Обзор¶
Этот документ сгенерирован из актуальной OpenAPI-схемы FastAPI и служит контрактным справочником по REST API. WebSocket-эндпоинты документируются отдельно и не входят в OpenAPI.
- Swagger UI:
/api/docs - ReDoc:
/api/redoc - OpenAPI JSON:
/api/openapi.json
Аутентификация¶
Схемы безопасности¶
APIKeyHeader: type=apiKey, in=headerHTTPBearer: type=http, scheme=bearer
Дополнительное покрытие контракта¶
Сгенерированный OpenAPI-export остаётся основным источником истины для каталога ниже. Следующие маршруты перечислены явно, чтобы письменный справочник не отставал от живого runtime для новых governance-, active-project- и dashboard-control поверхностей:
Agent Context и Recall¶
GET /api/v1/agent-context/sessions/{session_id}/taskGET /api/v1/agent-context/sessions/{session_id}/task/whyGET /api/v1/agent-context/sessions/{session_id}/context/whyPOST /api/v1/agent-context/sessions/{session_id}/recall-feedbackPOST /api/v1/agent-context/sessions/{session_id}/memory/dismissGET /api/v1/agent-context/stories/task-capsulesGET /api/v1/agent-context/tasks/nextGET /api/v1/memory/knowledgeGET /api/v1/memory/knowledge/source-refresh/planGET /api/v1/memory/knowledge/review-planGET /api/v1/memory/knowledge/policy
Администрирование пользователей¶
GET /api/v1/admin/identity/usersPOST /api/v1/admin/identity/usersGET /api/v1/admin/identity/users/{user_id}PATCH /api/v1/admin/identity/users/{user_id}POST /api/v1/admin/identity/users/{user_id}/activatePOST /api/v1/admin/identity/users/{user_id}/deactivatePOST /api/v1/admin/identity/users/{user_id}/reset-passwordGET /api/v1/admin/identity/users/{user_id}/accessPUT /api/v1/admin/identity/users/{user_id}/access
AI FinOps Dashboard¶
GET /api/v1/finance/ai-finops/overviewGET /api/v1/finance/ai-finops/usageGET /api/v1/finance/ai-finops/usage/{request_id}GET /api/v1/finance/ai-finops/budgetsPOST /api/v1/finance/ai-finops/budgetsPUT /api/v1/finance/ai-finops/budgets/{budget_id}GET /api/v1/finance/ai-finops/policiesPOST /api/v1/finance/ai-finops/policiesPUT /api/v1/finance/ai-finops/policies/{policy_id}GET /api/v1/finance/ai-finops/catalogPOST /api/v1/finance/ai-finops/catalogPUT /api/v1/finance/ai-finops/catalog/{card_id}POST /api/v1/finance/ai-finops/catalog/estimateGET /api/v1/finance/ai-finops/incidentsGET /api/v1/finance/ai-finops/optimizationPOST /api/v1/finance/ai-finops/optimization/what-ifPOST /api/v1/finance/ai-finops/export
Security Dashboard Control Plane¶
GET /api/v1/security/overviewGET /api/v1/security/dlp/configPUT /api/v1/security/dlp/configGET /api/v1/security/dlp/activityGET /api/v1/security/siem/configPUT /api/v1/security/siem/configGET /api/v1/security/siem/statsGET /api/v1/security/siem/eventsGET /api/v1/security/audit-logGET /api/v1/security/audit-log/{entry_id}POST /api/v1/traceability/cross-repo/run
Управление документацией, группами, проектами и репозиториями¶
GET /api/v1/documentation/projects/{project_name}/facts-metricsGET /api/v1/documentation/projects/{project_name}/packageGET /api/v1/documentation/projects/{project_name}/documentPATCH /api/v1/groups/{group_id}/users/{user_id}GET /api/v1/groups/{group_id}/users/{user_id}/project-accessPUT /api/v1/groups/{group_id}/users/{user_id}/project-accessPOST /api/v1/projects/{project_id}/switchGET /api/v1/projects/active/effectivePOST /api/v1/repositories/provider-connections/{connection_id}/health-check
Каталог эндпоинтов¶
Тег: Agent Client Protocol¶
POST /api/v1/admin/runtime/acp/rpc¶
- Summary: Acp Rpc
- Description: ACP JSON-RPC endpoint. Handles all ACP method calls over HTTP. Authentication is optional but enables session persistence.
- Operation ID:
acp_rpc_api_v1_acp_rpc_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->JSONRPCRequest(обязательный)- Responses:
200: Successful Response;application/json->JSONRPCResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/acp/sessions¶
- Summary: List Sessions
- Description: List active ACP sessions for current user. Requires authentication.
- Operation ID:
list_sessions_api_v1_acp_sessions_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/admin/runtime/acp/sessions/{session_id}¶
- Summary: Delete Session
- Description: Delete an ACP session. Requires authentication and ownership.
- Operation ID:
delete_session_api_v1_acp_sessions__session_id__delete - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Audit Diff¶
GET /api/v1/admin/runtime/audit/{project_id}/diff¶
- Summary: Diff findings between two runs
- Description: Compare findings between two analysis runs (GOST 8.9).
- Operation ID:
diff_findings_api_v1_audit__project_id__diff_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)run1inquery(string, обязательный) - First run ID (baseline)run2inquery(string, обязательный) - Second run ID (current)hide_fpinquery(boolean, необязательный) - Hide suppressed findingsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DiffResultResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/audit/{project_id}/diff/latest¶
- Summary: Diff findings between last two runs
- Description: Compare the last two analysis runs for the project.
- Operation ID:
diff_latest_api_v1_audit__project_id__diff_latest_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)hide_fpinquery(boolean, необязательный) - Hide suppressed findingsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DiffResultResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/audit/{project_id}/scopes¶
- Summary: Get analysis scopes configuration
- Description: Return current analysis scope configuration for the project.
- Operation ID:
get_scopes_api_v1_audit__project_id__scopes_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ScopeConfigResponse422: Validation Error;application/json->HTTPValidationError
PUT /api/v1/admin/runtime/audit/{project_id}/scopes¶
- Summary: Update analysis scopes configuration
- Description: Update analysis scope configuration for the project.
- Operation ID:
update_scopes_api_v1_audit__project_id__scopes_put - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ScopeUpdateRequest(обязательный)- Responses:
200: Successful Response;application/json->ScopeConfigResponse422: Validation Error;application/json->HTTPValidationError
Тег: Audit Progress¶
GET /api/v1/admin/runtime/audit/analysis-status¶
- Summary: Full scan schedule status
- Description: Return last full scan timestamp and deadline status.
