{ "openapi": "3.1.0", "info": { "title": "NessyAPI", "description": "# NessyAPI — Clinical Decision Support API\n\nA B2B clinical triage engine accessed via HTTPS and authenticated with Bearer\nAPI keys. Create sessions, drive Q&A flows, and receive structured triage and\ndifferential-diagnosis output. This document covers the cross-cutting conventions\nevery integrator needs: authentication, pagination, errors, idempotency, rate\nlimits, webhooks, and pricing. Per-endpoint schemas are in the reference below.\n\n## Authentication\n\nAll requests require an API key supplied in the `Authorization` header:\n\n```\nAuthorization: Bearer nsy_live_XXXXXXXXXXXXXXXXXXXXXXXXXX\n```\n\nTwo key prefixes are recognised:\n\n| Prefix | Billing | Intended use |\n|--------------|-----------------------|---------------------------------------|\n| `nsy_test_` | No billing, sandbox | CI, staging, QA, local development |\n| `nsy_live_` | Billable, production | Production traffic from paying users |\n\nEach key carries a set of **scopes** enforced per request:\n\n- `sessions:read` — list, read, and export sessions\n- `sessions:write` — create, answer, route, and finalize sessions\n- `patients:read` — read patient profiles and per-patient history\n- `patients:write` — create, update, and delete patient profiles\n- `webhooks:read` — list webhook subscriptions and delivery history\n- `webhooks:write` — create, rotate, test, and delete webhook subscriptions\n- `admin:read` — read tenant stats, audit log, keys, tiers, usage\n- `admin:write` — create keys, change tier, update settings\n\nCookie-based auth (`nessy_session`) is also supported for the first-party\ndashboard only; all B2B integrations should use Bearer keys.\n\n## Pagination\n\nList endpoints (sessions, audit log, keys, deliveries) accept `limit` and\n`offset` query parameters. Defaults are `limit=50, offset=0`; the maximum\n`limit` is **200**. Responses include `total`, `limit`, `offset`, and the\ndata array so clients can build stable pagers.\n\n## Error envelope\n\nEvery error response — regardless of status code — uses one consistent shape:\n\n```json\n{\n \"error\": {\n \"code\": \"validation_error\",\n \"message\": \"Request body failed validation\",\n \"request_id\": \"b3c4e8a1-2d1f-4e0c-9d6b-6a1d2e3f4a5b\",\n \"detail\": { \"field_errors\": [ ... ] }\n }\n}\n```\n\nThe `code` field maps directly from HTTP status:\n\n| Status | `code` |\n|--------|------------------------|\n| 400 | `bad_request` |\n| 401 | `unauthorized` |\n| 403 | `forbidden` |\n| 404 | `not_found` |\n| 409 | `conflict` |\n| 422 | `validation_error` |\n| 429 | `rate_limited` |\n| 500 | `internal_server_error`|\n| 503 | `service_unavailable` |\n\n`request_id` is echoed from the `X-Request-ID` request header (or generated\nserver-side) and is the single correlation key you should quote when filing\nsupport tickets.\n\n## Idempotency\n\nMutating POST endpoints (notably `POST /v1/sessions` and its answer/route/\nfinalize children) accept an `Idempotency-Key` header. Keys are scoped to the\nauthenticated tenant and cached for **24 hours**. Replaying a request with the\nsame key + tenant returns the cached response unchanged and sets the header\n`Idempotency-Replayed: true` on the response. Use a fresh UUIDv4 per logical\naction on the client side.\n\n## Rate limits\n\nPer-API-key rate limits are enforced in a 1-minute rolling window and surfaced\non every response via:\n\n- `X-RateLimit-Limit` — permitted requests per window\n- `X-RateLimit-Remaining` — requests left in the current window\n- `X-RateLimit-Reset` — unix epoch seconds at which the window resets\n- `Retry-After` (on 429 only) — seconds the client should wait\n\nExceeding the limit returns `429 Rate Limited` with the unified error envelope:\n\n```json\n{\n \"error\": {\n \"code\": \"rate_limited\",\n \"message\": \"Rate limit of 60 requests/minute exceeded.\",\n \"request_id\": \"...\",\n \"detail\": { \"retry_after\": 42, \"limit\": 60 }\n }\n}\n```\n\nDefault limits by tier: free_trial 10 rpm, starter 30 rpm, growth 60 rpm,\nscale 120 rpm, enterprise 300 rpm. Per-key overrides may set stricter limits.\n\n## Webhooks\n\nWebhook subscriptions deliver events over HTTPS POST with an HMAC SHA-256\nsignature computed over `\"{timestamp}.{body}\"` using the subscription's\nsigning secret, encoded as lowercase hex. Two headers accompany every delivery:\n\n- `X-NessyAPI-Signature-256: `\n- `X-NessyAPI-Timestamp: `\n\nReceivers should reject any delivery whose timestamp is more than **5 minutes**\nskewed from now (replay protection), and must compute the expected signature\nwith a constant-time comparison.\n\nAvailable event types:\n\n- `session.created`\n- `session.answered`\n- `session.finalized`\n- `assessment.completed`\n- `red_flag.detected`\n- `triage.escalated`\n- `session.timeout`\n- `balance.low_20`\n- `balance.low_10`\n- `balance.depleted`\n\nUse `POST /v1/admin/webhooks/{id}/test` to fire a synthetic delivery against\nthe configured URL; the response includes `status_code`, `latency_ms`, and any\nerror returned by the receiver.\n\n## Pricing tiers\n\n| Tier | $/month | Tokens included | Concurrent | Keys | rpm | SLA |\n|--------------|---------:|----------------:|-----------:|-----:|-----:|-------:|\n| free_trial | $0 | 1 000 | 5 | 2 | 10 | — |\n| starter | $300 | 10 000 | 20 | 5 | 30 | 99% |\n| growth | $1 300 | 50 000 | 50 | 10 | 60 | 99.5% |\n| scale | $5 750 | 250 000 | 200 | 25 | 120 | — |\n| enterprise | $20 000 | 1 000 000 | 1 000 | 100 | 300 | 99.9% |\n\n## Per-endpoint token cost\n\n| Endpoint | Tokens charged |\n|---------------------------------------------------|---------------:|\n| `POST /v1/sessions` (create) | 1 |\n| `POST /v1/sessions/{id}/route` | 5 |\n| `POST /v1/sessions/{id}/answer` | 8 |\n| `POST /v1/sessions/{id}/answer` (skipped) | 0 |\n| `POST /v1/sessions/{id}/finalize` | 0 |\n| `GET /v1/sessions/{id}/results` | 0 |\n| `GET /v1/sessions/{id}/state` | 0 |\n| Any `/v1/admin/*` or `/v1/patients/*` endpoint | 0 |\n\nAll charged responses also carry the header\n`X-NessyAPI-Tokens-Charged: ` so clients can reconcile cost per call\nwithout parsing the body.", "version": "0.2.0" }, "paths": { "/v1/sessions": { "get": { "tags": [ "Sessions", "Admin" ], "summary": "List Sessions", "description": "List sessions for this tenant — merges active (Redis) with finalized (PG).", "operationId": "list_sessions_v1_sessions_get", "parameters": [ { "name": "status", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "Filter: active, finalized", "title": "Status" }, "description": "Filter: active, finalized" }, { "name": "patient_id", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "Filter by partner_patient_id", "title": "Patient Id" }, "description": "Filter by partner_patient_id" }, { "name": "chief_complaint", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "Filter by chief complaint", "title": "Chief Complaint" }, "description": "Filter by chief complaint" }, { "name": "date_from", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "ISO date, e.g. 2026-01-01", "title": "Date From" }, "description": "ISO date, e.g. 2026-01-01" }, { "name": "date_to", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "ISO date, e.g. 2026-12-31", "title": "Date To" }, "description": "ISO date, e.g. 2026-12-31" }, { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 200, "minimum": 1, "default": 50, "title": "Limit" } }, { "name": "offset", "in": "query", "required": false, "schema": { "type": "integer", "minimum": 0, "default": 0, "title": "Offset" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } }, "post": { "tags": [ "Sessions" ], "summary": "Create Session", "description": "Create a new clinical anamnesis session.", "operationId": "create_session_v1_sessions_post", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateSessionRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/export": { "get": { "tags": [ "Sessions", "Admin" ], "summary": "Export Session", "description": "Export a complete session record (decrypted) including all clinical data.", "operationId": "export_session_v1_sessions__session_id__export_get", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/stats": { "get": { "tags": [ "Sessions", "Admin" ], "summary": "Tenant Stats", "description": "Get aggregated statistics for this tenant.", "operationId": "tenant_stats_v1_admin_stats_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/admin/export": { "post": { "tags": [ "Sessions", "Admin" ], "summary": "Bulk Export", "description": "Bulk export completed sessions as JSON for compliance/reporting.", "operationId": "bulk_export_v1_admin_export_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/BulkExportRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/audit-log": { "get": { "tags": [ "Sessions", "Admin" ], "summary": "Audit Log", "description": "List audit events for this tenant.", "operationId": "audit_log_v1_admin_audit_log_get", "parameters": [ { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 200, "minimum": 1, "default": 50, "title": "Limit" } }, { "name": "offset", "in": "query", "required": false, "schema": { "type": "integer", "minimum": 0, "default": 0, "title": "Offset" } }, { "name": "action", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "Filter by action, e.g. auth.login", "title": "Action" }, "description": "Filter by action, e.g. auth.login" }, { "name": "date_from", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Date From" } }, { "name": "date_to", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Date To" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/rate-limit": { "get": { "tags": [ "Sessions", "Admin" ], "summary": "Rate Limit Status", "description": "Get current rate limit status for this tenant's API key.