{ "item": [ { "id": "772e0fc7-b61b-4aa9-8cae-d22fa976f33e", "name": "Health check", "request": { "name": "Health check", "description": { "content": "Returns server status and verifies database connectivity. Returns 503 if the database is unreachable.", "type": "text/plain" }, "url": { "path": [ "health" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "7f7ee02d-410c-46a1-b263-1888f4b79b91", "name": "Server healthy", "originalRequest": { "url": { "path": [ "health" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"ok\",\n \"database\": \"connected\",\n \"timestamp\": \"2024-05-20T15:33:03.453Z\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "bf422435-9295-4139-85e4-5ec9cd67b2cc", "name": "Database unreachable", "originalRequest": { "url": { "path": [ "health" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "Service Unavailable", "code": 503, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"degraded\",\n \"database\": \"disconnected\",\n \"timestamp\": \"1951-03-17T15:00:59.562Z\"\n}", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "ac462ce1-3c75-4bce-9c01-2c815de6fc6b", "name": "OpenAPI specification", "request": { "name": "OpenAPI specification", "description": { "content": "Returns this specification as JSON.", "type": "text/plain" }, "url": { "path": [ "api-docs", "openapi.json" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "554230de-abcb-48ee-81c1-6805db200279", "name": "OpenAPI spec", "originalRequest": { "url": { "path": [ "api-docs", "openapi.json" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{}", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "318c8d25-3c66-45cb-82e4-d4f5d0c9bf4b", "name": "artifacts", "item": [ { "id": "6ed0e0d9-0f74-490e-b769-867d9429e6cd", "name": "Download program config artifact (JSON)", "request": { "name": "Download program config artifact (JSON)", "description": { "content": "Public endpoint returning a scoped, signed version of an app config. Used when enrolling a mobile client via QR code.", "type": "text/plain" }, "url": { "path": [ "artifacts", "{{artifactId}}.json" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "576c48ce-5fcc-4e6a-9a0d-fdea7b797009", "name": "App config JSON", "originalRequest": { "url": { "path": [ "artifacts", "{{artifactId}}.json" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "6261d2db-72de-45fa-b740-dd1046bef773", "name": "Artifact not found", "originalRequest": { "url": { "path": [ "artifacts", "{{artifactId}}.json" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "fffa340d-c354-4c76-9a83-2e1c05f20c77", "name": "Download program QR code (PNG)", "request": { "name": "Download program QR code (PNG)", "description": { "content": "Public endpoint returning a QR code pointing at the JSON artifact.", "type": "text/plain" }, "url": { "path": [ "artifacts", "{{artifactId}}.png" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "image/png" } ], "method": "GET", "auth": null }, "response": [ { "id": "42183ba1-df39-4df6-84f4-98a5abbbb9e7", "name": "QR code PNG", "originalRequest": { "url": { "path": [ "artifacts", "{{artifactId}}.png" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "image/png" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "image/png" } ], "body": "string", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "648519a6-cfdf-48ab-a252-010ca64a87de", "name": "Artifact not found", "originalRequest": { "url": { "path": [ "artifacts", "{{artifactId}}.png" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "a4cc5331-470a-4553-a772-a4e9b9847115", "name": "api", "item": [ { "id": "81f5390d-6da3-42a3-b268-aeffcee299aa", "name": "users", "item": [ { "id": "a3fc32de-a190-4137-b0e9-43142ad40308", "name": "List all users", "request": { "name": "List all users", "description": { "content": "Admin-only. Returns every user in the system (password hash redacted).", "type": "text/plain" }, "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "20ce75c7-abc5-4eaf-8b59-4ee692de7013", "name": "Array of users", "originalRequest": { "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"id\": 3142,\n \"email\": \"roTEPoos@RQNkMDAPFMIZoqskpWtLlspQqEBnwW.kn\",\n \"role\": \"ADMIN\",\n \"tenantIds\": [\n \"string\",\n \"string\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"string\",\n \"role\": \"string\",\n \"areaId\": \"string\"\n },\n {\n \"tenantId\": \"string\",\n \"role\": \"string\",\n \"areaId\": \"string\"\n }\n ]\n },\n {\n \"id\": 1152,\n \"email\": \"JjzB@B.wr\",\n \"role\": \"USER\",\n \"tenantIds\": [\n \"string\",\n \"string\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"string\",\n \"role\": \"string\",\n \"areaId\": \"string\"\n },\n {\n \"tenantId\": \"string\",\n \"role\": \"string\",\n \"areaId\": \"string\"\n }\n ]\n }\n]", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "79191d2d-4f59-4c24-a3ba-f076bc6238b6", "name": "Unauthenticated", "originalRequest": { "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "1c5a264b-0cf4-48f8-81eb-d5fdb09472ed", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "18cdb63a-051b-416a-9f13-47e30b4ae545", "name": "Create a user", "request": { "name": "Create a user", "description": { "content": "Admin-only. Password must be at least 8 characters and contain upper, lower, digit, and special character.", "type": "text/plain" }, "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\",\n \"role\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "85de9a1c-7bab-4743-8da5-84e32fd3b21e", "name": "User created", "originalRequest": { "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\",\n \"role\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Created", "code": 201, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"message\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "f6915cf8-e3d2-407e-a171-10115a530eea", "name": "Validation error", "originalRequest": { "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\",\n \"role\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"error\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "df21021d-5d47-4071-926a-4b27cf26e347", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "users" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\",\n \"role\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "969390a6-f73f-49f3-ae89-708dde58cf16", "name": "Log in", "request": { "name": "Log in", "description": { "content": "Authenticates a user and returns a short-lived access token plus a long-lived refresh token.", "type": "text/plain" }, "url": { "path": [ "api", "users", "login" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "b4744737-0220-459a-9615-82731cebd2eb", "name": "Authenticated", "originalRequest": { "url": { "path": [ "api", "users", "login" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"token\": \"string\",\n \"refreshToken\": \"string\",\n \"userId\": 8154\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "4790dfb9-388f-42a4-b029-f8973669fa66", "name": "Invalid credentials", "originalRequest": { "url": { "path": [ "api", "users", "login" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"error\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "5aa8d399-7a05-48d5-98ee-9b1022468a3e", "name": "Rate limit exceeded (15 attempts per 15 minutes per IP)", "originalRequest": { "url": { "path": [ "api", "users", "login" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"password\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Too Many Requests", "code": 429, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "2b4266c1-4dba-4ac8-b98c-f4433d24eb45", "name": "Refresh access token", "request": { "name": "Refresh access token", "description": { "content": "Issues a new access token and refresh token. Accepts either a refresh token in the body\nor an access token in the `Authorization` header. Returns 401 if no token is provided or\nthe token is expired/invalid.\n", "type": "text/plain" }, "url": { "path": [ "api", "users", "refresh" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"refreshToken\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "b7ca4b3f-9eb4-4b89-a353-8f50931ea0ce", "name": "Tokens rotated", "originalRequest": { "url": { "path": [ "api", "users", "refresh" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"refreshToken\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"token\": \"string\",\n \"refreshToken\": \"string\",\n \"userId\": 6045\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "e56519e5-b4a2-42f1-9d1d-243b9bb63341", "name": "No or invalid token", "originalRequest": { "url": { "path": [ "api", "users", "refresh" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"refreshToken\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "01e4fc44-6e40-4a60-9112-96ccbcab937a", "name": "Validate access token", "request": { "name": "Validate access token", "description": { "content": "Returns 200 if the bearer token is valid. Returns 401 otherwise.", "type": "text/plain" }, "url": { "path": [ "api", "users", "check-token" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "470837f9-9849-4ba3-829c-733749145f6c", "name": "Token valid", "originalRequest": { "url": { "path": [ "api", "users", "check-token" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"message\": \"Token is valid\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "44f49aae-6be5-411e-87bd-e6c3fc4050cc", "name": "Token invalid or expired", "originalRequest": { "url": { "path": [ "api", "users", "check-token" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "e0f0135f-b7fc-4bf6-a6d1-a61b8983b693", "name": "Get current user", "request": { "name": "Get current user", "description": { "content": "Returns the profile of the user associated with the bearer token (password hash redacted).", "type": "text/plain" }, "url": { "path": [ "api", "users", "me" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "2557da12-a082-47be-82e0-0ef247b39cf1", "name": "User profile", "originalRequest": { "url": { "path": [ "api", "users", "me" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"id\": 1254,\n \"email\": \"2i1isbvWaY@NRwfSGQc.lx\",\n \"role\": \"USER\",\n \"tenantIds\": [\n \"string\",\n \"string\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "18a58c05-9ab9-41e6-ab71-32cf30c16169", "name": "Unauthenticated", "originalRequest": { "url": { "path": [ "api", "users", "me" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "a2cf3242-8e4e-4f2e-adc0-344813e444cc", "name": "User not found", "originalRequest": { "url": { "path": [ "api", "users", "me" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "c7bfbb1a-2ec0-4186-b1fb-d8a19798870b", "name": "Update a user", "request": { "name": "Update a user", "description": { "content": "Admin-only. Password is optional — omit to keep the existing