- Operation ID:
get_analysis_status_api_v1_audit_analysis_status_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
projectinquery(string, необязательный) - Project nameauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->AnalysisStatusResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/audit/markup-status¶
- Summary: Markup status for latest findings
- Description: Return unreviewed and overdue findings for the latest run.
- Operation ID:
get_markup_status_api_v1_audit_markup_status_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
projectinquery(string, необязательный) - Project nameauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->MarkupStatusResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/audit/progress¶
- Summary: Audit progress report
- Description: Return progress metrics for a date range.
- Operation ID:
get_audit_progress_api_v1_audit_progress_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
frominquery(string, обязательный)toinquery(string, обязательный)projectinquery(string, необязательный) - Project nameauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->AuditProgressResponse422: Validation Error;application/json->HTTPValidationError
Тег: Authentication¶
GET /api/v1/me/api-keys¶
- Summary: List API keys
- Description: Get all API keys for the current user.
- Operation ID:
list_api_keys_api_v1_auth_api_keys_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
Portfolio Dashboard Runtime Notes¶
Для product path portfolio dashboard, помимо сгенерированного каталога endpoint’ов, критичны следующие маршруты:
GET /api/v1/traceability/portfolio/compare-periodsGET /api/v1/traceability/saved-viewsPOST /api/v1/traceability/saved-viewsGET /api/v1/traceability/saved-views/{view_id}DELETE /api/v1/traceability/saved-views/{view_id}POST /api/v1/traceability/subscriptionsPOST /api/v1/traceability/export
POST /api/v1/me/api-keys¶
- Summary: Create API key
- Description: Generate a new API key for programmatic access.
- Operation ID:
create_api_key_api_v1_auth_api_keys_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ApiKeyCreate(обязательный)- Responses:
200: Successful Response;application/json->ApiKeyResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/me/api-keys/{key_id}¶
- Summary: Revoke API key
- Description: Revoke an API key.
- Operation ID:
revoke_api_key_api_v1_auth_api_keys__key_id__delete - Parameters:
key_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/ldap¶
- Summary: LDAP authentication
- Description: Authenticate using LDAP/Active Directory.
- Operation ID:
ldap_login_api_v1_auth_ldap_post - Parameters:
- None
- Request Body:
application/json->LDAPAuthRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/ldap/status¶
- Summary: LDAP status
- Description: Check LDAP connection status.
- Operation ID:
ldap_status_api_v1_auth_ldap_status_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
DELETE /api/v1/me/logout¶
- Summary: Logout
- Description: Invalidate current tokens.
- Operation ID:
logout_api_v1_auth_logout_delete - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/me¶
- Summary: Get current user
- Description: Return the authenticated user profile.
- Operation ID:
get_current_profile_api_v1_auth_me_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UserProfileResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/oauth/providers¶
- Summary: List OAuth providers
- Description: Get list of available OAuth providers.
- Operation ID:
list_oauth_providers_api_v1_auth_oauth_providers_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->array
POST /api/v1/auth/oauth/token¶
- Summary: OAuth 2.0 Token Endpoint
- Description: RFC 6749-compatible token endpoint. Supports grant_type=password and grant_type=refresh_token. Designed for Claude Code MCP automatic token refresh and other OAuth-compatible clients.
- Operation ID:
oauth_token_api_v1_auth_oauth_token_post - Parameters:
grant_typeinquery(object, необязательный)usernameinquery(object, необязательный)passwordinquery(object, необязательный)refresh_token_paraminquery(object, необязательный)- Request Body:
application/json->object(необязательный)- Responses:
200: Successful Response;application/json->OAuthTokenResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/oauth/{provider}¶
- Summary: Start OAuth flow
- Description: Redirect to OAuth provider for authentication.
- Operation ID:
oauth_start_api_v1_auth_oauth__provider__get - Parameters:
providerinpath(string, обязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/oauth/{provider}/callback¶
- Summary: OAuth callback
- Description: Handle OAuth callback from provider.
- Operation ID:
oauth_callback_api_v1_auth_oauth__provider__callback_get - Parameters:
providerinpath(string, обязательный)codeinquery(string, обязательный)stateinquery(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/refresh¶
- Summary: Refresh JWT token
- Description: Get new access token using refresh token.
- Operation ID:
refresh_token_api_v1_auth_refresh_post - Parameters:
- None
- Request Body:
application/json->RefreshTokenRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/identity/service-accounts¶
- Summary: List service accounts
- Description: List configured service accounts without credential secrets.
- Operation ID:
list_service_accounts_api_v1_auth_service_accounts_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/admin/identity/service-accounts¶
- Summary: Create service account
- Description: Create a scoped service account and issue its initial credential.
- Operation ID:
create_service_account_api_v1_auth_service_accounts_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ServiceAccountCreate(обязательный)- Responses:
201: Successful Response;application/json->ServiceAccountCreatedResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/identity/service-accounts/action-catalog¶
- Summary: Get machine action catalog
- Description: Return the canonical versioned action catalog and policy templates for machine access.
- Operation ID:
get_service_account_action_catalog_api_v1_auth_service_accounts_action_catalog_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ActionCatalogResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/identity/service-accounts/{service_account_id}¶
- Summary: Get service account
- Description: Get a single service account without credential secrets.
- Operation ID:
get_service_account_api_v1_auth_service_accounts__service_account_id__get - Parameters:
service_account_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ServiceAccountDetailsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/admin/identity/service-accounts/{service_account_id}/credentials/{credential_id}/revoke¶
- Summary: Revoke service account credential
- Description: Revoke one credential while keeping the service account active.
- Operation ID:
revoke_service_account_credential_api_v1_auth_service_accounts__service_account_id__credentials__credential_id__revoke_post - Parameters:
service_account_idinpath(string, обязательный)credential_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/admin/identity/service-accounts/{service_account_id}/deactivate¶
- Summary: Deactivate service account
- Description: Disable a service account and revoke its active credentials.
- Operation ID:
deactivate_service_account_api_v1_auth_service_accounts__service_account_id__deactivate_post - Parameters:
service_account_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/admin/identity/service-accounts/{service_account_id}/rotate¶
- Summary: Rotate service account credential
- Description: Issue a new credential without revoking existing ones.
- Operation ID:
rotate_service_account_credential_api_v1_auth_service_accounts__service_account_id__rotate_post - Parameters:
service_account_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ServiceAccountCreatedResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/token¶
- Summary: Get JWT token
- Description: Authenticate with username/password and get JWT tokens.