\n\nT2.9 — No scope required. Any authenticated API key can query its own\ncurrent bucket so partner UIs can show \"requests remaining\" indicators\nwithout giving their client-side code `admin:read`.", "operationId": "rate_limit_status_v1_admin_rate_limit_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/sessions/{session_id}/state": { "get": { "tags": [ "Sessions" ], "summary": "Get Session State", "description": "Get current session state (lightweight, no differentials).", "operationId": "get_session_state_v1_sessions__session_id__state_get", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SessionStateResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/route": { "post": { "tags": [ "Routing" ], "summary": "Route Session", "description": "Route free-text description to clinical branch within an existing session.\n\nUses embedding pre-filter + GPT-4o structured routing.\nEnriches the session with diagnosis hints and initial fields.", "operationId": "route_session_v1_sessions__session_id__route_post", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RouteRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RouteResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/answer": { "post": { "tags": [ "Sessions" ], "summary": "Submit Answer", "description": "Submit a patient answer to the current question.\n\nIf raw_text is provided and extracted_fields is empty, server-side\nNLP extraction (Azure OpenAI) populates fields and flags automatically.\nClient-provided fields always take priority over NLP.", "operationId": "submit_answer_v1_sessions__session_id__answer_post", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AnswerRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/results": { "get": { "tags": [ "Sessions" ], "summary": "Get Results", "description": "Get current differential diagnoses, triage level, and red flags.\n\nThis endpoint is FREE (0 tokens) and can be called at any point\nduring the session — not just after finalization.", "operationId": "get_results_v1_sessions__session_id__results_get", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ResultsResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/finalize": { "post": { "tags": [ "Sessions" ], "summary": "Finalize Session", "description": "Finalize the assessment session.\n\nTriggers final scoring, generates complete clinical summary,\nand marks the session as read-only. Emits assessment.completed webhook.", "operationId": "finalize_session_v1_sessions__session_id__finalize_post", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/auth": { "post": { "tags": [ "Admin" ], "summary": "Dashboard Login", "description": "Exchange API key for httpOnly JWT session cookie.\n\nHardened 2026-04-16 per code review — previously this endpoint:\n - had no rate limiting (brute-force oracle for API keys)\n - minted a JWT without ``jti`` so logout revocation silently no-op'd\n - set ``nessy_session`` cookie without the companion ``nessy_csrf``,\n so the client's next mutating call hit ``_verify_csrf`` and failed\n\nFix: per-IP + per-key-hash rate limit, ``jti``, CSRF cookie companion.", "operationId": "dashboard_login_v1_admin_auth_post", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/admin/auth/logout": { "post": { "tags": [ "Admin" ], "summary": "Dashboard Logout", "description": "Clear httpOnly session cookie + CSRF cookie; blacklist JWT jti.", "operationId": "dashboard_logout_v1_admin_auth_logout_post", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/admin/keys": { "get": { "tags": [ "Admin" ], "summary": "List Keys", "description": "List all active API keys for this tenant.", "operationId": "list_keys_v1_admin_keys_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "items": { "$ref": "#/components/schemas/ApiKeyResponse" }, "type": "array", "title": "Response List Keys V1 Admin Keys Get" } } } } } }, "post": { "tags": [ "Admin" ], "summary": "Create Key", "description": "Create a new API key for this tenant.\n\nThe raw key is returned ONCE in the response. Store it securely.\n\nSupports `Idempotency-Key` header (24h TTL). On replay, the cached\nresponse — including the `raw_key` — is returned verbatim so clients\nsafely retrying transient 5xxs don't end up with N keys they never\nsaw. Non-2xx responses are never cached.", "operationId": "create_key_v1_admin_keys_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateApiKeyRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ApiKeyCreatedResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/keys/{key_id}/rotate": { "post": { "tags": [ "Admin" ], "summary": "Rotate Key", "description": "Rotate an API key — generates a new key with the same scopes/rate_limit, revokes the old one.\n\nThe new raw key is returned ONCE in the response. Store it securely.\n\nSupports `Idempotency-Key` header (24h TTL). Retrying the same\nidempotency key returns the same response body (including `raw_key`)\nrather than minting a second new key and revoking the rotated one\ntwice.", "operationId": "rotate_key_v1_admin_keys__key_id__rotate_post", "parameters": [ { "name": "key_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Key Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ApiKeyCreatedResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/keys/{key_id}": { "patch": { "tags": [ "Admin" ], "summary": "Update Key", "description": "Update mutable fields of an API key: name, scopes, rate_limit_rpm.\n\nImmutable fields (key_prefix, test/live, the secret itself) require\nrotation instead. Scope escalation is prevented: the caller can only\ngrant scopes they themselves hold.", "operationId": "update_key_v1_admin_keys__key_id__patch", "parameters": [ { "name": "key_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Key Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UpdateApiKeyRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ApiKeyResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } }, "delete": { "tags": [ "Admin" ], "summary": "Delete Key", "description": "Revoke an API key.", "operationId": "delete_key_v1_admin_keys__key_id__delete", "parameters": [ { "name": "key_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Key Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Delete Key V1 Admin Keys Key Id Delete" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/balance": { "get": { "tags": [ "Admin" ], "summary": "Get Balance Endpoint", "description": "Get current token balance.", "operationId": "get_balance_endpoint_v1_admin_balance_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/BalanceResponse" } } } } } } }, "/v1/admin/usage": { "get": { "tags": [ "Admin" ], "summary": "Get Usage", "description": "Get aggregated token usage for the last N days.", "operationId": "get_usage_v1_admin_usage_get", "parameters": [ { "name": "days", "in": "query", "required": false, "schema": { "type": "integer", "default": 30, "title": "Days" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UsageResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/usage/details": { "get": { "tags": [ "Admin" ], "summary": "Get Usage Details", "description": "Get individual (non-aggregated) usage records for audit/billing.\n\nReturns up to `limit` records ordered by created_at DESC.\nOptional date filters: from_date/to_date in YYYY-MM-DD format.", "operationId": "get_usage_details_v1_admin_usage_details_get", "parameters": [ { "name": "from_date", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "From Date" } }, { "name": "to_date", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "To Date" } }, { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "default": 100, "title": "Limit" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/UsageDetailRecord" }, "title": "Response Get Usage Details V1 Admin Usage Details Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/usage/summary": { "get": { "tags": [ "Admin" ], "summary": "Get Usage Summary Endpoint", "description": "Per-tenant usage rollup for the dashboard Usage page.\n\nReturns totals, per-route breakdown with latency percentiles (derived\nfrom ``usage_records`` when available; otherwise reported as None),\ntime-bucketed counts for charting, and a balance snapshot series.\n\nPrimary source: ``usage_records`` (append-only ledger, tenant-scoped\nvia RLS). Latency percentiles come from the optional\n``latency_ms`` column if present; when absent the endpoint still\nreturns request/token counts so the chart renders.\n\nScope: ``admin:read``.", "operationId": "get_usage_summary_endpoint_v1_admin_usage_summary_get", "parameters": [ { "name": "range", "in": "query", "required": false, "schema": { "type": "string", "pattern": "^(1h|24h|7d|30d)$", "default": "24h", "title": "Range" } }, { "name": "group_by", "in": "query", "required": false, "schema": { "type": "string", "pattern": "^(route|day|hour)$", "default": "route", "title": "Group By" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Get Usage Summary Endpoint V1 Admin Usage Summary Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/balance/status": { "get": { "tags": [ "Admin" ], "summary": "Balance Status", "description": "Return current balance + threshold context for the low-balance UI.\n\nReads:\n - ``token_balances`` row (balance, initial_balance, lifetime_used, updated_at)\n - ``tenant.tier`` from the auth dependency\n\nDoes NOT consult Redis separately — the balance stored in Postgres is\nthe source of truth; Redis is only a cache for the 402 pre-check hot\npath. If you need the cached value, call ``/v1/admin/balance``.", "operationId": "balance_status_v1_admin_balance_status_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/BalanceStatusResponse" } } } } } } }, "/v1/admin/webhooks": { "get": { "tags": [ "Admin" ], "summary": "List Webhooks", "description": "List all active webhook subscriptions.", "operationId": "list_webhooks_v1_admin_webhooks_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "items": { "additionalProperties": true, "type": "object" }, "type": "array", "title": "Response List Webhooks V1 Admin Webhooks Get" } } } } } }, "post": { "tags": [ "Admin" ], "summary": "Create Webhook", "description": "Create a new webhook subscription.