hash.", "type": "text/plain" }, "url": { "path": [ "api", "users", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "key": "Content-Type", "value": "application/json" } ], "method": "PUT", "auth": null, "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"role\": \"\",\n \"password\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "41e235d9-5aa1-4802-9ab4-b93604d46d5f", "name": "User updated", "originalRequest": { "url": { "path": [ "api", "users", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "PUT", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"role\": \"\",\n \"password\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "b537097b-fcc4-48e1-82fa-99ef495de2be", "name": "Invalid payload or user ID", "originalRequest": { "url": { "path": [ "api", "users", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "PUT", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"role\": \"\",\n \"password\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "dccf592f-3426-4b1c-9f4a-02b27bcf1aaf", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "users", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "PUT", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"role\": \"\",\n \"password\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "7588c571-ff9f-4e37-8525-984d34bd269a", "name": "User not found", "originalRequest": { "url": { "path": [ "api", "users", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "PUT", "body": { "mode": "raw", "raw": "{\n \"email\": \"\",\n \"role\": \"\",\n \"password\": \"\",\n \"tenantIds\": [\n \"\",\n \"\"\n ],\n \"roleAssignments\": [\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n },\n {\n \"tenantId\": \"\",\n \"role\": \"\",\n \"areaId\": \"\"\n }\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "c6460634-597f-4fa1-837a-a962b800637d", "name": "Delete a user", "request": { "name": "Delete a user", "description": { "content": "Admin-only.", "type": "text/plain" }, "url": { "path": [ "api", "users", ":email" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "email", "description": "(Required) " } ] }, "method": "DELETE", "auth": null }, "response": [ { "id": "ea021a84-3b3d-4d4c-845d-3c228a0c08bd", "name": "User deleted", "originalRequest": { "url": { "path": [ "api", "users", ":email" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "email", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "a8954f43-dd53-45a3-b816-6a4e2a1984b9", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "users", ":email" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "email", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "e09e3283-442d-4004-ba4b-1dbdccbc7f34", "name": "apps", "item": [ { "id": "6d813a81-877b-4bb6-b52e-e9661cef5837", "name": "List app configurations", "request": { "name": "List app configurations", "description": { "content": "Returns paginated, sortable, searchable app configs. Non-admin users only see configs\nlisted in their `tenantIds` claim. Each item includes the entity count for that config.\n", "type": "text/plain" }, "url": { "path": [ "api", "apps" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "page", "value": "1" }, { "disabled": false, "key": "pageSize", "value": "12" }, { "disabled": false, "key": "sortBy", "value": "name" }, { "disabled": false, "key": "sortOrder", "value": "asc" }, { "disabled": false, "key": "search", "value": "" }, { "disabled": false, "key": "includeArchived", "value": "false" } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "16cc80a1-ef30-416c-af00-25b9c3088fb8", "name": "Paginated list", "originalRequest": { "url": { "path": [ "api", "apps" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "page", "value": "1" }, { "key": "pageSize", "value": "12" }, { "key": "sortBy", "value": "name" }, { "key": "sortOrder", "value": "asc" }, { "key": "search", "value": "" }, { "key": "includeArchived", "value": "false" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"data\": [\n {\n \"id\": \"string\",\n \"artifactId\": \"string\",\n \"name\": \"string\",\n \"version\": \"string\",\n \"externalSync\": {\n \"key_0\": false,\n \"key_1\": false\n },\n \"entitiesCount\": 9313,\n \"description\": \"string\",\n \"archivedAt\": \"2015-11-23T06:02:27.305Z\"\n },\n {\n \"id\": \"string\",\n \"artifactId\": \"string\",\n \"name\": \"string\",\n \"version\": \"string\",\n \"externalSync\": {\n \"key_0\": 4502.822366317118,\n \"key_1\": \"string\",\n \"key_2\": \"string\"\n },\n \"entitiesCount\": 2585,\n \"description\": \"string\",\n \"archivedAt\": \"1978-06-20T17:37:03.616Z\"\n }\n ],\n \"meta\": {\n \"total\": 430,\n \"page\": 339,\n \"pageSize\": 412,\n \"totalPages\": 1586,\n \"sortBy\": \"string\",\n \"sortOrder\": \"string\",\n \"search\": \"string\"\n }\n}", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "5e78e590-b3f0-4fad-8b80-d8166544eed9", "name": "Upload a new app configuration", "request": { "name": "Upload a new app configuration", "description": { "content": "Admin-only. Upload a JSON file with `multipart/form-data`; max 10 MB.", "type": "text/plain" }, "url": { "path": [ "api", "apps" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "multipart/form-data" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "formdata", "formdata": [ { "key": "config", "type": "file", "description": "(Required) JSON file matching the AppConfig schema" } ] } }, "response": [ { "id": "05f4244b-0825-4000-8122-f947b4cef150", "name": "Configuration uploaded and app instance created", "originalRequest": { "url": { "path": [ "api", "apps" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) JSON file matching the AppConfig schema", "type": "text/plain" }, "key": "config", "value": "", "type": "text" } ] } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"success\",\n \"artifactId\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "895f6748-18ad-4f3a-90ae-3e7b2f3486b6", "name": "Missing file or invalid config schema", "originalRequest": { "url": { "path": [ "api", "apps" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) JSON file matching the AppConfig schema", "type": "text/plain" }, "key": "config", "value": "", "type": "text" } ] } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "4da3c22e-1000-45c5-b678-51142f5bcdaa", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "apps" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) JSON file matching the AppConfig schema", "type": "text/plain" }, "key": "config", "value": "", "type": "text" } ] } }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "18dcb751-b046-4c4c-8e81-05b1e7f6e4e6", "name": "{id}", "item": [ { "id": "800984c2-b963-4150-b974-a69a02b27fc7", "name": "Get app configuration by ID", "request": { "name": "Get app configuration by ID", "description": { "content": "Returns the full config. Non-admin users can only access configs in their `tenantIds`.", "type": "text/plain" }, "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "a6705efe-7437-4444-b94f-bdc1af69acef", "name": "App config", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"id\": \"string\",\n \"name\": \"string\",\n \"description\": \"string\",\n \"version\": \"string\",\n \"url\": \"string\",\n \"entityForms\": [\n {\n \"id\": \"string\",\n \"name\": \"string\",\n \"title\": \"string\",\n \"dependsOn\": \"string\",\n \"entityType\": \"record\",\n \"nameField\": \"string\",\n \"formio\": {\n \"key_0\": false\n }\n },\n {\n \"id\": \"string\",\n \"name\": \"string\",\n \"title\": \"string\",\n \"dependsOn\": \"string\",\n \"entityType\": \"group\",\n \"nameField\": \"string\",\n \"formio\": {\n \"key_0\": true\n }\n }\n ],\n \"externalSync\": {\n \"key_0\": true,\n \"key_1\": \"string\"\n },\n \"authConfigs\": [\n {\n \"type\": \"string\",\n \"fields\": {\n \"key_0\": \"string\",\n \"key_1\": \"string\"\n }\n },\n {\n \"type\": \"string\",\n \"fields\": {\n \"key_0\": \"string\",\n \"key_1\": \"string\",\n \"key_2\": \"string\",\n \"key_3\": \"string\"\n }\n }\n ],\n \"selfService\": {\n \"enabled\": true,\n \"authMethods\": [\n \"id\",\n \"qr\"\n ],\n \"allowedForms\": [\n \"string\",\n \"string\"\n ],\n \"languages\": [\n \"string\",\n \"string\"\n ],\n \"requireReview\": false,\n \"oidcConfig\": {\n \"authority\": \"http://iVEaUSdNWdGXbyupXaefVBZZJBzGyN.hhxU3c3uIO0AIemPXD5QvnNtNKP1panqzfln5Co\",\n \"clientId\": \"string\",\n \"redirectUri\": \"https://nhmKlDYAYApugqXlO.dhps\",\n \"scope\": \"string\",\n \"acrValues\": \"string\",\n \"entityMapping\": {}\n }\n }\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "d8c3b83d-4a71-4c2a-a766-e7b64bdc9485", "name": "Not permitted to view this program", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "26e7499b-fa81-4c1b-81fc-f7951473ef71", "name": "Replace app configuration", "request": { "name": "Replace app configuration", "description": { "content": "Admin-only. Upload JSON file; `id` in payload must match URL.", "type": "text/plain" }, "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "key": "Content-Type", "value": "multipart/form-data" }, { "key": "Accept", "value": "application/json" } ], "method": "PUT", "auth": null, "body": { "mode": "formdata", "formdata": [ { "key": "config", "type": "file", "description": "(Required) " } ] } }, "response": [ { "id": "e75fd232-00c1-4710-b381-cfc58409df6c", "name": "Replaced", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "PUT", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "config", "value": "", "type": "text" } ] } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"success\",\n \"artifactId\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "d0b06eb7-a964-4754-9c85-ca21bc599284", "name": "Missing file, ID mismatch, or invalid schema", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "PUT", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "config", "value": "", "type": "text" } ] } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "196e2c48-b3fb-4400-8a93-1826f8b8dd25", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "PUT", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "config", "value": "", "type": "text" } ] } }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "46aae414-6442-4b21-a826-4b90fc288bf5", "name": "Archive app configuration", "request": { "name": "Archive app configuration", "description": { "content": "Admin-only. Soft-delete — the config is marked archived and hidden from default listings but can be restored.", "type": "text/plain" }, "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "method": "DELETE", "auth": null }, "response": [ { "id": "5b97ce5b-52c7-4646-a3a8-7622d105ff7a", "name": "Archived", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "ffd2b23e-857c-40e1-baa5-7fc2d46f535d", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "apps", ":id" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "bed8cae9-865b-4847-80b7-726f84836840", "name": "Public config metadata", "request": { "name": "Public config metadata", "description": { "content": "Unauthenticated. Returns only safe-to-expose fields (name, description, self-service methods,\nauth providers). Used by mobile/web apps before login. Rate limited to 60/15m per IP.