- Operation ID:
login_api_v1_auth_token_post - Parameters:
- None
- Request Body:
application/json->TokenRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
Тег: Dashboard V2¶
GET /api/v1/traceability/audit-report-jobs/{job_id}¶
- Summary: Get Audit Report Job
- Description: Return background audit report job status.
- Operation ID:
get_audit_report_job_api_v2_dashboard_audit_report_jobs__job_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->AuditReportJobResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/audit-report-jobs/{job_id}/download¶
- Summary: Download Audit Report Job
- Description: Download the generated markdown for a completed audit report job.
- Operation ID:
download_audit_report_job_api_v2_dashboard_audit_report_jobs__job_id__download_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/compare¶
- Summary: Compare Projects
- Description: Compare 2-10 projects across audit dimensions.
- Operation ID:
compare_projects_api_v2_dashboard_compare_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
projectsinquery(string, обязательный) - Comma-separated project names (2-10)dimensionsinquery(object, необязательный) - Comma-separated Q numbers (default: all 12)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->CrossProjectComparison422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/heatmap¶
- Summary: Get Compliance Heatmap
- Description: Compliance heatmap — projects x processes matrix.
- Operation ID:
get_compliance_heatmap_api_v1_compliance_heatmap_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalityservice_typeinquery(object, необязательный) - Filter by service typestandardinquery(string, необязательный) - gost-56939 | gost-57580authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ComplianceHeatmapResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/cross-repo¶
- Summary: Get Cross Repo
- Description: Cross-repository analysis overview.
- Operation ID:
get_cross_repo_api_v1_traceability_cross_repo_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by groupanalysis_typeinquery(string, необязательный) - summary | duplications | dependenciesauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->CrossRepoResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/deliveries¶
- Summary: List Notification Deliveries
- Description: List delivery attempts for the current user’s notification subscriptions.
- Operation ID:
list_notification_deliveries_api_v1_traceability_deliveries_get - Parameters:
limitinquery(integer, необязательный)statusinquery(string, необязательный) - sent | failedchannelinquery(string, необязательный) - telegram | slack | emailevent_typeinquery(string, необязательный) - Notification event typeproject_nameinquery(string, необязательный) - Filter by project nameis_testinquery(object, необязательный) - Filter test deliveriesauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/deliveries/pending¶
- Summary: List Pending Notification Deliveries
- Description: List queued notification deliveries that have not been flushed yet.
- Operation ID:
list_pending_notification_deliveries_api_v1_traceability_deliveries_pending_get - Parameters:
limitinquery(integer, необязательный)channelinquery(string, необязательный) - telegram | slack | emailauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/deliveries/summary¶
- Summary: Get Notification Delivery Summary
- Description: Aggregate delivery and pending queue state for the current user.
- Operation ID:
get_notification_delivery_summary_api_v1_traceability_deliveries_summary_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->NotificationDeliverySummaryResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/event-catalog¶
- Summary: Get Notification Event Catalog
- Description: Return versioned notification event catalog.
- Operation ID:
get_notification_event_catalog_api_v1_traceability_event_catalog_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->NotificationEventCatalogResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/export¶
- Summary: Export Dashboard
- Description: Export dashboard data in various formats (json, markdown, gost, pdf).
- Operation ID:
export_dashboard_api_v2_dashboard_export_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ExportRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/metrics¶
- Summary: Dashboard Metrics
- Description: Export dashboard metrics in Prometheus text format. Scrapes all project health scores and updates Prometheus gauges, then returns the standard Prometheus text exposition.
- Operation ID:
dashboard_metrics_api_v2_dashboard_metrics_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by groupauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/metrics/mapping¶
- Summary: Dashboard Metrics Mapping
- Description: Export canonical dashboard metric samples for Grafana and automation.
- Operation ID:
dashboard_metrics_mapping_api_v1_traceability_metrics_mapping_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalitylanguageinquery(object, необязательный) - Filter by languagedomaininquery(object, необязательный) - Filter by domainservice_typeinquery(object, необязательный) - Filter by service typemin_riskinquery(object, необязательный) - Minimum risk level filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DashboardMetricsMappingResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/portfolio¶
- Summary: Get Portfolio
- Description: Portfolio overview — aggregated health across all projects.
- Operation ID:
get_portfolio_api_v2_dashboard_portfolio_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalitylanguageinquery(object, необязательный) - Filter by languagedomaininquery(object, необязательный) - Filter by domainservice_typeinquery(object, необязательный) - Filter by service typemin_riskinquery(object, необязательный) - Minimum risk level filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PortfolioSummary422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/projects¶
- Summary: Get Projects Catalog
- Description: Full catalog of registered dashboard projects with current health metrics.
- Operation ID:
get_projects_catalog_api_v2_dashboard_projects_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalitylanguageinquery(object, необязательный) - Filter by languagedomaininquery(object, необязательный) - Filter by domainservice_typeinquery(object, необязательный) - Filter by service typemin_riskinquery(object, необязательный) - Minimum risk level filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectCatalogResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/projects/{project_name}/audit-report-jobs¶
- Summary: Create Audit Report Job
- Description: Start a fresh audit report as a background job.
- Operation ID:
create_audit_report_job_api_v2_dashboard_projects__project_name__audit_report_jobs_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->AuditReportJobCreate(обязательный)- Responses:
202: Successful Response;application/json->AuditReportJobResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/projects/{project_name}/audit-report-jobs/latest¶
- Summary: Get Latest Audit Report Job
- Description: Return the latest audit report job for the current caller and project.
- Operation ID:
get_latest_audit_report_job_api_v2_dashboard_projects__project_name__audit_report_jobs_latest_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/projects/{project_name}/drilldown¶
- Summary: Get Project Drilldown
- Description: Expand a project/category pair into findings and source locations where available.
- Operation ID:
get_project_drilldown_api_v2_dashboard_projects__project_name__drilldown_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)categoryinquery(string, обязательный) - security | compliance | compliance-57580-maturity | compliance-57580-capabilities | compliance-57580-risk | release | sca | audit-total-methods | audit-dead-methods | audit-avg-complexity | audit-max-complexity | audit-doc-coverage | audit-dependency-cycleslimitinquery(integer, необязательный) - Max itemsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DrilldownResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/projects/{project_name}/health¶
- Summary: Get Project Health
- Description: Single project health score with optional detail sections.