\n\nThe signing secret is returned ONCE. Store it securely.", "operationId": "create_webhook_v1_admin_webhooks_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/CreateWebhookRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Create Webhook V1 Admin Webhooks Post" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/{subscription_id}": { "delete": { "tags": [ "Admin" ], "summary": "Delete Webhook", "description": "Delete a webhook subscription.", "operationId": "delete_webhook_v1_admin_webhooks__subscription_id__delete", "parameters": [ { "name": "subscription_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Subscription Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Delete Webhook V1 Admin Webhooks Subscription Id Delete" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/{subscription_id}/deliveries": { "get": { "tags": [ "Admin" ], "summary": "List Webhook Deliveries", "description": "List delivery history for a webhook subscription.", "operationId": "list_webhook_deliveries_v1_admin_webhooks__subscription_id__deliveries_get", "parameters": [ { "name": "subscription_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Subscription Id" } }, { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "default": 50, "title": "Limit" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "array", "items": { "type": "object", "additionalProperties": true }, "title": "Response List Webhook Deliveries V1 Admin Webhooks Subscription Id Deliveries Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/{subscription_id}/rotate": { "post": { "tags": [ "Admin" ], "summary": "Rotate Webhook Secret", "description": "Rotate webhook signing secret. Old secret valid for 24h grace period.\n\nThe actual encryption + UPDATE lives in\n``nessyapi.webhooks.dispatcher.rotate_webhook_secret`` — this handler is\nonly a tenant-scoped gate before delegating.", "operationId": "rotate_webhook_secret_v1_admin_webhooks__subscription_id__rotate_post", "parameters": [ { "name": "subscription_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Subscription Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Rotate Webhook Secret V1 Admin Webhooks Subscription Id Rotate Post" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/{subscription_id}/test": { "post": { "tags": [ "Admin" ], "summary": "Test Webhook", "description": "Send a test ping to the webhook URL.", "operationId": "test_webhook_v1_admin_webhooks__subscription_id__test_post", "parameters": [ { "name": "subscription_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Subscription Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Test Webhook V1 Admin Webhooks Subscription Id Test Post" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/deliveries": { "get": { "tags": [ "Admin" ], "summary": "List Deliveries", "description": "List recent webhook deliveries for the calling tenant.\n\nDefault filter surfaces the actionable failures (``failed``,\n``dead-lettered``, ``exhausted``) — matching the dashboard's \"show\nme what's broken\" workflow. Pass ``?status=delivered`` for the\nsuccess log.", "operationId": "list_deliveries_v1_admin_webhooks_deliveries_get", "parameters": [ { "name": "subscription_id", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string", "format": "uuid" }, { "type": "null" } ], "title": "Subscription Id" } }, { "name": "status", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "comma-separated status list", "title": "Status" }, "description": "comma-separated status list" }, { "name": "page", "in": "query", "required": false, "schema": { "type": "integer", "minimum": 1, "default": 1, "title": "Page" } }, { "name": "per_page", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 200, "minimum": 1, "default": 50, "title": "Per Page" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response List Deliveries V1 Admin Webhooks Deliveries Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/failures/summary": { "get": { "tags": [ "Admin" ], "summary": "Webhook Failures Summary", "description": "Lightweight counter endpoint for the sidebar badge + top banner.\n\nReturns the number of deliveries in an actionable failure state\nplus the current DLQ length (shared across tenants, admin-only\nvisibility; other tenants see 0).", "operationId": "webhook_failures_summary_v1_admin_webhooks_failures_summary_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Webhook Failures Summary V1 Admin Webhooks Failures Summary Get" } } } } } } }, "/v1/admin/webhooks/deliveries/{delivery_id}": { "get": { "tags": [ "Admin" ], "summary": "Get Delivery Detail", "description": "Full delivery detail including payload. Use for the detail modal.", "operationId": "get_delivery_detail_v1_admin_webhooks_deliveries__delivery_id__get", "parameters": [ { "name": "delivery_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Delivery Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Get Delivery Detail V1 Admin Webhooks Deliveries Delivery Id Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/deliveries/{delivery_id}/replay": { "post": { "tags": [ "Admin" ], "summary": "Replay Delivery", "description": "Manually retry a failed / dead-lettered delivery.\n\nResets ``next_retry_at = now()`` so the periodic retry worker picks\nthe row up on its next tick (≤ 30 s). Does NOT re-enqueue via\nXADD — that would bypass the per-subscription lock and produce a\nnew ``delivery_id`` (Guardian invariant §10).", "operationId": "replay_delivery_v1_admin_webhooks_deliveries__delivery_id__replay_post", "parameters": [ { "name": "delivery_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Delivery Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Replay Delivery V1 Admin Webhooks Deliveries Delivery Id Replay Post" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/deliveries/{delivery_id}/resolve": { "post": { "tags": [ "Admin" ], "summary": "Resolve Delivery", "description": "Mark a permanently-failed delivery as acknowledged.\n\nThe row is preserved for audit. Body: ``{\"reason\": \"...\"}`` — the\nnote is stored verbatim (trimmed to 500 chars) so operators can\ngrep it later.", "operationId": "resolve_delivery_v1_admin_webhooks_deliveries__delivery_id__resolve_post", "parameters": [ { "name": "delivery_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Delivery Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Body" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Resolve Delivery V1 Admin Webhooks Deliveries Delivery Id Resolve Post" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/dlq": { "get": { "tags": [ "Admin" ], "summary": "List Dlq", "description": "Read the DLQ stream via ``XRANGE``. Admin scope required.\n\nThe DLQ is a shared (cross-tenant) Redis stream. Visibility is\ngated behind ``admin:write`` so only operators see other tenants'\nentries — no cross-tenant leak from the partner UI.", "operationId": "list_dlq_v1_admin_webhooks_dlq_get", "parameters": [ { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 500, "minimum": 1, "default": 50, "title": "Limit" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response List Dlq V1 Admin Webhooks Dlq Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/webhooks/dlq/replay-all": { "post": { "tags": [ "Admin" ], "summary": "Replay All Dlq", "description": "Drain the DLQ stream back into the main stream.\n\nEach entry is XADDed to ``nessy:webhooks`` with its original\nenvelope (minus the DLQ metadata) so the webhook consumer picks it\nup on the next loop. The DLQ is cleared on success.\n\nRequires ``{\"confirm\": true}`` in the body to reduce the risk of\naccidental drainage.", "operationId": "replay_all_dlq_v1_admin_webhooks_dlq_replay_all_post", "requestBody": { "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Body" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Replay All Dlq V1 Admin Webhooks Dlq Replay All Post" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/tier": { "get": { "tags": [ "Admin" ], "summary": "Get Tenant Tier", "description": "Get current tier with all configuration details.", "operationId": "get_tenant_tier_v1_admin_tier_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Get Tenant Tier V1 Admin Tier Get" } } } } } }, "put": { "tags": [ "Admin" ], "summary": "Change Tier", "description": "Change tenant tier (upgrade or downgrade).\n\nRate limits for existing API keys stay at their per-key values.\nNew keys will inherit the new tier's default rate limit.\n\n**DX-020 deprecation (2026-04-23):** `tier` is accepted as a query-string\nparameter for backward-compat with the dashboard's initial\n`PUT /v1/admin/tier?tier=` shape. This is an anti-pattern — PUT\nbodies belong in the JSON request body, not the URL. The query-string\nform will be removed on **2026-07-23** (90-day sunset per RFC 8594).\n\nResponse emits `Deprecation`, `Sunset`, `Link`, and\n`Warning: 299 - \"Use request body instead\"` headers. A new body-based\nalternative (`ChangeTierRequest` model) will ship in a future sprint;\ntrack via `docs/code-review-2026-04-23/findings/features-dx.md` DX-020.", "operationId": "change_tier_v1_admin_tier_put", "parameters": [ { "name": "tier", "in": "query", "required": false, "schema": { "type": "string", "default": "starter", "title": "Tier" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Change Tier V1 Admin Tier Put" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/tiers": { "get": { "tags": [ "Admin" ], "summary": "List Available Tiers", "description": "List all available tiers with their configuration.", "operationId": "list_available_tiers_v1_admin_tiers_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response List Available Tiers V1 Admin Tiers Get" } } } } } } }, "/v1/admin/nlp-settings": { "get": { "tags": [ "Admin" ], "summary": "Get Nlp Settings", "description": "Get NLP fair-use settings for this tenant.", "operationId": "get_nlp_settings_v1_admin_nlp_settings_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Get Nlp Settings V1 Admin Nlp Settings Get" } } } } } }, "put": { "tags": [ "Admin" ], "summary": "Update Nlp Settings", "description": "Update NLP fair-use cutoff.