\n", "type": "text/plain" }, "url": { "path": [ "api", "apps", ":id", "public" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "d8ca5e52-cb2b-4788-99f5-ddfcf27a4495", "name": "Public metadata", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "public" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"name\": \"string\",\n \"description\": \"string\",\n \"selfService\": {},\n \"authConfigs\": [\n {\n \"type\": \"string\"\n },\n {\n \"type\": \"string\"\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "1dd4f04b-6877-4918-97e0-92c3bd089d8a", "name": "Configuration not found", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "public" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "e13e6370-8ebe-4d20-bc55-5af6fd0f7ab8", "name": "Rate limit exceeded", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "public" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Too Many Requests", "code": 429, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "93e06a4d-0324-4322-ae82-2527dcd3fb3a", "name": "Restore archived configuration", "request": { "name": "Restore archived configuration", "description": { "content": "Admin-only. Un-archives a previously deleted config.", "type": "text/plain" }, "url": { "path": [ "api", "apps", ":id", "restore" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "method": "POST", "auth": null }, "response": [ { "id": "9eacb0fe-64c2-4301-9d9b-2876d095ae34", "name": "Restored", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "restore" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "58409c2e-5284-49ac-a982-39095aaec1eb", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "restore" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "3661c01d-8270-4402-852b-00f8563553a6", "name": "Permanently delete configuration (non-production only)", "request": { "name": "Permanently delete configuration (non-production only)", "description": { "content": "Admin-only. Hard-deletes the config, its entities, and its artifacts. Disabled when `NODE_ENV=production`.", "type": "text/plain" }, "url": { "path": [ "api", "apps", ":id", "purge" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "DELETE", "auth": null }, "response": [ { "id": "78c1c16d-5df0-496a-a8fb-0eb8b9ea1265", "name": "Permanently deleted", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "purge" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "DELETE", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"success\",\n \"warning\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "fa32ccb5-20e1-4e7b-950b-2f47227159eb", "name": "Requires admin role", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "purge" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "5e111281-2274-462d-9458-d02bc9d41f8c", "name": "Route disabled in production", "originalRequest": { "url": { "path": [ "api", "apps", ":id", "purge" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "id", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] } ], "event": [] }, { "id": "96dc6043-561d-4a94-826d-6d4b1aa28136", "name": "entities", "item": [ { "id": "796e3cee-55c8-4a6d-84be-b76b50a0c143", "name": "List entities", "request": { "name": "List entities", "description": { "content": "Returns entity summaries sorted by `lastUpdated` descending. `limit` is capped at 1000.", "type": "text/plain" }, "url": { "path": [ "api", "entities" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." }, { "disabled": false, "key": "limit", "value": "100" } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "7e4bfc8f-301b-438a-8cc6-77bd85d392eb", "name": "Entity list", "originalRequest": { "url": { "path": [ "api", "entities" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" }, { "key": "limit", "value": "100" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"individual\",\n \"data\": {\n \"key_0\": 4954\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"2017-11-23T07:44:51.998Z\"\n },\n {\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"individual\",\n \"data\": {\n \"key_0\": false\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"1977-03-13T22:54:04.482Z\"\n }\n]", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "4651b3f2-a0a0-4821-8276-4ca88b9717a2", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "entities" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" }, { "key": "limit", "value": "100" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "c9e71414-4958-42e5-90a3-3fad78921df5", "name": "Count entities", "request": { "name": "Count entities", "description": {}, "url": { "path": [ "api", "entities", "count" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "3de4d402-d5e3-41ba-b701-2b3a3212e600", "name": "Count", "originalRequest": { "url": { "path": [ "api", "entities", "count" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"count\": 1942\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "e8219667-0f02-4968-9057-d0247f86840e", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "entities", "count" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "6cae5e1d-0e8f-406e-bf71-8ba5bbd860e8", "name": "Count entities grouped by form", "request": { "name": "Count entities grouped by form", "description": { "content": "Groups entities by `data.entityName`. Entities without an `entityName` are bucketed under `Unknown`.", "type": "text/plain" }, "url": { "path": [ "api", "entities", "count-by-form" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "737a3452-668c-430a-9d08-8db12dd7a8ee", "name": "Map of form name to count", "originalRequest": { "url": { "path": [ "api", "entities", "count-by-form" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"key_0\": 7871,\n \"key_1\": 4652\n}", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "5da01db9-f6cd-4531-ae20-f48dbd447733", "name": "Search entities", "request": { "name": "Search entities", "description": { "content": "Accepts an array of criteria (max 10) where each criterion is an object whose fields are\nAND'd. String values are capped at 200 characters. `limit` is capped at 500.\n", "type": "text/plain" }, "url": { "path": [ "api", "entities", "search" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"criteria\": [\n {\n \"key_0\": 9003.642727465149\n },\n {\n \"key_0\": 118.47304372232581\n }\n ],\n \"limit\": 50\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "746eb089-c9ce-453f-ba34-2fed96d8a181", "name": "Matching entities", "originalRequest": { "url": { "path": [ "api", "entities", "search" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"criteria\": [\n {\n \"key_0\": false\n },\n {\n \"key_0\": \"string\"\n }\n ],\n \"limit\": 50\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"record\",\n \"data\": {\n \"key_0\": false,\n \"key_1\": true\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"1971-02-13T17:36:04.745Z\"\n },\n {\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"group\",\n \"data\": {\n \"key_0\": 1241\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"1969-02-02T18:19:35.011Z\"\n }\n]", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "221f4998-d496-4db5-a488-ca67a3986c38", "name": "Invalid criteria", "originalRequest": { "url": { "path": [ "api", "entities", "search" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"criteria\": [\n {\n \"key_0\": false\n },\n {\n \"key_0\": \"string\"\n }\n ],\n \"limit\": 50\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "3f87aaaa-3309-4b36-9a7f-16b6588ac3d7", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "entities", "search" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"criteria\": [\n {\n \"key_0\": false\n },\n {\n \"key_0\": \"string\"\n }\n ],\n \"limit\": 50\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "d212677b-6ea7-4f8f-9981-0cf6ce874913", "name": "{guid}", "item": [ { "id": "b90c5f1b-bcd8-4784-a8ee-00a39b0a4629", "name": "Get entity by GUID", "request": { "name": "Get entity by GUID", "description": {}, "url": { "path": [ "api", "entities", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "404f6cb2-cde8-455a-bb51-38c00dacf43f", "name": "Entity", "originalRequest": { "url": { "path": [ "api", "entities", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"individual\",\n \"data\": {\n \"key_0\": 9568.601255190686\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"2005-05-30T07:47:14.358Z\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "f32184aa-0c40-4282-a15f-43b6e2068a87", "name": "Entity or tenant not found", "originalRequest": { "url": { "path": [ "api", "entities", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "2d53c0f1-9cb9-4e8e-9f21-71ccd88fc941", "name": "List members of a group", "request": { "name": "List members of a group", "description": { "content": "Returns an empty array if the GUID is not a group or has no members. 404 if the GUID does not exist.", "type": "text/plain" }, "url": { "path": [ "api", "entities", ":guid", "members" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "e4e3e66c-c20d-4f30-b337-183b780c4eec", "name": "Members", "originalRequest": { "url": { "path": [ "api", "entities", ":guid", "members" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"record\",\n \"data\": {\n \"key_0\": false,\n \"key_1\": true\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"1971-02-13T17:36:04.745Z\"\n },\n {\n \"guid\": \"string\",\n \"id\": \"string\",\n \"name\": \"string\",\n \"entityName\": \"string\",\n \"type\": \"group\",\n \"data\": {\n \"key_0\": 1241\n },\n \"memberIds\": [\n \"string\",\n \"string\"\n ],\n \"lastUpdated\": \"1969-02-02T18:19:35.011Z\"\n }\n]", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "49eef4ec-967c-47dd-90a4-ac2eb1cde46d", "name": "Entity not found or not a group", "originalRequest": { "url": { "path": [ "api", "entities", ":guid", "members" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "89352255-12cc-407a-af4c-abf19a4bb4b7", "name": "List events for an entity", "request": { "name": "List events for an entity", "description": { "content": "Returns all events for the entity, sorted by timestamp ascending.", "type": "text/plain" }, "url": { "path": [ "api", "entities", ":guid", "events" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "f2f77a5f-3bb8-4761-8dd2-4e4f7ba17efb", "name": "Events", "originalRequest": { "url": { "path": [ "api", "entities", ":guid", "events" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"guid\": \"f82a94f1-7982-2717-f696-7b19e7ad3488\",\n \"entityGuid\": \"string\",\n \"type\": \"string\",\n \"data\": {\n \"key_0\": 1976,\n \"key_1\": true\n },\n \"timestamp\": \"2001-01-11T20:58:31.492Z\",\n \"userId\": \"string\",\n \"syncLevel\": 1,\n \"schemaVersion\": 860\n },\n {\n \"guid\": \"8e384989-6e7c-1482-5df2-e0b28aac6edc\",\n \"entityGuid\": \"string\",\n \"type\": \"string\",\n \"data\": {\n \"key_0\": \"string\",\n \"key_1\": false\n },\n \"timestamp\": \"2011-02-09T08:39:26.641Z\",\n \"userId\": \"string\",\n \"syncLevel\": 1,\n \"schemaVersion\": 4114\n }\n]", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "a2ff59da-0c86-4d3f-b08b-1b6e3bcc3d7a", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "entities", ":guid", "events" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] } ], "event": [] }, { "id": "a81756b2-98bb-4725-9089-45935b482dba", "name": "sync", "item": [ { "id": "b10bdbb8-f06d-4f63-a6e3-8c32a11b44f2", "name": "pull", "item": [ { "id": "fd916623-0edd-4762-8ef0-11f26c6ff8e0", "name": "Pull events from server", "request": { "name": "Pull events from server", "description": { "content": "Returns events updated after `since`, paginated with a composite cursor. Pages are 10\nevents by default (100 when `areaIds` is provided). When `areaIds` is set, events are\nserver-side filtered to only those targeting entities in the listed areas.