- Operation ID:
get_project_health_api_v2_dashboard_projects__project_name__health_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)include_sectionsinquery(boolean, необязательный) - Include 12 audit sectionsinclude_processesinquery(boolean, необязательный) - Include 25 GOST processesinclude_checksinquery(boolean, необязательный) - Include release gate checksinclude_scainquery(boolean, необязательный) - Include SCA detailsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectHealthScore422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/projects/{project_name}/trends¶
- Summary: Get Trends
- Description: Historical trends for a project.
- Operation ID:
get_trends_api_v2_dashboard_projects__project_name__trends_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)periodinquery(string, необязательный) - 7d | 30d | 90d | 180d | 1ymetricsinquery(object, необязательный) - Comma-separated: health,audit,compliance,findings,coveragegranularityinquery(string, необязательный) - daily | weekly | monthly | autoauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TrendsResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/red-zone¶
- Summary: Get Red Zone
- Description: Red zone items — critical issues requiring immediate attention.
- Operation ID:
get_red_zone_api_v2_dashboard_red_zone_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalityservice_typeinquery(object, необязательный) - Filter by service typeseverityinquery(string, необязательный) - Comma-separated severitiesoffsetinquery(integer, необязательный) - Pagination offsetlimitinquery(integer, необязательный) - Max itemscategoryinquery(object, необязательный) - security | compliance | release | sca | qualityauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RedZoneResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/releases/{project_name}/compare¶
- Summary: Get Release Comparison
- Description: Compare two release gate runs and attach nearest snapshot deltas when available.
- Operation ID:
get_release_comparison_api_v2_dashboard_releases__project_name__compare_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)from_run_idinquery(string, необязательный) - Older release run IDto_run_idinquery(string, необязательный) - Newer release run IDauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ReleaseComparisonResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/saved-views¶
- Summary: List Saved Views
- Description: List saved dashboard views for the current user.
- Operation ID:
list_saved_views_api_v1_traceability_saved_views_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/saved-views¶
- Summary: Create Saved View
- Description: Create a saved dashboard view for later reuse.
- Operation ID:
create_saved_view_api_v1_traceability_saved_views_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SavedViewCreate(обязательный)- Responses:
201: Successful Response;application/json->SavedViewResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/saved-views/{view_id}¶
- Summary: Get Saved View
- Description: Get a saved dashboard view by ID.
- Operation ID:
get_saved_view_api_v1_traceability_saved_views__view_id__get - Parameters:
view_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SavedViewResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/traceability/saved-views/{view_id}¶
- Summary: Delete Saved View
- Description: Delete a saved dashboard view.
- Operation ID:
delete_saved_view_api_v1_traceability_saved_views__view_id__delete - Parameters:
view_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/sca/overview¶
- Summary: Get Sca Overview
- Description: SCA/SBOM portfolio overview — vulnerabilities across all projects.
- Operation ID:
get_sca_overview_api_v1_security_sca_overview_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalityservice_typeinquery(object, необязательный) - Filter by service typeseverityinquery(object, необязательный) - Filter by severityauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ScaPortfolioResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/snapshots¶
- Summary: List Snapshots
- Description: List snapshots limited to the current project or group access scope.
- Operation ID:
list_snapshots_api_v2_dashboard_snapshots_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
scopeinquery(string, необязательный) - project | groupproject_nameinquery(string, необязательный) - Project name for project scopegroup_idinquery(string, необязательный) - Group ID for group scopelimitinquery(object, необязательный) - Maximum items to returnauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SnapshotListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/snapshots¶
- Summary: Create Snapshot
- Description: Create a manual snapshot for the current project or group context.
- Operation ID:
create_snapshot_api_v2_dashboard_snapshots_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SnapshotCreateRequest(обязательный)- Responses:
200: Successful Response;application/json->SnapshotResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/snapshots/compare¶
- Summary: Compare Snapshots
- Description: Compare snapshots by IDs or by project/timestamp pair.
- Operation ID:
compare_snapshots_api_v2_dashboard_snapshots_compare_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SnapshotCompareRequest(обязательный)- Responses:
200: Successful Response;application/json->SnapshotDiffResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/snapshots/{project_name}/compare-periods¶
- Summary: Get Period Comparison
- Description: Compare two adjacent snapshot-backed periods for a project.
- Operation ID:
get_period_comparison_api_v2_dashboard_snapshots__project_name__compare_periods_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)baseline_periodinquery(string, необязательный) - Older window: 7d | 30d | 90d | 180d | 1ycomparison_periodinquery(string, необязательный) - Newer window: 7d | 30d | 90d | 180d | 1yauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PeriodComparisonResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/snapshots/{project_name}/diff¶
- Summary: Get Snapshot Diff
- Description: Compare two materialized snapshots, defaulting to the latest pair.
- Operation ID:
get_snapshot_diff_api_v2_dashboard_snapshots__project_name__diff_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)from_timestampinquery(string, необязательный) - Older snapshot timestampto_timestampinquery(string, необязательный) - Newer snapshot timestampauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SnapshotDiffResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/snapshots/{project_name}/trends¶
- Summary: Get Snapshot Trends
- Description: Get trends from snapshot store (faster than live adapter queries).
- Operation ID:
get_snapshot_trends_api_v2_dashboard_snapshots__project_name__trends_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)periodinquery(string, необязательный) - 7d | 30d | 90d | 180d | 1yauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TrendsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/snapshots/{snapshot_id}/export¶
- Summary: Export Snapshot
- Description: Export a snapshot or a compare report derived from it.
- Operation ID:
export_snapshot_api_v2_dashboard_snapshots__snapshot_id__export_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
snapshot_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SnapshotExportRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/traceability/subscriptions¶
- Summary: List Subscriptions
- Description: List notification subscriptions for the current user.
- Operation ID:
list_subscriptions_api_v1_traceability_subscriptions_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/traceability/subscriptions¶
- Summary: Create Subscription
- Description: Create a new notification subscription.
- Operation ID:
create_subscription_api_v1_traceability_subscriptions_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SubscriptionCreate(обязательный)- Responses:
201: Successful Response;application/json->SubscriptionResponse422: Validation Error;application/json->HTTPValidationError
PATCH /api/v1/traceability/subscriptions/{sub_id}¶
- Summary: Update Subscription
- Description: Update an existing notification subscription.
- Operation ID:
update_subscription_api_v1_traceability_subscriptions__sub_id__patch - Parameters:
sub_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SubscriptionUpdate(обязательный)- Responses:
200: Successful Response;application/json->SubscriptionResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/traceability/subscriptions/{sub_id}¶
- Summary: Delete Subscription
- Description: Delete a notification subscription.