\n\nOnly Growth, Scale, and Enterprise tiers can customize this.\nSet nlp_token_cutoff to 0 to always use NLP (until tokens run out).", "operationId": "update_nlp_settings_v1_admin_nlp_settings_put", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Update Nlp Settings V1 Admin Nlp Settings Put" } } } } } } }, "/v1/admin/audit": { "get": { "tags": [ "Admin" ], "summary": "List Audit Events", "description": "List audit events for the calling tenant.\n\nMax window: ``LIST_MAX_DAYS`` days (use the export endpoint for longer).", "operationId": "list_audit_events_v1_admin_audit_get", "parameters": [ { "name": "from", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "From" } }, { "name": "to", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "To" } }, { "name": "action", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "array", "items": { "type": "string" } }, { "type": "null" } ], "description": "Filter by action (repeatable).", "title": "Action" }, "description": "Filter by action (repeatable)." }, { "name": "actor_id", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "Filter by user_id in metadata.", "title": "Actor Id" }, "description": "Filter by user_id in metadata." }, { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 500, "minimum": 1, "default": 100, "title": "Limit" } }, { "name": "cursor", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Cursor" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response List Audit Events V1 Admin Audit Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/audit/actions": { "get": { "tags": [ "Admin" ], "summary": "List Audit Actions", "description": "Return the distinct ``action`` names this tenant has emitted in the\ntrailing ``days`` window. Drives the dashboard filter dropdown.", "operationId": "list_audit_actions_v1_admin_audit_actions_get", "parameters": [ { "name": "days", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 365, "minimum": 1, "default": 90, "title": "Days" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response List Audit Actions V1 Admin Audit Actions Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/audit/export": { "get": { "tags": [ "Admin" ], "summary": "Export Audit Events", "description": "Stream the full audit trail for a (potentially long) window.\n\nRequires ``admin:write`` scope (stronger than the list endpoint — this\nis considered a data-egress operation).", "operationId": "export_audit_events_v1_admin_audit_export_get", "parameters": [ { "name": "from", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "From" } }, { "name": "to", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "To" } }, { "name": "action", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "array", "items": { "type": "string" } }, { "type": "null" } ], "title": "Action" } }, { "name": "format", "in": "query", "required": false, "schema": { "type": "string", "pattern": "^(csv|ndjson)$", "default": "csv", "title": "Format" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/request-inspector": { "get": { "tags": [ "Admin" ], "summary": "Recent API requests for the current tenant (last 24h, max 100)", "description": "Return the most recent inbound requests for the tenant.\n\nLossy ring buffer with a 24h TTL — see request_inspector.py.", "operationId": "get_request_inspector_v1_admin_request_inspector_get", "parameters": [ { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 100, "minimum": 1, "default": 50, "title": "Limit" } }, { "name": "cursor", "in": "query", "required": false, "schema": { "type": "integer", "minimum": 0, "default": 0, "title": "Cursor" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RequestInspectorResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/volume-status": { "get": { "tags": [ "Admin" ], "summary": "Get Volume Status", "description": "Return the tenant's current volume-eligibility snapshot.\n\nRead-only. Requires ``admin:read``. Computes lifetime spend on the fly\n(uses 30s balance cache) so the response always reflects current state.", "operationId": "get_volume_status_v1_admin_volume_status_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Get Volume Status V1 Admin Volume Status Get" } } } } } } }, "/v1/admin/volume-flag": { "patch": { "tags": [ "Admin" ], "summary": "Set Volume Flag", "description": "Set or unset ``settings_json.volume_customer``.\n\nBody: ``{\"volume_customer\": true|false, \"reason\": \"...\" (optional)}``.\n\nAudit-logged. Triggers RL cache flush for this tenant so the change is\nvisible within seconds.", "operationId": "set_volume_flag_v1_admin_volume_flag_patch", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Set Volume Flag V1 Admin Volume Flag Patch" } } } } } } }, "/v1/admin/rate-limit-override": { "patch": { "tags": [ "Admin" ], "summary": "Set Rate Limit Override", "description": "Set or clear ``settings_json.rate_limit_rpm_override``.\n\nBody:\n * ``{\"rate_limit_rpm\": 1000}`` — set override\n * ``{\"rate_limit_rpm\": null}`` — clear override (use tier default)\n * Optional ``\"reason\"`` field for audit context.\n\nValidation:\n * must be int between 0 and ``MAX_OVERRIDE_CEILING`` (5000)\n * 0 / null clears the override\n\nAudit-logged. Triggers RL cache flush so change propagates immediately.", "operationId": "set_rate_limit_override_v1_admin_rate_limit_override_patch", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Set Rate Limit Override V1 Admin Rate Limit Override Patch" } } } } } } }, "/v1/schema/chief-complaints": { "get": { "tags": [ "Schema" ], "summary": "Get Chief Complaints", "description": "Get list of supported chief complaints and schema statistics.", "operationId": "get_chief_complaints_v1_schema_chief_complaints_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SchemaInfoResponse" } } } } } } }, "/v1/schema/branches": { "get": { "tags": [ "Schema" ], "summary": "Get Branches", "description": "List all clinical branches, optionally filtered by chief complaint.", "operationId": "get_branches_v1_schema_branches_get", "parameters": [ { "name": "chief_complaint", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Chief Complaint" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}": { "delete": { "tags": [ "Sessions" ], "summary": "Delete Session", "description": "Delete a clinical session and all associated data (GDPR Art. 17).\n\n- Removes session from Redis (full state, tenant mapping, env)\n- Deletes from PostgreSQL clinical_sessions table\n- Anonymizes usage_records (NULLs session_id)\n- Removes from in-memory engine cache", "operationId": "delete_session_v1_sessions__session_id__delete", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Delete Session V1 Sessions Session Id Delete" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/patients": { "get": { "tags": [ "Patients" ], "summary": "List Patients", "description": "List patient profiles for the calling tenant.\n\nPagination is seek-based: pass the previous response's `next_cursor`\nto fetch the next page. Empty `next_cursor` means no more rows.\n\nFiltering:\n - `partner_patient_id=` — exact match (takes precedence).\n - `q=` — case-insensitive substring on partner_patient_id.\n\nSort order is newest-updated first with `profile_id` as a stable\ntiebreaker, both used as the seek key.\n\nCounts (`session_count_total`, `session_count_active`) come from\n`clinical_sessions` for finalized rows. `session_count_active` is a\nbest-effort count of in-progress sessions (completed_at IS NULL) —\nactive sessions that live only in Redis are NOT included here (that\nwould require scanning Redis per-patient, which doesn't scale to\nthousands of patients). Use `GET /patients/{id}/sessions` for the\nfull Redis-merged timeline.\n\nEmits a single `patient.list_accessed` audit row per call (not per\npatient) — PHI access tracking without log spam.", "operationId": "list_patients_v1_patients_get", "parameters": [ { "name": "limit", "in": "query", "required": false, "schema": { "type": "integer", "maximum": 200, "minimum": 1, "description": "Page size (max 200).", "default": 50, "title": "Limit" }, "description": "Page size (max 200)." }, { "name": "cursor", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "description": "Opaque cursor from the previous page's `next_cursor`.", "title": "Cursor" }, "description": "Opaque cursor from the previous page's `next_cursor`." }, { "name": "partner_patient_id", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string", "minLength": 1, "maxLength": 255 }, { "type": "null" } ], "description": "Exact-match filter on partner_patient_id.", "title": "Partner Patient Id" }, "description": "Exact-match filter on partner_patient_id." }, { "name": "q", "in": "query", "required": false, "schema": { "anyOf": [ { "type": "string", "minLength": 1, "maxLength": 100 }, { "type": "null" } ], "description": "Case-insensitive substring search on partner_patient_id. Ignored when `partner_patient_id` is provided.", "title": "Q" }, "description": "Case-insensitive substring search on partner_patient_id. Ignored when `partner_patient_id` is provided." } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response List Patients V1 Patients Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/patients/{patient_id}/profile": { "get": { "tags": [ "Patients" ], "summary": "Get Patient Profile", "description": "Retrieve patient profile by partner patient ID.", "operationId": "get_patient_profile_v1_patients__patient_id__profile_get", "parameters": [ { "name": "patient_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Patient Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PatientProfileResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } }, "put": { "tags": [ "Patients" ], "summary": "Upsert Patient Profile", "description": "Create or update patient profile. Arrays are merge-appended and deduplicated.", "operationId": "upsert_patient_profile_v1_patients__patient_id__profile_put", "parameters": [ { "name": "patient_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Patient Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PatientProfileUpdate" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PatientProfileResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/patients/{patient_id}/sessions": { "get": { "tags": [ "Patients" ], "summary": "List Patient Sessions", "description": "List all sessions for a patient, most recent first.