\n\nUnresolved potential duplicates do not block delivery but are surfaced as a `warnings`\narray in the response.\n", "type": "text/plain" }, "url": { "path": [ "api", "sync", "pull" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." }, { "disabled": false, "key": "since", "value": "", "description": "Composite cursor `timestamp|eventGuid` or ISO timestamp. Defaults to epoch when absent." }, { "disabled": false, "key": "areaIds", "value": "", "description": "Comma-separated area IDs for selective sync" } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "a17be552-067a-467a-84c2-9d9a22ebea05", "name": "Page of events", "originalRequest": { "url": { "path": [ "api", "sync", "pull" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" }, { "key": "since", "value": "" }, { "key": "areaIds", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"events\": [\n {\n \"guid\": \"308c8d2f-803e-d76f-4ff4-61ecfe6c65c3\",\n \"entityGuid\": \"string\",\n \"type\": \"string\",\n \"data\": {\n \"key_0\": 5041,\n \"key_1\": \"string\"\n },\n \"timestamp\": \"1996-06-07T21:34:15.719Z\",\n \"userId\": \"string\",\n \"syncLevel\": 0,\n \"schemaVersion\": 6215\n },\n {\n \"guid\": \"ddd150f4-34cb-cb43-b3fc-d2f62c1b3db2\",\n \"entityGuid\": \"string\",\n \"type\": \"string\",\n \"data\": {\n \"key_0\": \"string\"\n },\n \"timestamp\": \"1948-04-25T10:44:00.998Z\",\n \"userId\": \"string\",\n \"syncLevel\": 1,\n \"schemaVersion\": 9942\n }\n ],\n \"nextCursor\": \"string\",\n \"warnings\": [\n \"string\",\n \"string\"\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "5469d94c-d3e7-4e8b-812d-e9aa18f70746", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "sync", "pull" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" }, { "key": "since", "value": "" }, { "key": "areaIds", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "5a707939-05e0-44db-aacb-5ab2b3cb0f97", "name": "External pull callback (reserved)", "request": { "name": "External pull callback (reserved)", "description": { "content": "Placeholder for async external-pull callbacks. Currently returns `not implemented`.", "type": "text/plain" }, "url": { "path": [ "api", "sync", "pull", "callback" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [] }, "method": "GET", "auth": null }, "response": [ { "id": "f1aa1400-0be4-4ecd-af3b-2ef71bc786be", "name": "Placeholder response", "originalRequest": { "url": { "path": [ "api", "sync", "pull", "callback" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "93910386-3701-4644-a7ec-571835a44091", "name": "Pull audit logs", "request": { "name": "Pull audit logs", "description": { "content": "Returns all audit log entries created after `since`.", "type": "text/plain" }, "url": { "path": [ "api", "sync", "pull", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." }, { "disabled": false, "key": "since", "value": "" } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "96fa3b8b-0778-499b-bc25-53b32deed33c", "name": "Audit logs", "originalRequest": { "url": { "path": [ "api", "sync", "pull", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" }, { "key": "since", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"guid\": \"string\",\n \"timestamp\": \"1971-08-31T23:21:19.388Z\",\n \"action\": \"string\",\n \"eventGuid\": \"string\",\n \"entityGuid\": \"string\",\n \"changes\": {\n \"key_0\": true,\n \"key_1\": true\n },\n \"signature\": \"string\",\n \"userId\": \"string\"\n },\n {\n \"guid\": \"string\",\n \"timestamp\": \"1974-02-11T12:19:04.528Z\",\n \"action\": \"string\",\n \"eventGuid\": \"string\",\n \"entityGuid\": \"string\",\n \"changes\": {\n \"key_0\": \"string\",\n \"key_1\": \"string\"\n },\n \"signature\": \"string\",\n \"userId\": \"string\"\n }\n]", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "a2abfd6e-195e-47d3-974f-763612b95657", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "sync", "pull", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" }, { "key": "since", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "dd33abd7-dae5-44ca-b95e-5284467a1da6", "name": "push", "item": [ { "id": "1e575dfd-711c-40af-b2b0-47981fbcda5a", "name": "Push events to server", "request": { "name": "Push events to server", "description": { "content": "Submits a batch of events for the tenant. When a direct postgres URL is available, the\nbatch runs transactionally — all events commit or none are applied.\n", "type": "text/plain" }, "url": { "path": [ "api", "sync", "push" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"events\": [\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": \"string\",\n \"key_1\": 7305.900225241795,\n \"key_2\": 144,\n \"key_3\": 1204\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n },\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": 6283.322180605568,\n \"key_1\": 4488.872886247048,\n \"key_2\": 6104\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "18b7134a-c0b9-4e19-b641-93a1394c179d", "name": "Batch applied", "originalRequest": { "url": { "path": [ "api", "sync", "push" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"events\": [\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": 156.12066207581597,\n \"key_1\": 208\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n },\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": \"string\"\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"success\",\n \"applied\": 2392,\n \"failed\": 2906,\n \"errors\": [\n {\n \"key_0\": false\n },\n {\n \"key_0\": false,\n \"key_1\": \"string\",\n \"key_2\": \"string\",\n \"key_3\": 6278,\n \"key_4\": true\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "77335396-5204-40d0-b938-69201ffbcd0b", "name": "Invalid payload", "originalRequest": { "url": { "path": [ "api", "sync", "push" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"events\": [\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": 156.12066207581597,\n \"key_1\": 208\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n },\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": \"string\"\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "224e16da-71a0-48b1-8576-425057736856", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "sync", "push" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"events\": [\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": 156.12066207581597,\n \"key_1\": 208\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n },\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": \"string\"\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "567b0199-4f45-4335-87dc-9f22ed1bef16", "name": "Batch rolled back; no events applied", "originalRequest": { "url": { "path": [ "api", "sync", "push" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"events\": [\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": 156.12066207581597,\n \"key_1\": 208\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n },\n {\n \"guid\": \"\",\n \"entityGuid\": \"\",\n \"type\": \"\",\n \"data\": {\n \"key_0\": \"string\"\n },\n \"timestamp\": \"\",\n \"userId\": \"\",\n \"syncLevel\": \"\",\n \"schemaVersion\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unprocessable Entity (WebDAV) (RFC 4918)", "code": 422, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "3c26fd3a-85f5-4706-abab-34d711d02807", "name": "Push audit logs", "request": { "name": "Push audit logs", "description": { "content": "Upload audit log entries for hash-chain integrity tracking. Each entry must carry a\nsignature produced by the client.\n", "type": "text/plain" }, "url": { "path": [ "api", "sync", "push", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"auditLogs\": [\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": false\n },\n \"signature\": \"\",\n \"userId\": \"\"\n },\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": true,\n \"key_1\": 2132\n },\n \"signature\": \"\",\n \"userId\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "8b40b35d-b851-44c7-a4b5-b022bb2cb589", "name": "Saved", "originalRequest": { "url": { "path": [ "api", "sync", "push", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"auditLogs\": [\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": false,\n \"key_1\": false\n },\n \"signature\": \"\",\n \"userId\": \"\"\n },\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": 3158\n },\n \"signature\": \"\",\n \"userId\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "8e867f51-9513-4cbf-b331-a3c94918df5a", "name": "Invalid payload", "originalRequest": { "url": { "path": [ "api", "sync", "push", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"auditLogs\": [\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": false,\n \"key_1\": false\n },\n \"signature\": \"\",\n \"userId\": \"\"\n },\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": 3158\n },\n \"signature\": \"\",\n \"userId\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "112ce718-5015-4968-8a0c-a18203b7feba", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "sync", "push", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"auditLogs\": [\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": false,\n \"key_1\": false\n },\n \"signature\": \"\",\n \"userId\": \"\"\n },\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": 3158\n },\n \"signature\": \"\",\n \"userId\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "05d20a0c-d306-4a92-b3e7-b2db569139d8", "name": "Failed