- Operation ID:
delete_subscription_api_v1_traceability_subscriptions__sub_id__delete - Parameters:
sub_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Dependencies¶
Router зависимостей смонтирован под /api/v1/code. Канонический multi-project SCA contract
использует project-scoped routes:
GET /api/v1/security/sca/projects/{project_name}/summaryGET /api/v1/security/sca/projects/{project_name}/dependenciesGET /api/v1/security/sca/projects/{project_name}/vulnerabilitiesGET /api/v1/security/sca/projects/{project_name}/sbomPOST /api/v1/security/sca/projects/{project_name}/auditGET /api/v1/security/sca/projects/{project_name}/gost-report
Legacy scan-scoped routes под /api/v1/deps/scan, /list, /graph, /check-vulnerabilities,
/outdated, /licenses, /health-score, /sbom, /audit, /gost-report и /sync-cache
retired в story #767; используйте project-scoped routes выше.
Тег: Health¶
GET /api/v1/health¶
- Summary: Full health check
- Description: Returns detailed health status of all system components.
- Operation ID:
health_check_api_v1_health_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->HealthStatus
GET /api/v1/health/live¶
- Summary: Liveness probe
- Description: Kubernetes liveness probe endpoint. Returns 200 if service is running.
- Operation ID:
liveness_probe_api_v1_health_live_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
GET /api/v1/health/ready¶
- Summary: Readiness probe
- Description: Kubernetes readiness probe endpoint. Returns 200 if service is ready to accept traffic.
- Operation ID:
readiness_probe_api_v1_health_ready_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
Тег: Project Groups¶
GET /api/v1/groups¶
- Summary: List Groups
- Description: List project groups accessible by the current user. Admin users see all groups, regular users see only their groups.
- Operation ID:
list_groups_api_v1_groups_get - Parameters:
limitinquery(integer, необязательный)offsetinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->GroupListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/groups¶
- Summary: Create Group
- Description: Create a new project group. Only admin users can create groups.
- Operation ID:
create_group_api_v1_groups_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->GroupCreate(обязательный)- Responses:
201: Successful Response;application/json->GroupResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/groups/{group_id}¶
- Summary: Get Group
- Description: Get project group by ID.
- Operation ID:
get_group_api_v1_groups__group_id__get - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->GroupResponse422: Validation Error;application/json->HTTPValidationError
PUT /api/v1/groups/{group_id}¶
- Summary: Update Group
- Description: Update project group. Requires admin access to the group.
- Operation ID:
update_group_api_v1_groups__group_id__put - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->GroupUpdate(обязательный)- Responses:
200: Successful Response;application/json->GroupResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/groups/{group_id}¶
- Summary: Delete Group
- Description: Delete a project group. Only admin users can delete groups.
- Operation ID:
delete_group_api_v1_groups__group_id__delete - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
GET /api/v1/groups/{group_id}/users¶
- Summary: List Group Users
- Description: List users with access to a group.
- Operation ID:
list_group_users_api_v1_groups__group_id__users_get - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UserAccessListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/groups/{group_id}/users¶
- Summary: Add Group User
- Description: Add user access to a group. Requires admin access to the group.
- Operation ID:
add_group_user_api_v1_groups__group_id__users_post - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->UserAccessCreate(обязательный)- Responses:
201: Successful Response;application/json->UserAccessResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/groups/{group_id}/users/{user_id}¶
- Summary: Remove Group User
- Description: Remove user access from a group. Requires admin access to the group.
- Operation ID:
remove_group_user_api_v1_groups__group_id__users__user_id__delete - Parameters:
group_idinpath(string, обязательный)user_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Project Import¶
DELETE /api/v1/import/cancel/{job_id}¶
- Summary: Cancel import job
- Description: Cancel a running import job.
- Operation ID:
cancel_import_api_v1_import_cancel__job_id__delete - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/import/jobs¶
- Summary: List import jobs
- Description: List all import jobs.
- Operation ID:
list_import_jobs_api_v1_import_jobs_get - Parameters:
status_filterinquery(object, необязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/import/languages¶
- Summary: List supported languages
- Description: Get list of supported programming languages for import.
- Operation ID:
get_supported_languages_api_v1_import_languages_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SupportedLanguagesResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/import/start¶
- Summary: Start project import
- Description: Start asynchronous import of a new codebase.
- Operation ID:
start_import_api_v1_import_start_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ImportProjectRequestAPI(обязательный)- Responses:
200: Successful Response;application/json->ImportJobResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/import/status/{job_id}¶
- Summary: Get import status
- Description: Get current status of an import job.
- Operation ID:
get_import_status_api_v1_import_status__job_id__get - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectImportStatus422: Validation Error;application/json->HTTPValidationError
Тег: Projects¶
GET /api/v1/projects¶
- Summary: List Projects
- Description: List projects accessible by the current user. If group_id is specified, list projects in that group only. Otherwise, list all projects from accessible groups.
- Operation ID:
list_projects_api_v1_projects_get - Parameters:
group_idinquery(object, необязательный)limitinquery(integer, необязательный)offsetinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/projects¶
- Summary: Create Project
- Description: Create a new project in a group. Requires editor or admin access to the group.
- Operation ID:
create_project_api_v1_projects_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ProjectCreate(обязательный)- Responses:
201: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/projects/active/current¶
- Summary: Get Active Project
- Description: Вернуть текущий effective project для вызывающей стороны. Маршрут использует workspace, user preference, group default и access checks; при denied-resolution возвращает
403, при ambiguous-resolution возвращает409. - Operation ID:
get_active_project_api_v1_projects_active_current_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/projects/{project_id}¶
- Summary: Get Project
- Description: Get project by ID.
- Operation ID:
get_project_api_v1_projects__project_id__get - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
PUT /api/v1/projects/{project_id}¶
- Summary: Update Project
- Description: Update a project. Requires editor or admin access to the group.
- Operation ID:
update_project_api_v1_projects__project_id__put - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ProjectUpdate(обязательный)- Responses:
200: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/projects/{project_id}¶
- Summary: Delete Project
- Description: Delete a project. Requires admin access to the group. Args: delete_collections: Also delete OpenViking vector collections.
- Operation ID:
delete_project_api_v1_projects__project_id__delete - Parameters:
project_idinpath(string, обязательный)delete_collectionsinquery(boolean, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
POST /api/v1/projects/{project_id}/activate¶
- Summary: Activate Project
- Description: Set a project as active in its group. This deactivates other projects in the same group.