\n\nMerges finalized sessions (from `clinical_sessions`, RLS-scoped via\ntenant_conn) with active sessions (from the Redis tenant index).\nThis is the fix for T0.2: the Postgres table only ever held finalized\nrows, so in-progress sessions were invisible to the patient timeline.", "operationId": "list_patient_sessions_v1_patients__patient_id__sessions_get", "parameters": [ { "name": "patient_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Patient Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/PatientSessionSummary" }, "title": "Response List Patient Sessions V1 Patients Patient Id Sessions Get" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/patients/{patient_id}": { "delete": { "tags": [ "Patients" ], "summary": "Delete Patient", "description": "GDPR full patient erasure — delete profile, sessions, anonymize usage.", "operationId": "delete_patient_v1_patients__patient_id__delete", "parameters": [ { "name": "patient_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Patient Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/patients/{patient_id}/summary": { "get": { "tags": [ "Patients" ], "summary": "Patient Summary", "description": "Aggregated patient summary (epicrisis) from all sessions.\n\nDX-003 consolidation (2026-04-23): previously a less-rich handler was\ndefined first in this module and silently shadowed this one, breaking\nthe PHI-access audit row and dropping `red_flags_ever_seen`. The richer\nresponse below is now the only registration. Legacy consumer fields\n(`partner_patient_id`, `profile_exists`, `sessions_finalized`,\n`sessions_active`, `last_session_at`) are preserved so partner\nintegrations coded against the old shape keep working.", "operationId": "patient_summary_v1_patients__patient_id__summary_get", "parameters": [ { "name": "patient_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Patient Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/team": { "get": { "tags": [ "Team" ], "summary": "List Team Members", "description": "List all team members for this tenant (active and pending).", "operationId": "list_team_members_v1_admin_team_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "items": { "$ref": "#/components/schemas/TeamMemberResponse" }, "type": "array", "title": "Response List Team Members V1 Admin Team Get" } } } } } } }, "/v1/admin/team/invite": { "post": { "tags": [ "Team" ], "summary": "Invite Team Member", "description": "Invite a new team member via email.\n\nCreates an invite token in auth_tokens and sends an invite email.\nThe invitee must accept the invite via POST /v1/auth/accept-invite\nto create their account with a password. Does NOT create a loginable\nuser directly — that would leave an account with no password.\n\nSupports `Idempotency-Key` header (24h TTL). Replays return the\noriginal 201 body without sending a second invite email or creating\na duplicate token — important because the email-send side-effect is\nexternally visible.", "operationId": "invite_team_member_v1_admin_team_invite_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InviteTeamMemberRequest" } } }, "required": true }, "responses": { "201": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/team/{member_id}/role": { "put": { "tags": [ "Team" ], "summary": "Change Member Role", "description": "Change a team member's role. Only owner can change roles.\n\nConstraints:\n- Cannot change own role (future: when member auth exists)\n- Cannot change last owner to non-owner\n\n**DX-020 deprecation (2026-04-23):** `role` is accepted via query string\nfor backward-compat with the dashboard. REST convention is a JSON body.\nQuery-string form will be removed on **2026-07-23** (90-day sunset per\nRFC 8594). Response emits `Deprecation`, `Sunset`, `Link`, and\n`Warning: 299 - \"Use request body instead\"` headers.", "operationId": "change_member_role_v1_admin_team__member_id__role_put", "parameters": [ { "name": "member_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Member Id" } }, { "name": "role", "in": "query", "required": false, "schema": { "type": "string", "default": "viewer", "title": "Role" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TeamMemberResponse" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/admin/team/{member_id}": { "delete": { "tags": [ "Team" ], "summary": "Remove Team Member", "description": "Remove a team member (soft delete: is_active=false).\n\nOwner cannot be removed — must transfer ownership first.", "operationId": "remove_team_member_v1_admin_team__member_id__delete", "parameters": [ { "name": "member_id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid", "title": "Member Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "type": "object", "additionalProperties": true, "title": "Response Remove Team Member V1 Admin Team Member Id Delete" } } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/register": { "post": { "tags": [ "Auth" ], "summary": "Register", "description": "Register a new user + tenant (email/password).", "operationId": "register_v1_auth_register_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RegisterRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/login": { "post": { "tags": [ "Auth" ], "summary": "Login", "description": "Authenticate with email + password, set session cookie.", "operationId": "login_v1_auth_login_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/LoginRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/logout": { "post": { "tags": [ "Auth" ], "summary": "Logout", "description": "Clear session + CSRF cookies and revoke the JWT.", "operationId": "logout_v1_auth_logout_post", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/auth/verify-otp": { "post": { "tags": [ "Auth" ], "summary": "Verify Otp Endpoint", "description": "Verify a 6-digit OTP issued during register or login.\n\nOn success, mints the session JWT, sets the session + CSRF cookies and\na 5-day signed ``nessy_trusted_device`` cookie so subsequent logins\nfrom the same browser skip the OTP step. Also flips\n``dashboard_users.email_verified = true`` since holding the code\nproves email ownership.", "operationId": "verify_otp_endpoint_v1_auth_verify_otp_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VerifyOtpRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/resend-otp": { "post": { "tags": [ "Auth" ], "summary": "Resend Otp Endpoint", "description": "Mint a fresh code for an existing challenge and re-send the email.\n\nRate limit is intentionally aggressive (3/hour per IP) because each\ncall enqueues an outbound email — a leaky resend is a spam vector.\nThe Redis-backed challenge is mutated in place; the challenge_id\nstays the same so the dashboard can keep its OTP form state.", "operationId": "resend_otp_endpoint_v1_auth_resend_otp_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ResendOtpRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/verify-email": { "post": { "tags": [ "Auth" ], "summary": "Verify Email", "description": "Verify email address using token.", "operationId": "verify_email_v1_auth_verify_email_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VerifyEmailRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/forgot-password": { "post": { "tags": [ "Auth" ], "summary": "Forgot Password", "description": "Send a password reset email. Always returns 200 to prevent enumeration.", "operationId": "forgot_password_v1_auth_forgot_password_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ForgotPasswordRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/reset-password": { "post": { "tags": [ "Auth" ], "summary": "Reset Password", "description": "Reset password using a valid reset token.", "operationId": "reset_password_v1_auth_reset_password_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ResetPasswordRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/invite": { "post": { "tags": [ "Auth" ], "summary": "Invite Member", "description": "Invite a new team member (requires admin:write scope from cookie JWT).", "operationId": "invite_member_v1_auth_invite_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InviteRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/accept-invite": { "post": { "tags": [ "Auth" ], "summary": "Accept Invite", "description": "Accept an invite and create a user account.", "operationId": "accept_invite_v1_auth_accept_invite_post", "requestBody": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AcceptInviteRequest" } } }, "required": true }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/auth/me": { "get": { "tags": [ "Auth" ], "summary": "Get Me", "description": "Return current user info from JWT session cookie.", "operationId": "get_me_v1_auth_me_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/auth/system-status": { "get": { "tags": [ "Auth" ], "summary": "System Status", "description": "Authenticated full-state probe for the dashboard Settings panel.\n\nReturns engine + Postgres + Redis health alongside semver + build SHA.