to save audit logs", "originalRequest": { "url": { "path": [ "api", "sync", "push", "audit-logs" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"auditLogs\": [\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": false,\n \"key_1\": false\n },\n \"signature\": \"\",\n \"userId\": \"\"\n },\n {\n \"guid\": \"\",\n \"timestamp\": \"\",\n \"action\": \"\",\n \"eventGuid\": \"\",\n \"entityGuid\": \"\",\n \"changes\": {\n \"key_0\": 3158\n },\n \"signature\": \"\",\n \"userId\": \"\"\n }\n ],\n \"configId\": \"default\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Internal Server Error", "code": 500, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "970aa512-27b0-4831-a475-209f9de1ebf9", "name": "Get latest external sync status", "request": { "name": "Get latest external sync status", "description": { "content": "Returns `isSyncing`, the last completed job, and the currently active job (if any) for the given config.", "type": "text/plain" }, "url": { "path": [ "api", "sync", "status" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "", "description": "(Required) " } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "95a2f4d5-12d6-4d33-ab4a-f2c4fbae77a2", "name": "Status", "originalRequest": { "url": { "path": [ "api", "sync", "status" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"isSyncing\": false,\n \"lastEvent\": {\n \"jobId\": \"2056a1f3-13ad-baf8-2cd9-f42958247e54\",\n \"configId\": \"string\",\n \"status\": \"pending\",\n \"phase\": \"pulling\",\n \"pushed\": 5254,\n \"pulled\": 4915,\n \"failed\": 2634,\n \"skipped\": 7154,\n \"durationMs\": 246,\n \"startedAt\": \"1995-03-18T01:16:07.095Z\",\n \"completedAt\": \"2024-12-07T08:17:36.469Z\",\n \"triggeredBy\": \"string\",\n \"errorMessage\": \"string\",\n \"errors\": [\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n },\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n }\n ]\n },\n \"activeJob\": {\n \"jobId\": \"2841f45f-b316-f24d-8319-74cb4b4a9118\",\n \"configId\": \"string\",\n \"status\": \"failed\",\n \"phase\": \"pushing\",\n \"pushed\": 6166,\n \"pulled\": 955,\n \"failed\": 1144,\n \"skipped\": 7291,\n \"durationMs\": 4527,\n \"startedAt\": \"1962-07-16T02:41:37.402Z\",\n \"completedAt\": \"1982-02-27T17:20:36.669Z\",\n \"triggeredBy\": \"string\",\n \"errorMessage\": \"string\",\n \"errors\": [\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n },\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n }\n ]\n }\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "45697929-ed1f-421c-905a-c3997c235dd0", "name": "Missing configId", "originalRequest": { "url": { "path": [ "api", "sync", "status" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "872326d0-c98e-4445-a0c2-33088d27008b", "name": "List recent sync jobs", "request": { "name": "List recent sync jobs", "description": { "content": "Returns the 20 most recent sync events for the given config, newest first.", "type": "text/plain" }, "url": { "path": [ "api", "sync", "events" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "", "description": "(Required) " } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "0e954eeb-2902-4557-93b0-851bbd7d27a4", "name": "Recent jobs", "originalRequest": { "url": { "path": [ "api", "sync", "events" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"events\": [\n {\n \"jobId\": \"4c810e87-e654-1904-154d-d7e3e69fadf0\",\n \"configId\": \"string\",\n \"status\": \"pending\",\n \"phase\": \"pulling\",\n \"pushed\": 9182,\n \"pulled\": 543,\n \"failed\": 2826,\n \"skipped\": 4516,\n \"durationMs\": 4457,\n \"startedAt\": \"1949-12-04T16:46:23.934Z\",\n \"completedAt\": \"1986-01-30T22:32:22.793Z\",\n \"triggeredBy\": \"string\",\n \"errorMessage\": \"string\",\n \"errors\": [\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n },\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n }\n ]\n },\n {\n \"jobId\": \"6a2242d6-7897-e830-e363-03a83381efac\",\n \"configId\": \"string\",\n \"status\": \"pending\",\n \"phase\": \"completed\",\n \"pushed\": 7677,\n \"pulled\": 5933,\n \"failed\": 9183,\n \"skipped\": 7190,\n \"durationMs\": 5945,\n \"startedAt\": \"1994-06-29T08:33:54.550Z\",\n \"completedAt\": \"1960-07-09T18:23:07.387Z\",\n \"triggeredBy\": \"string\",\n \"errorMessage\": \"string\",\n \"errors\": [\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n },\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n }\n ]\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "dabd5421-356e-4915-9c22-7f3fdadca421", "name": "Missing configId", "originalRequest": { "url": { "path": [ "api", "sync", "events" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "a1de52c9-17e0-4e93-9c8e-64ebeacc8c06", "name": "external", "item": [ { "id": "2d0a6c1f-c0c7-4f7c-837d-18f41092369c", "name": "Trigger external sync", "request": { "name": "Trigger external sync", "description": { "content": "Starts a background sync job against the configured external system. Returns 202 with a\n`jobId` immediately — poll `/api/sync/external/{jobId}` or `/api/sync/status` for\nprogress. Returns 409 if a job is already in progress for the same config.\n", "type": "text/plain" }, "url": { "path": [ "api", "sync", "external" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"credentials\": {\n \"username\": \"\",\n \"password\": \"\"\n }\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "8a952856-076b-4cf4-a32d-f97dcc8d7510", "name": "Job scheduled", "originalRequest": { "url": { "path": [ "api", "sync", "external" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"credentials\": {\n \"username\": \"\",\n \"password\": \"\"\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Accepted", "code": 202, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"jobId\": \"6dc63811-fc73-80d1-d0cf-1f26d39a8aa2\",\n \"status\": \"pending\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "f85547a9-aa06-4e8a-9495-0be74fb4420b", "name": "Invalid payload", "originalRequest": { "url": { "path": [ "api", "sync", "external" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"credentials\": {\n \"username\": \"\",\n \"password\": \"\"\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "d38c8ae9-03b9-4698-b615-e1b441a37ffe", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "sync", "external" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"credentials\": {\n \"username\": \"\",\n \"password\": \"\"\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "3087f381-64e4-4b8b-b41e-965a11afbaf0", "name": "Sync already in progress", "originalRequest": { "url": { "path": [ "api", "sync", "external" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"credentials\": {\n \"username\": \"\",\n \"password\": \"\"\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Conflict", "code": 409, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "8dd4052a-0c03-4eaa-a0a8-cbd356b944f8", "name": "Sync event store unavailable", "originalRequest": { "url": { "path": [ "api", "sync", "external" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"configId\": \"default\",\n \"credentials\": {\n \"username\": \"\",\n \"password\": \"\"\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Service Unavailable", "code": 503, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "aaaa96e2-bff8-495e-9c7c-330ab00988be", "name": "{jobId}", "item": [ { "id": "b3315250-ece7-4210-afc2-e2760cf2fa6d", "name": "Get sync job by ID", "request": { "name": "Get sync job by ID", "description": {}, "url": { "path": [ "api", "sync", "external", ":jobId" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "2e0ed27b-b64b-4483-bd9d-6cac6adc09a1", "name": "Job", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"jobId\": \"642644e0-89dd-05c8-9dad-498edc40976a\",\n \"configId\": \"string\",\n \"status\": \"pending\",\n \"phase\": \"pushing\",\n \"pushed\": 6449,\n \"pulled\": 42,\n \"failed\": 3767,\n \"skipped\": 6478,\n \"durationMs\": 9273,\n \"startedAt\": \"1997-07-26T02:29:54.428Z\",\n \"completedAt\": \"2025-06-24T01:58:55.683Z\",\n \"triggeredBy\": \"string\",\n \"errorMessage\": \"string\",\n \"errors\": [\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n },\n {\n \"entityGuid\": \"string\",\n \"code\": \"string\",\n \"message\": \"string\"\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "9655598c-683b-4ca5-b827-ecfef56ff7b8", "name": "No access to the job's tenant", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "847d2752-69e7-4e21-b32c-21a00dcbdd22", "name": "Job not found", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "6bd16147-ffdd-4a6e-a12f-507ff106ff4a", "name": "Sync event store unavailable", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Service Unavailable", "code": 503, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "bb0c85d9-16a0-4a9f-a2d6-71b23d50cefb", "name": "Cancel a running sync job", "request": { "name": "Cancel a running sync job", "description": { "content": "Signals the running job's abort controller. The job transitions to `cancelled` phase.", "type": "text/plain" }, "url": { "path": [ "api", "sync", "external", ":jobId", "cancel" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null }, "response": [ { "id": "329e90a7-2a6d-43b7-a4e8-dad95f25638a", "name": "Cancellation requested", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "cancel" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"cancelling\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "c663ed53-398f-4133-a7a2-5e90fc876faa", "name": "No access to the job's tenant", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "cancel" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "39e72f6a-7689-4246-98b7-f8c1c430760d", "name": "No active job with that ID", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "cancel" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "d5c69aa7-6d8f-4841-a32f-1ca746b39488", "name": "Retry a completed sync job", "request": { "name": "Retry a completed sync job", "description": { "content": "Creates a new job using the same `configId` as the original. Returns 409 if another job is already running.", "type": "text/plain" }, "url": { "path": [ "api", "sync", "external", ":jobId", "retry" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null }, "response": [ { "id": "4d147838-f6b5-4062-a630-0bb73b307ebc", "name": "New job scheduled", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "retry" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": {} }, "status": "Accepted", "code": 202, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"jobId\": \"6dc63811-fc73-80d1-d0cf-1f26d39a8aa2\",\n \"status\": \"pending\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "3147b79d-9149-43f6-8144-955a2ea8c4b0", "name": "Original job not found or tenant not found", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "retry" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "803455e6-e2fe-415a-89c6-a682b16c12d3", "name": "A sync is already in progress", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "retry" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "Conflict", "code": 409, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "df73ccfb-f8a0-4da9-ae75-a82138a1e357", "name": "Sync event store unavailable", "originalRequest": { "url": { "path": [ "api", "sync", "external", ":jobId", "retry" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "jobId", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": {} }, "status": "Service Unavailable", "code": 503, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] } ], "event": [] } ], "event": [] }, { "id": "4d55639d-d114-4caf-8670-0ed1fdc4b760", "name": "attachments", "item": [ { "id": "a4a1ba3b-ad6a-49c0-a9fa-12684cec8390", "name": "Upload an attachment", "request": { "name": "Upload an attachment", "description": { "content": "Attaches a binary file to an entity. Max size 50 MB. The filename is sanitized on\ningestion (null bytes, path separators, and header-injection sequences are replaced\nwith `_`).