- Operation ID:
activate_project_api_v1_projects__project_id__activate_post - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
Тег: Admin Runtime Release Gate¶
POST /api/v1/admin/runtime/release-gate/check¶
- Summary: Run Gate Check
- Description: Run release gate checks for the active project.
- Operation ID:
run_gate_check_api_v1_admin_runtime_release_gate_check_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ReleaseCheckRequest(обязательный)- Responses:
200: Successful Response;application/json->GateDecisionResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/release-gate/history¶
- Summary: Get History
- Description: Get gate decision history for the active project.
- Operation ID:
get_history_api_v1_admin_runtime_release_gate_history_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/release-gate/profiles¶
- Summary: List Profiles
- Description: List available gate profiles.
- Operation ID:
list_profiles_api_v1_admin_runtime_release_gate_profiles_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/admin/runtime/release-gate/suppress¶
- Summary: Create Suppression
- Description: Create a finding suppression (accept risk).
- Operation ID:
create_suppression_api_v1_admin_runtime_release_gate_suppress_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SuppressionRequest(обязательный)- Responses:
200: Successful Response;application/json->SuppressionResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/admin/runtime/release-gate/suppressions¶
- Summary: List Suppressions
- Description: List active suppressions for the active project.
- Operation ID:
list_suppressions_api_v1_admin_runtime_release_gate_suppressions_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/admin/runtime/release-gate/suppressions/{finding_id}¶
- Summary: Delete Suppression
- Description: Remove a finding suppression.
- Operation ID:
delete_suppression_api_v1_admin_runtime_release_gate_suppressions__finding_id__delete - Security:
HTTPBearer,APIKeyHeader - Parameters:
finding_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Risk Indicators¶
GET /api/v1/security/risk/{project_id}/alerts¶
- Summary: Get Risk Alerts
- Description: Get recent risk alerts.
- Operation ID:
get_risk_alerts_api_v1_risk__project_id__alerts_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)lastinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/risk/{project_id}/assess¶
- Summary: Trigger Risk Assessment
- Description: Trigger a full risk assessment calculation.
- Operation ID:
trigger_risk_assessment_api_v1_risk__project_id__assess_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskAssessmentReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/assessment¶
- Summary: Get Risk Assessment
- Description: Get full risk assessment report (SVR x STP).
- Operation ID:
get_risk_assessment_api_v1_risk__project_id__assessment_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskAssessmentReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/assessment/matrix¶
- Summary: Get Risk Assessment Matrix
- Description: Get risk matrix (5x5 SVR x STP).
- Operation ID:
get_risk_assessment_matrix_api_v1_risk__project_id__assessment_matrix_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/assessment/register¶
- Summary: Get Risk Assessment Register
- Description: Get risk register sorted by risk score.
- Operation ID:
get_risk_assessment_register_api_v1_risk__project_id__assessment_register_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)topinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/assessment/{finding_id}¶
- Summary: Get Risk Assessment Detail
- Description: Get risk detail for a specific finding.
- Operation ID:
get_risk_assessment_detail_api_v1_risk__project_id__assessment__finding_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)finding_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskEntryResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/risk/{project_id}/calculate¶
- Summary: Trigger Risk Calculation
- Description: Trigger a full risk recalculation.
- Operation ID:
trigger_risk_calculation_api_v1_risk__project_id__calculate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskDashboardResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/checklist¶
- Summary: Get Checklist
- Description: Get self-assessment checklist.
- Operation ID:
get_checklist_api_v1_risk__project_id__checklist_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)levelinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/dashboard¶
- Summary: Get Risk Dashboard
- Description: Get full risk dashboard: KIR + KPUR + alerts.
- Operation ID:
get_risk_dashboard_api_v1_risk__project_id__dashboard_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskDashboardResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/events¶
- Summary: Get Risk Events
- Description: Get classified risk events.
- Operation ID:
get_risk_events_api_v1_risk__project_id__events_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/risk/{project_id}/events/classify¶
- Summary: Classify Events
- Description: Batch classify all findings into risk events.
- Operation ID:
classify_events_api_v1_risk__project_id__events_classify_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/events/summary¶
- Summary: Get Events Summary
- Description: Get risk events summary by 4 dimensions.
- Operation ID:
get_events_summary_api_v1_risk__project_id__events_summary_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/kir¶
- Summary: Get Kir Values
- Description: Calculate and return current KIR values.
- Operation ID:
get_kir_values_api_v1_risk__project_id__kir_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/kir/{kir_id}/trend¶
- Summary: Get Kir Trend
- Description: Get KIR value history (trend).
- Operation ID:
get_kir_trend_api_v1_risk__project_id__kir__kir_id__trend_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)kir_idinpath(string, обязательный)lastinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/kpur¶
- Summary: Get Kpur Results
- Description: Calculate and return KPUR results by 3 groups.
- Operation ID:
get_kpur_results_api_v1_risk__project_id__kpur_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/risk/{project_id}/threat-model-57580¶
- Summary: Get Threat Model 57580
- Description: Generate GOST R 57580.3 threat model.
- Operation ID:
get_threat_model_57580_api_v1_risk__project_id__threat_model_57580_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)formatinquery(string, необязательный)languageinquery(string, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Security¶
POST /api/v1/security/autofix¶
- Summary: Generate security autofix suggestions
- Description: Generates automated fix suggestions for security vulnerabilities found via taint analysis. Returns diffs without applying them (read-only).
- Operation ID:
generate_autofix_api_v1_security_autofix_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->AutofixRequest(обязательный)- Responses:
200: Successful Response;application/json->AutofixResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/classify¶
- Summary: Classify finding as TP/FP
- Description: Use CPG context and taint verification to classify a security finding.
- Operation ID:
classify_finding_api_v1_security_classify_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->FPClassifyRequest(обязательный)- Responses:
200: Successful Response;application/json->FPClassifyResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/scan-diff¶
- Summary: Scan diff for security issues
- Description: Scan a raw diff for security vulnerabilities without git subprocess.
- Operation ID:
scan_diff_api_v1_security_scan_diff_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ScanDiffRequest(обязательный)- Responses:
200: Successful Response;application/json->ScanDiffResponse422: Validation Error;application/json->HTTPValidationError
Тег: Threat Model¶
GET /api/v1/security/threat-model/dfd¶
- Summary: Generate Data Flow Diagram
- Description: Extract DFD from CPG and return as Mermaid or JSON.
