service and route group.

API Gateway — Public Authentication

File: services/api-gateway/src/routes/auth.ts

Method Path Rate Limit Description
POST /api/public/signup 3/min per IP Create tenant + user from invite token
POST /api/public/signin 5/min per IP Authenticate by email + password
POST /api/public/refresh Exchange refresh token for new access token
POST /api/public/forgot-password 3/min per IP Request password reset token
POST /api/public/reset-password Reset password using token
POST /api/public/verify-email Verify email address
POST /api/public/resend-verification Auth Resend verification email
POST /api/public/mfa/setup Auth Generate TOTP secret for enrollment
POST /api/public/mfa/verify-setup Auth Confirm MFA enrollment
POST /api/public/mfa/verify 5/min per IP Complete MFA signin
POST /api/public/oauth/google Exchange Google OAuth credential

API Gateway — Authenticated Routes

Tenant and Feature Routes

Method Path Auth Description
GET /api/v1/tenants/me API Key/JWT Get authenticated tenant metadata
GET /api/v1/ping API Key/JWT Gateway ping (validates auth + tenant)
GET /api/v1/features API Key/JWT List feature flags for tenant

Subscription Routes

File: services/api-gateway/src/routes/subscription.ts

Method Path Auth Description
GET /api/v1/subscription/current API Key/JWT Current subscription + usage
GET /api/v1/subscription/available-tiers API Key/JWT Available upgrade tiers
POST /api/v1/subscription/request-upgrade API Key/JWT Request tier upgrade
GET /api/v1/subscription/usage/current API Key/JWT Current month usage detail

Audit Routes

File: services/api-gateway/src/routes/audit.ts

Method Path Auth Scope Description
GET /api/v1/audit/logs API Key/JWT audit:read Query logs with filters
GET /api/v1/audit/logs/:logId API Key/JWT audit:read Get single log entry
GET /api/v1/audit/entities/:entityType/:entityId API Key/JWT audit:read Entity change history
GET /api/v1/audit/customers/:customerId API Key/JWT audit:read Customer audit trail
GET /api/v1/audit/retention API Key/JWT audit:read View retention policy
GET /api/v1/audit/stats API Key/JWT audit:read Audit statistics

Screening Routes (Experimental)

File: services/api-gateway/src/routes/screening.ts

Method Path Auth Description
POST /api/v1/screening/sanctions API Key/JWT Screen entity against OpenSanctions (yente)
GET /api/v1/screening/sanctions/health API Key/JWT Check yente service health

Contact Submissions

File: services/api-gateway/src/routes/contact-submissions.ts

Method Path Auth Description
POST /api/contact None Submit contact form (public)
GET /api/contact API Key/JWT List submissions
PATCH /api/contact/:id API Key/JWT Update submission status

Chat Support

Method Path Auth Description
POST /api/v1/chat/support API Key/JWT Conversational support agent

API Gateway — Admin Routes

File: services/api-gateway/src/routes/admin.ts

All admin routes require authentication plus admin role.

Tenant Administration

Method Path Idempotent Description
POST /api/v1/admin/tenants Yes Create tenant with auto-onboarding
POST /api/v1/admin/regulators Yes Provision regulator account (time-bounded)
GET /api/v1/admin/regulators List regulator accounts

Token and Cache Management

Method Path Description
POST /api/v1/admin/revoke-user-tokens Force-revoke all user tokens
POST /api/v1/admin/cache/invalidate Clear feature-flag + circuit-breaker caches

Feature Flag Administration

Method Path Description
GET /api/v1/admin/feature-flags List all flags for tenant
PATCH /api/v1/admin/feature-flags/:featureKey Update flag state
POST /api/v1/admin/features/:featureKey/kill Global kill switch
POST /api/v1/admin/features/:featureKey/restore Restore killed feature

GDPR Endpoints

Method Path Idempotent Description
POST /api/v1/admin/gdpr/erase-customer/:customerId Yes Art. 17 permanent erasure
GET /api/v1/admin/gdpr/erasure-logs Erasure audit trail
GET /api/v1/admin/gdpr/export/:customerId Art. 15 data export (SAR)
POST /api/v1/admin/gdpr/dsr Yes Create Data Subject Request
GET /api/v1/admin/gdpr/dsr List DSRs (filterable)
PATCH /api/v1/admin/gdpr/dsr/:id Update DSR status
POST /api/v1/admin/gdpr/dsr/:id/process Yes Auto-process DSR