\n", "type": "text/plain" }, "url": { "path": [ "api", "attachments", "upload" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "multipart/form-data" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "formdata", "formdata": [ { "key": "file", "type": "file", "description": "(Required) " }, { "key": "entityGuid", "value": "", "type": "text", "description": "(Required) " }, { "key": "configId", "value": "default", "type": "text", "description": "" } ] } }, "response": [ { "id": "589c40ff-94ff-47ac-89d6-a8d2186350aa", "name": "Attachment stored", "originalRequest": { "url": { "path": [ "api", "attachments", "upload" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "file", "value": "", "type": "text" }, { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "entityGuid", "value": "", "type": "text" }, { "description": { "content": "", "type": "text/plain" }, "key": "configId", "value": "default", "type": "text" } ] } }, "status": "Created", "code": 201, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"success\",\n \"attachment\": {\n \"guid\": \"35f56951-3b61-bf32-ab31-36687c75f2ec\",\n \"entityGuid\": \"string\",\n \"filename\": \"string\",\n \"mimeType\": \"string\",\n \"sizeBytes\": 5876,\n \"createdAt\": \"2004-12-10T17:23:24.008Z\"\n }\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "d0d86126-e613-4780-befd-7a74f01acf76", "name": "Missing file, missing entityGuid, or tenant not found", "originalRequest": { "url": { "path": [ "api", "attachments", "upload" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "file", "value": "", "type": "text" }, { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "entityGuid", "value": "", "type": "text" }, { "description": { "content": "", "type": "text/plain" }, "key": "configId", "value": "default", "type": "text" } ] } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "c9994237-5db5-450d-936c-63b0c374a89f", "name": "{guid}", "item": [ { "id": "5cb101ad-37ec-4f52-8f5d-9b4687d20e0d", "name": "Download an attachment", "request": { "name": "Download an attachment", "description": {}, "url": { "path": [ "api", "attachments", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/octet-stream" } ], "method": "GET", "auth": null }, "response": [ { "id": "47a1b1fa-0388-42b4-add2-1662f31eca51", "name": "Binary content with `Content-Type`, `Content-Disposition`, `Content-Length` headers", "originalRequest": { "url": { "path": [ "api", "attachments", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/octet-stream" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/octet-stream" } ], "body": "string", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "fa37fb9c-1952-4898-b5c0-c7243a01ee34", "name": "Attachment not found", "originalRequest": { "url": { "path": [ "api", "attachments", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "452d7829-4113-4802-bf35-a87fbe5e15bb", "name": "Delete an attachment", "request": { "name": "Delete an attachment", "description": {}, "url": { "path": [ "api", "attachments", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "method": "DELETE", "auth": null }, "response": [ { "id": "cca83d27-8d28-4358-9b36-52999a235193", "name": "Deleted", "originalRequest": { "url": { "path": [ "api", "attachments", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "4a714374-4dde-4339-8e4c-99df2ddb492e", "name": "Attachment not found", "originalRequest": { "url": { "path": [ "api", "attachments", ":guid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "guid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "DELETE", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "97ececac-931a-4101-b0dd-b4e261a3b4ee", "name": "List attachment metadata for an entity", "request": { "name": "List attachment metadata for an entity", "description": {}, "url": { "path": [ "api", "attachments", "entity", ":entityGuid" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "entityGuid", "description": "(Required) " } ] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "62f3ce7e-c7d0-42cf-806a-89d0f42338c5", "name": "List", "originalRequest": { "url": { "path": [ "api", "attachments", "entity", ":entityGuid" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [ { "disabled": false, "type": "any", "value": "", "key": "entityGuid", "description": "(Required) " } ] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"success\",\n \"attachments\": [\n {\n \"guid\": \"867228f2-c641-c0e6-5e22-683651be7259\",\n \"entityGuid\": \"string\",\n \"filename\": \"string\",\n \"mimeType\": \"string\",\n \"sizeBytes\": 6317,\n \"createdAt\": \"2008-03-16T00:18:30.453Z\"\n },\n {\n \"guid\": \"a2657acf-51bf-4c56-56ad-15f994cd9b79\",\n \"entityGuid\": \"string\",\n \"filename\": \"string\",\n \"mimeType\": \"string\",\n \"sizeBytes\": 6623,\n \"createdAt\": \"1957-05-13T05:39:31.824Z\"\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "53688346-1b08-4068-a9e7-717afd671ef4", "name": "auth", "item": [ { "id": "cd2ca4d5-6de9-4aac-b3fb-7b72fc25c717", "name": "otp", "item": [ { "id": "b84acdff-644c-4fbb-b089-e8232a83c94a", "name": "Request OTP", "request": { "name": "Request OTP", "description": { "content": "Sends a one-time password to the given identifier (phone or email). In production this\nintegrates with an SMS or email gateway. Rate limits: 5 requests per 15 min per IP and\nper identifier. In non-production environments the plaintext code is returned as `devCode`.\n", "type": "text/plain" }, "url": { "path": [ "api", "auth", "otp", "request" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "4687a6f6-5c92-4e77-8d35-c8b4464d433c", "name": "OTP generated", "originalRequest": { "url": { "path": [ "api", "auth", "otp", "request" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"success\": false,\n \"expiresIn\": 300,\n \"devCode\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "d49fad97-192f-451f-86b7-ea491e270dd4", "name": "Invalid request", "originalRequest": { "url": { "path": [ "api", "auth", "otp", "request" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "69f7c609-7e79-4b88-a6da-7483ddd7914c", "name": "Rate limit exceeded", "originalRequest": { "url": { "path": [ "api", "auth", "otp", "request" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Too Many Requests", "code": 429, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "95609b57-2b1a-4d1d-8d8f-fba4055f3e7b", "name": "Verify OTP", "request": { "name": "Verify OTP", "description": { "content": "Verifies a one-time password and returns a self-service JWT scoped to the associated entity.", "type": "text/plain" }, "url": { "path": [ "api", "auth", "otp", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"otp\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "11e1a65d-6db4-4a29-9796-3faa1c691414", "name": "OTP verified", "originalRequest": { "url": { "path": [ "api", "auth", "otp", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"otp\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"username\": \"string\",\n \"token\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "d816ecdb-1063-431c-a266-a62ec54530b4", "name": "Invalid request", "originalRequest": { "url": { "path": [ "api", "auth", "otp", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"otp\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "afaa1064-00ca-4479-acb4-8bd44f1ad44d", "name": "Invalid OTP", "originalRequest": { "url": { "path": [ "api", "auth", "otp", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"identifier\": \"\",\n \"otp\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "38415afe-f530-4f78-a7c0-b8ccbbada870", "name": "Verify national ID + date of birth", "request": { "name": "Verify national ID + date of birth", "description": { "content": "Returns a self-service JWT if the supplied national ID and date of birth match a beneficiary in the tenant.", "type": "text/plain" }, "url": { "path": [ "api", "auth", "id", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"nationalId\": \"\",\n \"dateOfBirth\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "8ecafd37-72c8-4bbf-b13a-3e3b08260dc9", "name": "Verified", "originalRequest": { "url": { "path": [ "api", "auth", "id", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"nationalId\": \"\",\n \"dateOfBirth\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"username\": \"string\",\n \"token\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "ee34eb68-f1e3-415f-af21-8a8c72b7ed41", "name": "Verification failed", "originalRequest": { "url": { "path": [ "api", "auth", "id", "verify" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"nationalId\": \"\",\n \"dateOfBirth\": \"\",\n \"tenantId\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "81dd4612-78a2-4319-b6f4-9e5dd493211a", "name": "Exchange OIDC token for self-service JWT", "request": { "name": "Exchange OIDC token for self-service JWT", "description": { "content": "Validates an ID token from the tenant's configured OIDC provider (e.g. eSignet) and\nreturns a self-service JWT bound to the matching entity. Token issuer is pre-validated\nagainst the tenant config before any JWKS fetch (SSRF mitigation). JWKS origin must\nmatch the configured authority.