\nPublic ``/health`` is intentionally slimmed in production (it leaks\ncomponent state to unauthenticated callers); this endpoint is session-\ncookie-auth gated so the dashboard's ``System Status`` widget gets the\ndetailed picture without re-exposing it on a public path.", "operationId": "system_status_v1_auth_system_status_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/auth/workspaces": { "get": { "tags": [ "Auth" ], "summary": "List Workspaces", "description": "List all workspaces (tenants) the current user belongs to.", "operationId": "list_workspaces_v1_auth_workspaces_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/auth/switch-workspace": { "post": { "tags": [ "Auth" ], "summary": "Switch Workspace", "description": "Switch to a different workspace. Sets new JWT cookie.", "operationId": "switch_workspace_v1_auth_switch_workspace_post", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/v1/sessions/{session_id}/questions": { "get": { "tags": [ "Sessions" ], "summary": "List Session Questions", "description": "List all questions for this session's active branches with progress info.", "operationId": "list_session_questions_v1_sessions__session_id__questions_get", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/demographics": { "post": { "tags": [ "Sessions" ], "summary": "Update Demographics", "description": "Update session demographics (age, sex) after creation.", "operationId": "update_demographics_v1_sessions__session_id__demographics_post", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DemographicsRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/feedback": { "post": { "tags": [ "Sessions" ], "summary": "Submit Feedback", "description": "Submit feedback on diagnosis accuracy for a completed session.", "operationId": "submit_feedback_v1_sessions__session_id__feedback_post", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FeedbackRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/sessions/{session_id}/rectify": { "put": { "tags": [ "Sessions" ], "summary": "Rectify Session", "description": "Rectify a session's data (GDPR Art. 16 — Right to Rectification).\n\nOnly editable BEFORE finalization. Writes an audit event with the list\nof fields changed (never the values — those would leak PHI).\nAllowed edits:\n - Update age/sex demographics\n - Erase specific answers by question_id (removes from session state)", "operationId": "rectify_session_v1_sessions__session_id__rectify_put", "parameters": [ { "name": "session_id", "in": "path", "required": true, "schema": { "type": "string", "title": "Session Id" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RectifyRequest" } } } }, "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/me": { "get": { "tags": [ "Account" ], "summary": "Get Me", "description": "Return the authenticated tenant's account snapshot.\n\nNo scope required. Any valid API key can call this endpoint to discover\nits own identity, balance, and configured scopes. Returns a compact\ndocument suitable for powering a \"Hello, $tenant\" UI header in partner\ndashboards or CLI tools.", "operationId": "get_me_v1_me_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "additionalProperties": true, "type": "object", "title": "Response Get Me V1 Me Get" } } } } } } }, "/v1/changelog": { "get": { "tags": [ "System", "System" ], "summary": "Get Changelog", "description": "Public changelog. Returns JSON by default; pass `Accept: text/markdown`\nto get the raw file. No auth required, no rate limit applied beyond the\nglobal per-IP limiter.", "operationId": "get_changelog_v1_changelog_get", "parameters": [ { "name": "accept", "in": "header", "required": false, "schema": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Accept" } } ], "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } }, "422": { "description": "Validation Error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HTTPValidationError" } } } } } } }, "/v1/public/status": { "get": { "tags": [ "System" ], "summary": "Public Status", "description": "Public, unauthenticated status JSON. See module docstring for shape.", "operationId": "public_status_v1_public_status_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/livez": { "get": { "tags": [ "System" ], "summary": "Liveness Check", "description": "Liveness probe — 200 if the process can serve a request.\n\nDeliberately does NOT touch Postgres, Redis, or the engine. This\nkeeps transient dependency flaps from restarting the container,\nwhich would drop in-flight sessions and cascade cold starts.", "operationId": "liveness_check_livez_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/readyz": { "get": { "tags": [ "System" ], "summary": "Readiness Check", "description": "Readiness probe — 200 iff Postgres + Redis + engine are healthy.", "operationId": "readiness_check_readyz_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/health": { "get": { "tags": [ "System" ], "summary": "Health Check", "description": "Legacy alias for /readyz — kept for backward compat with the\nexisting Azure Container Apps probes and monitoring. Will be removed\nonce Terraform probes are flipped to /livez + /readyz and external\ncallers are migrated.", "operationId": "health_check_health_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/HealthResponse" } } } } } } }, "/status": { "get": { "tags": [ "System" ], "summary": "Status Check", "description": "Detailed component status for monitoring dashboards. Requires API key.", "operationId": "status_check_status_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } }, "/diagnostics": { "get": { "tags": [ "System" ], "summary": "Diagnostics", "operationId": "diagnostics_diagnostics_get", "responses": { "200": { "description": "Successful Response", "content": { "application/json": { "schema": {} } } } } } } }, "components": { "schemas": { "AcceptInviteRequest": { "properties": { "token": { "type": "string", "title": "Token" }, "password": { "type": "string", "title": "Password" }, "name": { "type": "string", "title": "Name", "default": "" } }, "type": "object", "required": [ "token", "password" ], "title": "AcceptInviteRequest" }, "AnswerRequest": { "properties": { "question_id": { "type": "string", "maxLength": 100, "minLength": 1, "title": "Question Id" }, "raw_text": { "anyOf": [ { "type": "string", "maxLength": 5000 }, { "type": "null" } ], "title": "Raw Text" }, "extracted_fields": { "additionalProperties": true, "type": "object", "title": "Extracted Fields" }, "extracted_flags": { "items": { "type": "string" }, "type": "array", "title": "Extracted Flags" }, "field_confidences": { "anyOf": [ { "additionalProperties": { "type": "number" }, "type": "object" }, { "type": "null" } ], "title": "Field Confidences" }, "skip": { "type": "boolean", "title": "Skip", "default": false } }, "type": "object", "required": [ "question_id" ], "title": "AnswerRequest" }, "ApiKeyCreatedResponse": { "properties": { "key_id": { "type": "string", "format": "uuid", "title": "Key Id" }, "key_prefix": { "type": "string", "title": "Key Prefix" }, "name": { "type": "string", "title": "Name" }, "scopes": { "items": { "type": "string" }, "type": "array", "title": "Scopes" }, "rate_limit_rpm": { "type": "integer", "title": "Rate Limit Rpm" }, "is_active": { "type": "boolean", "title": "Is Active" }, "last_used_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Last Used At" }, "expires_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Expires At" }, "created_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Created At" }, "key_suffix": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Key Suffix" }, "raw_key": { "type": "string", "title": "Raw Key" } }, "type": "object", "required": [ "key_id", "key_prefix", "name", "scopes", "rate_limit_rpm", "is_active", "raw_key" ], "title": "ApiKeyCreatedResponse", "description": "Returned only on creation — includes the raw key (shown once)." }, "ApiKeyResponse": { "properties": { "key_id": { "type": "string", "format": "uuid", "title": "Key Id" }, "key_prefix": { "type": "string", "title": "Key Prefix" }, "name": { "type": "string", "title": "Name" }, "scopes": { "items": { "type": "string" }, "type": "array", "title": "Scopes" }, "rate_limit_rpm": { "type": "integer", "title": "Rate Limit Rpm" }, "is_active": { "type": "boolean", "title": "Is Active" }, "last_used_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Last Used At" }, "expires_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Expires At" }, "created_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Created At" }, "key_suffix": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Key Suffix" } }, "type": "object", "required": [ "key_id", "key_prefix", "name", "scopes", "rate_limit_rpm", "is_active" ], "title": "ApiKeyResponse" }, "BalanceResponse": { "properties": { "tenant_id": { "type": "string", "format": "uuid", "title": "Tenant Id" }, "balance": { "type": "integer", "title": "Balance" }, "lifetime_used": { "type": "integer", "title": "Lifetime Used" }, "tier": { "type": "string", "title": "Tier" }, "burn_rate_7d": { "type": "integer", "title": "Burn Rate 7D", "default": 0 }, "estimated_days_remaining": { "anyOf": [ { "type": "number" }, { "type": "null" } ], "title": "Estimated Days Remaining" } }, "type": "object", "required": [ "tenant_id", "balance", "lifetime_used", "tier" ], "title": "BalanceResponse" }, "BalanceStatusResponse": { "properties": { "balance": { "type": "integer", "title": "Balance" }, "initial_balance": { "anyOf": [ { "type": "integer" }, { "type": "null" } ], "title": "Initial Balance" }, "lifetime_used": { "type": "integer", "title": "Lifetime Used", "default": 0 }, "percentage_remaining": { "type": "number", "title": "Percentage Remaining", "description": "Ratio of current balance to initial_balance, 0.0–1.0+" }, "current_threshold": { "type": "string", "title": "Current