Invite Token Management

File: services/api-gateway/src/routes/invite-tokens.ts

Method Path Description
POST /api/v1/admin/invite-tokens Generate invite token
GET /api/v1/admin/invite-tokens List invite tokens
DELETE /api/v1/admin/invite-tokens/:id Revoke invite token

Subscription Administration

File: services/api-gateway/src/routes/subscription-admin.ts

Method Path Description
GET /api/v1/admin/subscriptions/tiers List all tiers
GET /api/v1/admin/subscriptions/:tenantId Get tenant subscription
POST /api/v1/admin/subscriptions/create-signup-link Generate custom signup link
POST /api/v1/admin/subscriptions/:tenantId/update-tier Change tenant tier
GET /api/v1/admin/subscriptions/upgrade-requests List pending upgrades
POST /api/v1/admin/subscriptions/upgrade-requests/:requestId/process Approve/reject upgrade

Unified Data Service

File: services/unified-data-service/src/

Method Path Auth Description
GET /api/v1/ping None Service health
GET /api/v1/connectors None List available connectors
GET /api/v1/sync/status HMAC/Auth Get sync status
GET /api/v1/sync/job/:syncId HMAC/Auth Poll sync job status
POST /api/v1/sync/:connectorType HMAC/Auth Start data sync (202 Accepted)
GET /api/v1/customers HMAC/Auth List customers (paginated)
GET /api/v1/customers/:id HMAC/Auth Get single customer
GET /api/v1/accounts HMAC/Auth List accounts
GET /api/v1/transactions HMAC/Auth List transactions
POST /api/v1/import/upload HMAC/Auth Upload CSV file
POST /api/v1/import/:id/start HMAC/Auth Start CSV processing
GET /api/v1/import/:id HMAC/Auth Get import job status
GET /api/v1/import HMAC/Auth List import jobs
POST /api/v1/demo/seed Admin Seed demo data
POST /api/v1/demo/reset Admin Reset tenant data (dev only)

Agent Orchestrator

File: services/agent-orchestrator/src/routes.ts

Method Path Scope Description
GET /api/v1/agent/health None Health check
GET /api/v1/agent/tools execute:agent List available tools
GET /api/v1/agent/tools/:name execute:agent Get tool definition
POST /api/v1/agent/tasks execute:agent Create task (async)
POST /api/v1/agent/tasks/execute execute:agent Create + execute (sync)
GET /api/v1/agent/tasks/active execute:agent List active tasks
GET /api/v1/agent/tasks/:taskId/status execute:agent Get task status
POST /api/v1/agent/tasks/:taskId/cancel execute:agent Cancel task
GET /api/v1/agent/config execute:agent Get orchestrator config
PATCH /api/v1/agent/config admin:tenant Update config
GET /api/v1/agent/templates execute:agent List task templates
POST /api/v1/agent/agentic Auth ReAct agentic loop

AI Copilot Routes

File: services/agent-orchestrator/src/copilot-routes.ts

Method Path Scope Description
POST /api/v1/agents/case-copilot execute:agent AI case analysis
POST /api/v1/agents/workflow-builder execute:agent AI workflow generation
GET /api/v1/agents/runs execute:agent List agent runs
POST /api/v1/agents/runs/:runId/feedback execute:agent Submit run feedback

Insights Service

File: services/insights-service/src/routes/chat.ts

Method Path Auth Description
POST /api/v1/chat/analyst HMAC/Auth Financial analyst AI (BHI, risk, NBA context)

Additional insights endpoints (/api/v1/bhi, /api/v1/nba, /api/v1/risk, /api/v1/saas) are proxied through the API Gateway.

Health Endpoints (All Services)

Service Endpoint Port
API Gateway GET /health, GET /health/ready 8080
Insights Service GET /health 3005
Unified Data Service GET /health 4001
Workflow Engine GET /health 8080
Agent Orchestrator GET /api/v1/agent/health 8080
Sanitization Service GET /health 3004
ML Service GET /health, GET /ready 8080

All health endpoints are unauthenticated.

Implemented across all services at commit 4b572c2.

results matching ""

    No results matching ""