\n", "type": "text/plain" }, "url": { "path": [ "api", "auth", "oidc", "exchange" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"idToken\": \"\",\n \"accessToken\": \"\",\n \"tenantId\": \"\",\n \"nonce\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "b3a8701a-0750-4f54-a931-70f11e1868af", "name": "Exchanged", "originalRequest": { "url": { "path": [ "api", "auth", "oidc", "exchange" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"idToken\": \"\",\n \"accessToken\": \"\",\n \"tenantId\": \"\",\n \"nonce\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"username\": \"string\",\n \"token\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "f4a3fe9c-9294-415e-a367-8711138e8df5", "name": "Invalid token format or OIDC not configured", "originalRequest": { "url": { "path": [ "api", "auth", "oidc", "exchange" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"idToken\": \"\",\n \"accessToken\": \"\",\n \"tenantId\": \"\",\n \"nonce\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "4b3808d5-5064-41bc-ab6b-cfd541043009", "name": "Token verification failed or no matching record", "originalRequest": { "url": { "path": [ "api", "auth", "oidc", "exchange" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"idToken\": \"\",\n \"accessToken\": \"\",\n \"tenantId\": \"\",\n \"nonce\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "b139d102-63e3-4875-9b83-baf53c4e78d2", "name": "No matching beneficiary", "originalRequest": { "url": { "path": [ "api", "auth", "oidc", "exchange" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"idToken\": \"\",\n \"accessToken\": \"\",\n \"tenantId\": \"\",\n \"nonce\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "6a83e3f7-60c9-4405-95b3-8b889639bcbc", "name": "Failed to fetch OIDC discovery or JWKS origin mismatch", "originalRequest": { "url": { "path": [ "api", "auth", "oidc", "exchange" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"idToken\": \"\",\n \"accessToken\": \"\",\n \"tenantId\": \"\",\n \"nonce\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Gateway", "code": 502, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "f1e8caf5-a2ce-4b40-8366-e9ff192ea183", "name": "self-service", "item": [ { "id": "50a82cab-f2d5-4d7f-8ae0-6d443f208f1e", "name": "Get citizen's own entity and available forms", "request": { "name": "Get citizen's own entity and available forms", "description": { "content": "Requires a self-service token. Returns the token's entity plus the forms the citizen may submit.", "type": "text/plain" }, "url": { "path": [ "api", "auth", "self-service", "entity" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{bearerToken}}" } ] } }, "response": [ { "id": "e1a290ed-15df-4d4d-a8ba-b44a73ecf966", "name": "Entity and forms", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "entity" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"entity\": {\n \"guid\": \"string\",\n \"data\": {\n \"key_0\": 7323\n },\n \"lastUpdated\": \"2005-03-08T11:58:41.945Z\"\n },\n \"availableForms\": [\n {\n \"type\": \"string\",\n \"label\": \"string\",\n \"formio\": {\n \"key_0\": 2475.506629725133\n }\n },\n {\n \"type\": \"string\",\n \"label\": \"string\",\n \"formio\": {\n \"key_0\": \"string\",\n \"key_1\": 5631\n }\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "f0947d89-b7f2-448e-8a83-0ada6a03517c", "name": "Token missing entityGuid", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "entity" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "89009596-13db-4135-89b1-cd073b481465", "name": "Cross-entity access forbidden", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "entity" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "6b0286f2-1610-46a0-98de-4175dda31cef", "name": "Tenant or entity not found", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "entity" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "c79dbca2-4a18-41bf-94ff-06dc6ce4ff6f", "name": "Submit self-service change request", "request": { "name": "Submit self-service change request", "description": { "content": "Submits a change request from the beneficiary. Standalone forms (life_event, grievance)\nare stored for review without entity side-effects. Entity update forms go through the\nreview pipeline when `requireReview` is enabled; otherwise they are applied directly.\n", "type": "text/plain" }, "url": { "path": [ "api", "auth", "self-service", "submit" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{bearerToken}}" } ] }, "body": { "mode": "raw", "raw": "{\n \"formType\": \"\",\n \"formData\": {\n \"key_0\": true,\n \"key_1\": 6884\n }\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "939e0f9e-94c7-42fc-9300-6dbbbe25036c", "name": "Submitted", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submit" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"formType\": \"\",\n \"formData\": {\n \"key_0\": 4628\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"status\": \"pending_review\",\n \"submissionGuid\": \"bdf89071-8482-78ed-442d-ff0abcd2ab57\",\n \"reviewId\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "3713139d-2311-42db-b1ba-f0f2fcb3eff9", "name": "Invalid request or token missing entityGuid", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submit" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"formType\": \"\",\n \"formData\": {\n \"key_0\": 4628\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "d3a2c2a7-3a3d-42eb-b613-59937af4717b", "name": "Form type not allowed for this program", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submit" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"formType\": \"\",\n \"formData\": {\n \"key_0\": 4628\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Forbidden", "code": 403, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "7fd4a823-480d-49d9-a758-1eedb0896806", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submit" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"formType\": \"\",\n \"formData\": {\n \"key_0\": 4628\n }\n}", "options": { "raw": { "language": "json" } } } }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "dcb366bd-e5f1-40b4-ae5a-fcad04cdfdc1", "name": "List citizen's submission history", "request": { "name": "List citizen's submission history", "description": { "content": "Returns both applied events (from the audit trail) and pending/rejected reviews, newest first.", "type": "text/plain" }, "url": { "path": [ "api", "auth", "self-service", "submissions" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{bearerToken}}" } ] } }, "response": [ { "id": "6e2811b5-c1ab-47f1-91f1-747596ab5a9d", "name": "History", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submissions" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"submissions\": [\n {\n \"id\": \"string\",\n \"submissionGuid\": \"string\",\n \"tenantId\": \"string\",\n \"status\": \"string\",\n \"eventType\": \"string\",\n \"entityGuid\": \"string\",\n \"createdAt\": \"2015-02-01T19:46:20.120Z\"\n },\n {\n \"id\": \"string\",\n \"submissionGuid\": \"string\",\n \"tenantId\": \"string\",\n \"status\": \"string\",\n \"eventType\": \"string\",\n \"entityGuid\": \"string\",\n \"createdAt\": \"1979-08-13T09:10:11.989Z\"\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "9d89d634-b0aa-4c7b-a801-a3c5afc1a6ab", "name": "Token missing entityGuid", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submissions" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "c5e9b619-6251-446d-b846-1b7f7f3dc48f", "name": "Tenant not found", "originalRequest": { "url": { "path": [ "api", "auth", "self-service", "submissions" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "GET", "body": {} }, "status": "Not Found", "code": 404, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] } ], "event": [] }, { "id": "d73fcd95-38bf-4d86-a55a-39e0404e32d4", "name": "potential-duplicates", "item": [ { "id": "d4642619-e449-4eeb-8e73-b91106b1f682", "name": "List potential duplicates", "request": { "name": "List potential duplicates", "description": {}, "url": { "path": [ "api", "potential-duplicates" ], "host": [ "{{baseUrl}}" ], "query": [ { "disabled": false, "key": "configId", "value": "default", "description": "Program (tenant) identifier. Defaults to `default`." } ], "variable": [] }, "header": [ { "key": "Accept", "value": "application/json" } ], "method": "GET", "auth": null }, "response": [ { "id": "7655543e-b105-4dcb-bc10-2007c81e3361", "name": "Potential duplicates for the tenant", "originalRequest": { "url": { "path": [ "api", "potential-duplicates" ], "host": [ "{{baseUrl}}" ], "query": [ { "key": "configId", "value": "default" } ], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "GET", "body": {} }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "[\n {\n \"entityGuid\": \"string\",\n \"duplicateGuid\": \"string\",\n \"detectedAt\": \"1988-06-06T18:35:59.898Z\"\n },\n {\n \"entityGuid\": \"string\",\n \"duplicateGuid\": \"string\",\n \"detectedAt\": \"1978-01-29T02:29:27.483Z\"\n }\n]", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "ca808101-0831-4866-b86e-436caa35b527", "name": "Resolve a potential duplicate", "request": { "name": "Resolve a potential duplicate", "description": { "content": "Submits a `resolve-duplicate` event. If `shouldDeleteNewItem` is `true`, the new entity\nis deleted and the existing one is retained; otherwise both entities are kept and the\npair is marked reviewed.\n", "type": "text/plain" }, "url": { "path": [ "api", "potential-duplicates", "resolve" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"newItem\": \"\",\n \"existingItem\": \"\",\n \"configId\": \"default\",\n \"shouldDeleteNewItem\": false\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "73127af1-6bf3-4741-a4b8-044671e50840", "name": "Resolved", "originalRequest": { "url": { "path": [ "api", "potential-duplicates", "resolve" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"newItem\": \"\",\n \"existingItem\": \"\",\n \"configId\": \"default\",\n \"shouldDeleteNewItem\": false\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] }, { "id": "561cd15f-74f7-458a-8580-de75df8b0636", "name": "openspp-fields", "item": [ { "id": "16617cc3-3f86-42fe-bfc0-037c9dff76c2", "name": "Parse OpenSPP fields from uploaded JSON file", "request": { "name": "Parse OpenSPP fields from uploaded JSON file", "description": { "content": "Upload a JSON file; the server infers field types and returns the schema. Max 10 MB.", "type": "text/plain" }, "url": { "path": [ "api", "openspp-fields", "parse-file" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "multipart/form-data" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "formdata", "formdata": [ { "key": "payload", "type": "file", "description": "(Required) " } ] } }, "response": [ { "id": "0cf51043-9fc7-40f9-9e28-3438c8ccbf3b", "name": "Parsed fields", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "parse-file" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "payload", "value": "", "type": "text" } ] } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"fields\": [\n {\n \"name\": \"string\",\n \"type\": \"relation\",\n \"label\": \"string\",\n \"required\": false,\n \"options\": [\n {\n \"id\": \"\",\n \"label\": \"string\"\n },\n {\n \"id\": \"\",\n \"label\": \"string\"\n }\n ]\n },\n {\n \"name\": \"string\",\n \"type\": \"relation\",\n \"label\": \"string\",\n \"required\": false,\n \"options\": [\n {\n \"id\": \"\",\n \"label\": \"string\"\n },\n {\n \"id\": \"\",\n \"label\": \"string\"\n }\n ]\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "7c5db6ce-8a64-4864-baf4-2516b824e730", "name": "Invalid JSON or missing file", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "parse-file" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "formdata", "formdata": [ { "description": { "content": "(Required) ", "type": "text/plain" }, "key": "payload", "value": "", "type": "text" } ] } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "d6e3ad97-7015-4204-83a3-cfc41c4323cd", "name": "Parse OpenSPP fields from JSON payload", "request": { "name": "Parse OpenSPP fields from JSON payload", "description": { "content": "Inline JSON variant of `/parse-file`.", "type": "text/plain" }, "url": { "path": [ "api", "openspp-fields", "parse" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "35f605f1-c81d-45b4-b005-fc43b9d9eb4c", "name": "Parsed fields", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "parse" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"fields\": [\n {\n \"name\": \"string\",\n \"type\": \"date\",\n \"label\": \"string\",\n \"required\": false,\n \"options\": [\n {\n \"id\": \"\",\n \"label\": \"string\"\n },\n {\n \"id\": \"\",\n \"label\": \"string\"\n }\n ]\n },\n {\n \"name\": \"string\",\n \"type\": \"date\",\n \"label\": \"string\",\n \"required\": false,\n \"options\": [\n {\n \"id\": \"\",\n \"label\": \"string\"\n },\n {\n \"id\": \"\",\n \"label\": \"string\"\n }\n ]\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "577ff54b-05bd-46a1-8c38-ea3a8a6e0bb6", "name": "Fetch fields from OpenSPP V1 (Odoo)", "request": { "name": "Fetch fields from OpenSPP V1 (Odoo)", "description": { "content": "Authenticates to Odoo via JSON-RPC and returns the field metadata for the given model.\nBlocks requests to private IP ranges and cloud metadata endpoints (SSRF mitigation).\n", "type": "text/plain" }, "url": { "path": [ "api", "openspp-fields", "fetch" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"url\": \"\",\n \"database\": \"\",\n \"username\": \"\",\n \"password\": \"\",\n \"model\": \"res.partner\",\n \"fields\": [\n \"\",\n \"\"\n ],\n \"attributes\": [\n \"\",\n \"\"\n ]\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "1810fc91-c117-4122-9cdf-c69f3b831de5", "name": "Fields", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "fetch" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"url\": \"\",\n \"database\": \"\",\n \"username\": \"\",\n \"password\": \"\",\n \"model\": \"res.partner\",\n \"fields\": [\n \"\",\n \"\"\n ],\n \"attributes\": [\n \"\",\n \"\"\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"fields\": [\n {\n \"name\": \"string\",\n \"type\": \"date\",\n \"label\": \"string\",\n \"required\": false,\n \"options\": [\n {\n \"id\": \"\",\n \"label\": \"string\"\n },\n {\n \"id\": \"\",\n \"label\": \"string\"\n }\n ]\n },\n {\n \"name\": \"string\",\n \"type\": \"date\",\n \"label\": \"string\",\n \"required\": false,\n \"options\": [\n {\n \"id\": \"\",\n \"label\": \"string\"\n },\n {\n \"id\": \"\",\n \"label\": \"string\"\n }\n ]\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "4a8889f6-3d30-4622-b8f5-062cb5fea785", "name": "Missing credentials or URL points at a private/internal range", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "fetch" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"url\": \"\",\n \"database\": \"\",\n \"username\": \"\",\n \"password\": \"\",\n \"model\": \"res.partner\",\n \"fields\": [\n \"\",\n \"\"\n ],\n \"attributes\": [\n \"\",\n \"\"\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "545c0751-f785-4b22-8520-36c16d87e2d5", "name": "Failed to fetch from Odoo", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "fetch" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"url\": \"\",\n \"database\": \"\",\n \"username\": \"\",\n \"password\": \"\",\n \"model\": \"res.partner\",\n \"fields\": [\n \"\",\n \"\"\n ],\n \"attributes\": [\n \"\",\n \"\"\n ]\n}", "options": { "raw": { "language": "json" } } } }, "status": "Internal Server Error", "code": 500, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "a70226fa-2494-42de-8749-729f06c662e5", "name": "v2", "item": [ { "id": "6114cca1-96ad-4a77-9214-268b880d86ce", "name": "Test OpenSPP V2 OAuth2 connection", "request": { "name": "Test OpenSPP V2 OAuth2 connection", "description": { "content": "Server-side OAuth2 client credentials test (avoids browser CORS issues).", "type": "text/plain" }, "url": { "path": [ "api", "openspp-fields", "v2", "test-connection" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "bff25db0-dd31-468d-9b8a-87c5a8de0be6", "name": "Connection result", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "v2", "test-connection" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"success\": false,\n \"scopes\": [\n \"string\",\n \"string\"\n ],\n \"error\": \"string\"\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "0a717758-4a93-4d18-a73e-23582b26c985", "name": "Missing parameters or URL points at a private/internal range", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "v2", "test-connection" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } }, { "id": "fdb99049-7555-4ff4-9dee-c16b5b5d0bf0", "name": "Fetch OpenSPP V2 Studio fields", "request": { "name": "Fetch OpenSPP V2 Studio fields", "description": { "content": "Authenticates server-side to OpenSPP V2, paginates `/api/v2/spp/Studio/fields`, and returns combined field metadata.", "type": "text/plain" }, "url": { "path": [ "api", "openspp-fields", "v2", "fields" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "key": "Content-Type", "value": "application/json" }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "auth": null, "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "response": [ { "id": "7c0bfcb6-4043-4a4f-b768-c007781ea61f", "name": "Studio fields", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "v2", "fields" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " }, { "key": "Accept", "value": "application/json" } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "OK", "code": 200, "header": [ { "key": "Content-Type", "value": "application/json" } ], "body": "{\n \"fields\": [\n {\n \"name\": \"string\",\n \"label\": \"string\",\n \"type\": \"string\",\n \"targetType\": \"individual\",\n \"required\": true,\n \"source\": \"studio\",\n \"selectionOptions\": [\n {\n \"value\": \"string\",\n \"label\": \"string\"\n },\n {\n \"value\": \"string\",\n \"label\": \"string\"\n }\n ]\n },\n {\n \"name\": \"string\",\n \"label\": \"string\",\n \"type\": \"string\",\n \"targetType\": \"individual\",\n \"required\": true,\n \"source\": \"studio\",\n \"selectionOptions\": [\n {\n \"value\": \"string\",\n \"label\": \"string\"\n },\n {\n \"value\": \"string\",\n \"label\": \"string\"\n }\n ]\n }\n ]\n}", "cookie": [], "_postman_previewlanguage": "json" }, { "id": "99843040-3261-4a36-a9b7-d122416a3e2e", "name": "Missing parameters or URL points at a private/internal range", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "v2", "fields" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Request", "code": 400, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "14a1e296-f92b-4b09-a14e-b5bc46ed635c", "name": "Authentication failed", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "v2", "fields" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Unauthorized", "code": 401, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" }, { "id": "c04b6934-a468-4ea3-9a08-658662ce1318", "name": "Authentication request failed", "originalRequest": { "url": { "path": [ "api", "openspp-fields", "v2", "fields" ], "host": [ "{{baseUrl}}" ], "query": [], "variable": [] }, "header": [ { "description": { "content": "Added as a part of security scheme: bearer", "type": "text/plain" }, "key": "Authorization", "value": "Bearer " } ], "method": "POST", "body": { "mode": "raw", "raw": "{\n \"baseUrl\": \"\",\n \"clientId\": \"\",\n \"clientSecret\": \"\"\n}", "options": { "raw": { "language": "json" } } } }, "status": "Bad Gateway", "code": 502, "header": [ { "key": "Content-Type", "value": "text/plain" } ], "body": "", "cookie": [], "_postman_previewlanguage": "text" } ], "event": [], "protocolProfileBehavior": { "disableBodyPruning": true } } ], "event": [] } ], "event": [] } ], "event": [] } ], "event": [], "variable": [ { "type": "string", "value": "http://localhost:3000", "key": "baseUrl" }, { "disabled": false, "description": { "content": "(Required) ", "type": "text/plain" }, "type": "any", "value": "", "key": "artifactId" } ], "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{bearerToken}}" } ] }, "info": { "_postman_id": "4d15a8fa-d820-4ae7-8839-08db0e8ede3b", "name": "ID PASS DataCollect Backend API", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", "description": { "content": "REST API for the ID PASS DataCollect backend server. The server is the central\nsync hub for offline-first DataCollect clients (mobile, web, admin UI) and\ncoordinates external integrations via the adapter registry.\n\n## Authentication\n\nMost endpoints require a JWT access token in the `Authorization` header:\n\n```\nAuthorization: Bearer \n```\n\nAccess tokens are issued by `POST /api/users/login` and expire after one hour.\nUse `POST /api/users/refresh` to get a new access token (and rotated refresh token)\nwithout re-prompting for credentials — field agents use this to stay signed in\nwhile offline. Self-service endpoints (`/api/auth/**`) issue separate scoped\ntokens via OTP, national ID, or OIDC exchange.\n\n## Multi-tenant (multi-program) support\n\nAll tenant-scoped endpoints accept a `configId` query parameter (or field in\nthe request body). Each configuration has its own entity forms, entity data,\nauth providers, and external-sync settings. Non-admin users can only access\nconfigurations listed in their `tenantIds` claim — the `validateTenantAccess`\nmiddleware enforces this on every tenant-scoped route.\n\n## Synchronization\n\nThe sync endpoints support bidirectional synchronization between clients and\nserver, as well as external system integration. Internal sync uses cursor-based\npagination (`nextCursor` is a composite `timestamp|eventGuid`) to prevent event\nskipping. External sync push runs as a background job with progress updates\npersisted to `sync_events`.\n\n\nContact Support:\n Name: ID PASS DataCollect", "type": "text/plain" } } }