Threshold", "description": "One of: ok | low_warning | low_critical | depleted" }, "next_threshold": { "anyOf": [ { "$ref": "#/components/schemas/NextThreshold" }, { "type": "null" } ] }, "tier": { "type": "string", "title": "Tier" }, "last_topup_at": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Last Topup At" } }, "type": "object", "required": [ "balance", "percentage_remaining", "current_threshold", "tier" ], "title": "BalanceStatusResponse" }, "BulkExportRequest": { "properties": { "date_from": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Date From" }, "date_to": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Date To" }, "patient_id": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Patient Id" }, "limit": { "type": "integer", "title": "Limit", "default": 1000 } }, "type": "object", "title": "BulkExportRequest" }, "ChiefComplaintInfo": { "properties": { "key": { "type": "string", "title": "Key" }, "display": { "type": "string", "title": "Display" }, "branch_count": { "type": "integer", "title": "Branch Count" } }, "type": "object", "required": [ "key", "display", "branch_count" ], "title": "ChiefComplaintInfo" }, "CreateApiKeyRequest": { "properties": { "name": { "type": "string", "maxLength": 100, "minLength": 1, "title": "Name" }, "scopes": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Scopes" }, "rate_limit_rpm": { "type": "integer", "maximum": 10000.0, "minimum": 1.0, "title": "Rate Limit Rpm", "default": 60 }, "test": { "type": "boolean", "title": "Test", "default": false } }, "type": "object", "required": [ "name" ], "title": "CreateApiKeyRequest" }, "CreateSessionRequest": { "properties": { "chief_complaint": { "type": "string", "maxLength": 500, "minLength": 1, "title": "Chief Complaint" }, "age": { "anyOf": [ { "type": "integer", "maximum": 120.0, "minimum": 0.0 }, { "type": "null" } ], "title": "Age" }, "sex": { "anyOf": [ { "type": "string", "pattern": "^(male|female|other)$" }, { "type": "null" } ], "title": "Sex" }, "free_text": { "anyOf": [ { "type": "string", "maxLength": 2000 }, { "type": "null" } ], "title": "Free Text" }, "initial_fields": { "anyOf": [ { "additionalProperties": true, "type": "object" }, { "type": "null" } ], "title": "Initial Fields" }, "patient_id": { "anyOf": [ { "type": "string", "maxLength": 200, "minLength": 1, "pattern": "^[a-zA-Z0-9_\\-\\.]{1,200}$" }, { "type": "null" } ], "title": "Patient Id" } }, "type": "object", "required": [ "chief_complaint" ], "title": "CreateSessionRequest" }, "CreateWebhookRequest": { "properties": { "url": { "type": "string", "maxLength": 500, "minLength": 10, "title": "Url" }, "events": { "items": { "type": "string" }, "type": "array", "minItems": 1, "title": "Events" } }, "type": "object", "required": [ "url", "events" ], "title": "CreateWebhookRequest" }, "DemographicsRequest": { "properties": { "age": { "anyOf": [ { "type": "integer" }, { "type": "null" } ], "title": "Age" }, "sex": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Sex" } }, "type": "object", "title": "DemographicsRequest" }, "DifferentialResponse": { "properties": { "diagnosis": { "type": "string", "title": "Diagnosis" }, "icd": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Icd" }, "probability": { "type": "number", "title": "Probability" }, "rank": { "type": "integer", "title": "Rank" } }, "type": "object", "required": [ "diagnosis", "probability", "rank" ], "title": "DifferentialResponse" }, "FeedbackRequest": { "properties": { "accuracy": { "type": "string", "title": "Accuracy" }, "actual_diagnosis": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Actual Diagnosis" }, "actual_icd10": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Actual Icd10" }, "notes": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Notes" } }, "type": "object", "required": [ "accuracy" ], "title": "FeedbackRequest" }, "ForgotPasswordRequest": { "properties": { "email": { "type": "string", "title": "Email" } }, "type": "object", "required": [ "email" ], "title": "ForgotPasswordRequest" }, "HTTPValidationError": { "properties": { "detail": { "items": { "$ref": "#/components/schemas/ValidationError" }, "type": "array", "title": "Detail" } }, "type": "object", "title": "HTTPValidationError" }, "HealthResponse": { "properties": { "status": { "type": "string", "title": "Status", "default": "ok" }, "version": { "type": "string", "title": "Version" }, "build": { "type": "string", "title": "Build" }, "engine_ready": { "type": "boolean", "title": "Engine Ready", "default": false }, "postgres_connected": { "type": "boolean", "title": "Postgres Connected", "default": false }, "redis_connected": { "type": "boolean", "title": "Redis Connected", "default": false } }, "type": "object", "title": "HealthResponse" }, "InviteRequest": { "properties": { "email": { "type": "string", "title": "Email" }, "name": { "type": "string", "title": "Name", "default": "" }, "role": { "type": "string", "title": "Role", "default": "developer" } }, "type": "object", "required": [ "email" ], "title": "InviteRequest" }, "InviteTeamMemberRequest": { "properties": { "email": { "type": "string", "maxLength": 200, "minLength": 3, "title": "Email" }, "name": { "type": "string", "maxLength": 100, "title": "Name", "default": "" }, "role": { "type": "string", "pattern": "^(admin|developer|viewer|billing)$", "title": "Role", "default": "developer" } }, "type": "object", "required": [ "email" ], "title": "InviteTeamMemberRequest" }, "LoginRequest": { "properties": { "email": { "type": "string", "title": "Email" }, "password": { "type": "string", "title": "Password" } }, "type": "object", "required": [ "email", "password" ], "title": "LoginRequest" }, "MetaResponse": { "properties": { "tokens_charged": { "type": "integer", "title": "Tokens Charged", "default": 0 }, "processing_time_ms": { "type": "integer", "title": "Processing Time Ms", "default": 0 } }, "type": "object", "title": "MetaResponse" }, "NextThreshold": { "properties": { "name": { "type": "string", "title": "Name" }, "tokens_until": { "type": "integer", "title": "Tokens Until" }, "percentage": { "type": "number", "title": "Percentage" } }, "type": "object", "required": [ "name", "tokens_until", "percentage" ], "title": "NextThreshold" }, "PatientProfileResponse": { "properties": { "profile_id": { "type": "string", "format": "uuid", "title": "Profile Id" }, "partner_patient_id": { "type": "string", "title": "Partner Patient Id" }, "age": { "anyOf": [ { "type": "integer" }, { "type": "null" } ], "title": "Age" }, "sex": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Sex" }, "chronic_conditions": { "items": { "type": "string" }, "type": "array", "title": "Chronic Conditions" }, "current_medications": { "items": { "type": "string" }, "type": "array", "title": "Current Medications" }, "allergies": { "items": { "type": "string" }, "type": "array", "title": "Allergies" }, "risk_factors": { "items": { "type": "string" }, "type": "array", "title": "Risk Factors" }, "family_history": { "items": { "type": "string" }, "type": "array", "title": "Family History" }, "smoking_status": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Smoking Status" }, "alcohol_status": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Alcohol Status" }, "sessions_count": { "type": "integer", "title": "Sessions Count", "default": 0 }, "last_session_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Last Session At" }, "created_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Created At" } }, "type": "object", "required": [ "profile_id", "partner_patient_id" ], "title": "PatientProfileResponse" }, "PatientProfileUpdate": { "properties": { "chronic_conditions": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Chronic Conditions" }, "current_medications": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Current Medications" }, "allergies": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Allergies" }, "risk_factors": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Risk Factors" }, "family_history": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Family History" }, "smoking_status": { "anyOf": [ { "type": "string", "pattern": "^(never|ex|current)$" }, { "type": "null" } ], "title": "Smoking Status" }, "alcohol_status": { "anyOf": [ { "type": "string", "pattern": "^(none|social|heavy)$" }, { "type": "null" } ], "title": "Alcohol Status" } }, "type": "object", "title": "PatientProfileUpdate" }, "PatientSessionSummary": { "properties": { "session_id": { "type": "string", "title": "Session Id" }, "chief_complaint": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Chief Complaint" }, "triage_level": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Triage Level" }, "primary_diagnosis": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Primary Diagnosis" }, "primary_diagnosis_icd": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Primary Diagnosis Icd" }, "questions_asked": { "type": "integer", "title": "Questions Asked", "default": 0 }, "created_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Created At" }, "completed_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Completed At" } }, "type": "object", "required": [ "session_id" ], "title": "PatientSessionSummary" }, "QuestionResponse": { "properties": { "question_id": { "type": "string", "title": "Question Id" }, "text": { "type": "string", "title": "Text" }, "text_cs": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Text Cs" }, "targets": { "items": { "type": "string" }, "type": "array", "title": "Targets" }, "is_red_flag": { "type": "boolean", "title": "Is Red Flag", "default": false }, "is_reask": { "type": "boolean", "title": "Is Reask", "default": false } }, "type": "object", "required": [ "question_id", "text" ], "title": "QuestionResponse" }, "RectifyRequest": { "properties": { "age": { "anyOf": [ { "type": "integer" }, { "type": "null" } ], "title": "Age" }, "sex": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Sex" }, "clear_answers": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Clear Answers" }, "reason": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Reason" } }, "type": "object", "title": "RectifyRequest" }, "RedFlagResponse": { "properties": { "flag": { "type": "string", "title": "Flag" }, "description": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Description" } }, "type": "object", "required": [ "flag" ], "title": "RedFlagResponse" }, "RegisterRequest": { "properties": { "email": { "type": "string", "title": "Email" }, "password": { "type": "string", "title": "Password" }, "name": { "type": "string", "title": "Name", "default": "" }, "company": { "type": "string", "title": "Company", "default": "" } }, "type": "object", "required": [ "email", "password" ], "title": "RegisterRequest" }, "RequestInspectorEntry": { "properties": { "request_id": { "type": "string", "title": "Request Id" }, "ts": { "type": "string", "title": "Ts" }, "method": { "type": "string", "title": "Method" }, "path": { "type": "string", "title": "Path" }, "status": { "type": "integer", "title": "Status" }, "duration_ms": { "type": "integer", "title": "Duration Ms" }, "tokens_charged": { "type": "integer", "title": "Tokens Charged", "default": 0 }, "api_key_prefix": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Api Key Prefix" }, "user_agent": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "User Agent" }, "ip": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Ip" }, "error_code": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Error Code" } }, "type": "object", "required": [ "request_id", "ts", "method", "path", "status", "duration_ms" ], "title": "RequestInspectorEntry" }, "RequestInspectorResponse": { "properties": { "entries": { "items": { "$ref": "#/components/schemas/RequestInspectorEntry" }, "type": "array", "title": "Entries" }, "total": { "type": "integer", "title": "Total", "default": 0 }, "next_cursor": { "anyOf": [ { "type": "integer" }, { "type": "null" } ], "title": "Next Cursor" }, "max_entries": { "type": "integer", "title": "Max Entries", "default": 100 } }, "type": "object", "title": "RequestInspectorResponse" }, "ResendOtpRequest": { "properties": { "challenge_id": { "type": "string", "title": "Challenge Id" } }, "type": "object", "required": [ "challenge_id" ], "title": "ResendOtpRequest" }, "ResetPasswordRequest": { "properties": { "token": { "type": "string", "title": "Token" }, "new_password": { "type": "string", "title": "New Password" } }, "type": "object", "required": [ "token", "new_password" ], "title": "ResetPasswordRequest" }, "ResultsResponse": { "properties": { "session_id": { "type": "string", "title": "Session Id" }, "triage_level": { "type": "string", "title": "Triage Level" }, "differentials": { "items": { "$ref": "#/components/schemas/DifferentialResponse" }, "type": "array", "title": "Differentials" }, "red_flags": { "items": { "$ref": "#/components/schemas/RedFlagResponse" }, "type": "array", "title": "Red Flags" }, "primary_diagnosis": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Primary Diagnosis" }, "primary_diagnosis_icd": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Primary Diagnosis Icd" }, "primary_probability": { "type": "number", "title": "Primary Probability", "default": 0.0 }, "questions_asked": { "type": "integer", "title": "Questions Asked", "default": 0 }, "meta": { "anyOf": [ { "$ref": "#/components/schemas/MetaResponse" }, { "type": "null" } ] } }, "type": "object", "required": [ "session_id", "triage_level" ], "title": "ResultsResponse" }, "RouteRequest": { "properties": { "text": { "type": "string", "maxLength": 2000, "minLength": 1, "title": "Text" } }, "type": "object", "required": [ "text" ], "title": "RouteRequest" }, "RouteResponse": { "properties": { "chief_complaint": { "type": "string", "title": "Chief Complaint" }, "confidence": { "type": "number", "title": "Confidence" }, "secondary_cc": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Secondary Cc" }, "diagnosis_hints": { "items": { "additionalProperties": true, "type": "object" }, "type": "array", "title": "Diagnosis Hints" }, "initial_fields": { "additionalProperties": true, "type": "object", "title": "Initial Fields" }, "flags": { "items": { "type": "string" }, "type": "array", "title": "Flags" }, "current_question": { "anyOf": [ { "$ref": "#/components/schemas/QuestionResponse" }, { "type": "null" } ] }, "meta": { "anyOf": [ { "$ref": "#/components/schemas/MetaResponse" }, { "type": "null" } ] } }, "type": "object", "required": [ "chief_complaint", "confidence" ], "title": "RouteResponse" }, "SchemaInfoResponse": { "properties": { "chief_complaints": { "items": { "$ref": "#/components/schemas/ChiefComplaintInfo" }, "type": "array", "title": "Chief Complaints" }, "total_branches": { "type": "integer", "title": "Total Branches" }, "total_differentials": { "type": "integer", "title": "Total Differentials" }, "schema_version": { "type": "string", "title": "Schema Version" } }, "type": "object", "required": [ "chief_complaints", "total_branches", "total_differentials", "schema_version" ], "title": "SchemaInfoResponse" }, "SessionStateResponse": { "properties": { "session_id": { "type": "string", "title": "Session Id" }, "status": { "type": "string", "title": "Status" }, "questions_asked": { "type": "integer", "title": "Questions Asked" }, "is_complete": { "type": "boolean", "title": "Is Complete" }, "triage_level": { "type": "string", "title": "Triage Level" }, "active_branches": { "items": { "type": "string" }, "type": "array", "title": "Active Branches" }, "red_flags": { "items": { "type": "string" }, "type": "array", "title": "Red Flags" }, "current_question": { "anyOf": [ { "$ref": "#/components/schemas/QuestionResponse" }, { "type": "null" } ] }, "created_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Created At" } }, "type": "object", "required": [ "session_id", "status", "questions_asked", "is_complete", "triage_level" ], "title": "SessionStateResponse" }, "TeamMemberResponse": { "properties": { "member_id": { "type": "string", "format": "uuid", "title": "Member Id" }, "email": { "type": "string", "title": "Email" }, "name": { "type": "string", "title": "Name" }, "role": { "type": "string", "title": "Role" }, "is_active": { "type": "boolean", "title": "Is Active" }, "accepted_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Accepted At" }, "last_login_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Last Login At" }, "created_at": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Created At" } }, "type": "object", "required": [ "member_id", "email", "name", "role", "is_active" ], "title": "TeamMemberResponse" }, "UpdateApiKeyRequest": { "properties": { "name": { "anyOf": [ { "type": "string", "maxLength": 100, "minLength": 1 }, { "type": "null" } ], "title": "Name" }, "scopes": { "anyOf": [ { "items": { "type": "string" }, "type": "array" }, { "type": "null" } ], "title": "Scopes" }, "rate_limit_rpm": { "anyOf": [ { "type": "integer", "maximum": 10000.0, "minimum": 1.0 }, { "type": "null" } ], "title": "Rate Limit Rpm" } }, "type": "object", "title": "UpdateApiKeyRequest", "description": "Patch an existing API key. Any field can be omitted — only provided fields\nare updated. The `test` flag and `key_prefix` are immutable (would require\nrotating the key instead)." }, "UsageDetailRecord": { "properties": { "record_id": { "type": "string", "format": "uuid", "title": "Record Id" }, "session_id": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Session Id" }, "action": { "type": "string", "title": "Action" }, "tokens_charged": { "type": "integer", "title": "Tokens Charged" }, "request_id": { "anyOf": [ { "type": "string" }, { "type": "null" } ], "title": "Request Id" }, "created_at": { "type": "string", "format": "date-time", "title": "Created At" } }, "type": "object", "required": [ "record_id", "action", "tokens_charged", "created_at" ], "title": "UsageDetailRecord" }, "UsageRecord": { "properties": { "date": { "type": "string", "title": "Date" }, "action": { "type": "string", "title": "Action" }, "tokens_charged": { "type": "integer", "title": "Tokens Charged" }, "count": { "type": "integer", "title": "Count" } }, "type": "object", "required": [ "date", "action", "tokens_charged", "count" ], "title": "UsageRecord" }, "UsageResponse": { "properties": { "tenant_id": { "type": "string", "format": "uuid", "title": "Tenant Id" }, "balance": { "type": "integer", "title": "Balance" }, "lifetime_used": { "type": "integer", "title": "Lifetime Used" }, "period_start": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Period Start" }, "period_end": { "anyOf": [ { "type": "string", "format": "date-time" }, { "type": "null" } ], "title": "Period End" }, "records": { "items": { "$ref": "#/components/schemas/UsageRecord" }, "type": "array", "title": "Records" } }, "type": "object", "required": [ "tenant_id", "balance", "lifetime_used" ], "title": "UsageResponse" }, "ValidationError": { "properties": { "loc": { "items": { "anyOf": [ { "type": "string" }, { "type": "integer" } ] }, "type": "array", "title": "Location" }, "msg": { "type": "string", "title": "Message" }, "type": { "type": "string", "title": "Error Type" }, "input": { "title": "Input" }, "ctx": { "type": "object", "title": "Context" } }, "type": "object", "required": [ "loc", "msg", "type" ], "title": "ValidationError" }, "VerifyEmailRequest": { "properties": { "token": { "type": "string", "title": "Token" } }, "type": "object", "required": [ "token" ], "title": "VerifyEmailRequest" }, "VerifyOtpRequest": { "properties": { "challenge_id": { "type": "string", "title": "Challenge Id" }, "code": { "type": "string", "title": "Code" } }, "type": "object", "required": [ "challenge_id", "code" ], "title": "VerifyOtpRequest" } } } }