- Operation ID:
get_dfd_api_v1_security_threat_model_dfd_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
formatinquery(string, необязательный) - Output format: mermaid|jsonauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DFDResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/threat-model/export¶
- Summary: Export threat model in specified format
- Description: Generate and export threat model as Markdown, GOST, SARIF, or JSON string.
- Operation ID:
export_threat_model_api_v1_security_threat_model_export_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ThreatModelGenerateRequest(обязательный)- Responses:
200: Successful Response;application/json->ThreatModelExportResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/threat-model/generate¶
- Summary: Generate STRIDE threat model
- Description: Generates a complete STRIDE threat model from the project CPG. Includes DFD extraction, trust boundary detection, threat classification, and mitigation recommendations.
- Operation ID:
generate_threat_model_api_v1_security_threat_model_generate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ThreatModelGenerateRequest(обязательный)- Responses:
200: Successful Response;application/json->ThreatModelResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/threat-model/mitigations¶
- Summary: List STRIDE mitigation recommendations
- Description: Returns standard mitigations for each STRIDE category and CWE-specific recommendations.
- Operation ID:
list_mitigations_api_v1_security_threat_model_mitigations_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
categoryinquery(object, необязательный) - STRIDE category filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/threat-model/stride-mapping¶
- Summary: CWE to STRIDE category mapping
- Description: Returns the mapping of CWE IDs to STRIDE threat categories.
- Operation ID:
get_stride_mapping_api_v1_security_threat_model_stride_mapping_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/threat-model/threats¶
- Summary: List threats
- Description: List threats from the generated threat model with optional filters.
- Operation ID:
list_threats_api_v1_security_threat_model_threats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
severityinquery(object, необязательный) - Filter by severitycategoryinquery(object, необязательный) - Filter by STRIDE categorylanguageinquery(string, необязательный) - Output languageauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/threat-model/update¶
- Summary: Incremental threat model update
- Description: Compare new threat model against a previous version and compute delta.
- Operation ID:
update_threat_model_api_v1_security_threat_model_update_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->IncrementalUpdateRequest(обязательный)- Responses:
200: Successful Response;application/json->src__api__routers__threat_model__DeltaResponse422: Validation Error;application/json->HTTPValidationError
Тег: Webhooks¶
POST /api/v1/admin/runtime/webhooks/github¶
- Summary: GitHub webhook receiver
- Description: Receives push and PR events from GitHub.
- Operation ID:
receive_github_webhook_api_v1_webhooks_github_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
POST /api/v1/admin/runtime/webhooks/gitlab¶
- Summary: GitLab webhook receiver
- Description: Receives push and MR events from GitLab.
- Operation ID:
receive_gitlab_webhook_api_v1_webhooks_gitlab_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
POST /api/v1/webhooks/gitverse¶
- Summary: GitVerse webhook receiver
- Description: Receives push and PR events from GitVerse (GitHub-compatible format).
- Operation ID:
receive_gitverse_webhook_api_v1_webhooks_gitverse_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
POST /api/v1/admin/runtime/webhooks/local¶
- Summary: Local incremental CPG update
- Description: Triggered by IDE plugins (OpenCode) after git commit for incremental CPG update.
- Operation ID:
receive_local_webhook_api_v1_webhooks_local_post - Parameters:
- None
- Request Body:
application/json->LocalWebhookRequest(обязательный)- Responses:
202: Successful Response;application/json->WebhookResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/webhooks/sourcecraft¶
- Summary: SourceCraft webhook receiver
- Description: Receives push and MR events from SourceCraft.
- Operation ID:
receive_sourcecraft_webhook_api_v1_webhooks_sourcecraft_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
GET /api/v1/admin/runtime/webhooks/status/{project_id}¶
- Summary: Get CPG update status
- Description: Returns the latest CPG update pipeline status for a project.
- Operation ID:
get_webhook_status_api_v1_webhooks_status__project_id__get - Parameters:
project_idinpath(string, обязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UpdateStatusResponse422: Validation Error;application/json->HTTPValidationError
Docs-Sync индекс покрытия REST¶
Следующие имена REST-маршрутов выдаются static interface discovery и перечислены точно, чтобы docs-sync мог проверить покрытие REST.
GET /—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:12DELETE /gitverse/projects/{project_name}/binding—src/api/routers/dashboard_domains/dashboard_v2_gitverse.py:276DELETE /logout—src/api/routers/auth_suite/auth_local_routes.py:1148DELETE /personal-memory/interaction-profile/{employee_id}—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:249DELETE /personal-memory/{memory_uri:path}—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:298DELETE /saved-views/{view_id}—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:595DELETE /subscriptions/{sub_id}—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:395GET /ai-finops/billing-records—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:357GET /ai-finops/billing-sync/yandex—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:395GET /ai-finops/budgets—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:128GET /ai-finops/catalog—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:186GET /ai-finops/fx-rates—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:303GET /ai-finops/incidents—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:261GET /ai-finops/model-portfolio—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:222GET /ai-finops/optimization—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:414GET /ai-finops/overview—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:79GET /ai-finops/policies—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:159GET /ai-finops/reconciliation—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:385GET /ai-finops/recurring-costs—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:269GET /ai-finops/tax-profiles—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:330GET /ai-finops/usage—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:88GET /ai-finops/usage/{request_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:119GET /api-keys—src/api/routers/auth_suite/auth_machine_routes.py:97GET /api/v1/admin/runtime/deployment-profiles/status—src/api/routers/project_suite/deployment_profiles.py:32GET /api/v1/admin/runtime/deployment-profiles/{profile_id}/enforce—src/api/routers/project_suite/deployment_profiles.py:46GET /api/v1/admin/runtime/deployment-profiles/{profile_id}/readiness—src/api/routers/project_suite/deployment_profiles.py:38GET /api/v1/admin/runtime/health—src/api/routers/project_suite/managed_runtime.py:57GET /api/v1/admin/runtime/sessions/{session_id}/commands—src/api/routers/project_suite/managed_runtime.py:113GET /api/v1/admin/runtime/status—src/api/routers/project_suite/managed_runtime.py:51GET /api/v1/projects/{project_id}/business-graph—src/api/routers/project_suite/projects.py:621GET /api/v1/projects/{project_id}/business-graph/context—src/api/routers/project_suite/projects.py:750GET /api/v1/admin/access/audit-events—src/api/routers/query_support/workspace_access.py:297GET /api/v1/admin/access/decision—src/api/routers/query_support/workspace_access.py:277GET /api/v1/admin/access/effective-access—src/api/routers/query_support/workspace_access.py:263GET /api/v1/admin/access/team-agents—src/api/routers/query_support/workspace_access.py:119GET /api/v1/admin/access/teams—src/api/routers/query_support/workspace_access.py:87GET /assistants/{assistant_id}/memory-policy—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:356GET /audit-report-jobs/{job_id}—src/api/routers/dashboard_jobs/dashboard_v2_surface_refresh_routes.py:1009GET /bindings—src/api/routers/project_suite/repositories_onboarding_routes.py:370GET /bindings/{binding_id}—src/api/routers/project_suite/repositories_onboarding_routes.py:388GET /bindings/{binding_id}/review-snapshots—src/api/routers/project_suite/repositories_sync_routes.py:433GET /bindings/{binding_id}/slices—src/api/routers/project_suite/repositories_onboarding_routes.py:591GET /bindings/{binding_id}/subprojects—src/api/routers/project_suite/repositories_onboarding_routes.py:728GET /bindings/{binding_id}/subprojects/discover—src/api/routers/project_suite/repositories_onboarding_routes.py:696GET /bindings/{binding_id}/sync-jobs—src/api/routers/project_suite/repositories_sync_routes.py:147GET /bulk-import/batches—src/api/routers/project_suite/repositories_onboarding_routes.py:862GET /bulk-import/batches/{batch_id}—src/api/routers/project_suite/repositories_onboarding_routes.py:903GET /api/v1/employee-tasks/cases/{case_id}/handoff-chain—src/api/routers/digital_employee_suite/digital_employees_governance_routes.py:351GET /compare—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:450GET /compliance/heatmap—src/api/routers/dashboard_domains/dashboard_v2_compliance_heatmap.py:265GET /api/v1/admin/workforce/control-tower/{project_key}—src/api/routers/digital_employee_suite/digital_employees_skill_memory_routes.py:418GET /cross-repo—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:491GET /deliveries—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:408GET /deliveries/pending—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:477GET /deliveries/summary—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:463GET /discover—src/api/routers/project_suite/repositories_onboarding_routes.py:121GET /engineering/dora/aggregates—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:238GET /engineering/integration-profiles—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:154GET /engineering/integration-profiles/{profile_id}—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:164GET /event-catalog—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:536GET /gitverse/overview—src/api/routers/dashboard_domains/dashboard_v2_gitverse.py:141GET /knowledge—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:146GET /knowledge/policy—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:705GET /knowledge/review-plan—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:251GET /knowledge/source-refresh/plan—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:223GET /ldap/status—src/api/routers/auth_suite/auth_external_routes.py:404GET /me—src/api/routers/auth_suite/auth_local_routes.py:240GET /memory/scopes—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:41GET /memory/shelf—src/api/routers/agent_context_suite/agent_context_memory_routes.py:216GET /metrics/mapping—src/api/routers/dashboard_core/dashboard_v2_metrics.py:87GET /oauth/providers—src/api/routers/auth_suite/auth_external_routes.py:49GET /oauth/{provider}—src/api/routers/auth_suite/auth_external_routes.py:86GET /oauth/{provider}/callback—src/api/routers/auth_suite/auth_external_routes.py:129GET /personal-memory—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:85GET /personal-memory/interaction-profile—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:167GET /personal-memory/settings—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:53GET /personal-memory/tombstones—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:128GET /portfolio—src/api/routers/project_suite/repositories_sync_routes.py:43GET /portfolio/compare-periods—src/api/routers/dashboard_core/dashboard_v2_history.py:143GET /api/v1/employee-tasks/prd-delivery/{case_id}/status—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:269GET /projects/{project_name}/basis—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:300GET /projects/{project_name}/dora—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:226GET /projects/{project_name}/dora/compare—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:293GET /projects/{project_name}/dora/snapshots—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:276GET /projects/{project_name}/drilldown—src/api/routers/dashboard_core/dashboard_v2_history.py:189GET /projects/{project_name}/health—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:265GET /projects/{project_name}/releases—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:73GET /projects/{project_name}/stability—src/api/routers/dashboard_domains/dashboard_v2_engineering.py:130GET /projects/{project_name}/trends—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:425GET /provider-connections—src/api/routers/project_suite/repositories_onboarding_routes.py:91GET /red-zone—src/api/routers/dashboard_core/dashboard_v2_red_zone.py:716GET /releases/{project_name}/compare—src/api/routers/dashboard_core/dashboard_v2_history.py:171GET /review-snapshots/{snapshot_id}/jobs—src/api/routers/project_suite/repositories_sync_routes.py:488GET /roles—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:339GET /roles/{role_id}/charter—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:347GET /saved-views—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:549GET /saved-views/{view_id}—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:582GET /sca/overview—src/api/routers/dashboard_domains/dashboard_v2_sca.py:53GET /security/audit-log—src/api/routers/dashboard_domains/dashboard_v2_security.py:222GET /security/audit-log/{entry_id}—src/api/routers/dashboard_domains/dashboard_v2_security.py:257GET /security/dlp/activity—src/api/routers/dashboard_domains/dashboard_v2_security.py:128GET /security/dlp/config—src/api/routers/dashboard_domains/dashboard_v2_security.py:84GET /security/overview—src/api/routers/dashboard_domains/dashboard_v2_security.py:75GET /security/siem/config—src/api/routers/dashboard_domains/dashboard_v2_security.py:142GET /security/siem/events—src/api/routers/dashboard_domains/dashboard_v2_security.py:208GET /security/siem/stats—src/api/routers/dashboard_domains/dashboard_v2_security.py:168GET /service-accounts—src/api/routers/auth_suite/auth_machine_routes.py:309GET /service-accounts/action-catalog—src/api/routers/auth_suite/auth_machine_routes.py:191GET /service-accounts/{service_account_id}—src/api/routers/auth_suite/auth_machine_routes.py:345GET /sessions/{session_id}/commit-status—src/api/routers/agent_context_suite/agent_context_sharing_routes.py:137GET /sessions/{session_id}/context/why—src/api/routers/agent_context_suite/agent_context_session_routes.py:288GET /sessions/{session_id}/task—src/api/routers/agent_context_suite/agent_context_session_routes.py:205GET /sessions/{session_id}/task/why—src/api/routers/agent_context_suite/agent_context_session_routes.py:238GET /snapshots—src/api/routers/dashboard_core/dashboard_v2_snapshots.py:225GET /snapshots/policy—src/api/routers/dashboard_core/dashboard_v2_snapshots.py:273GET /snapshots/{project_name}/compare-periods—src/api/routers/dashboard_core/dashboard_v2_history.py:115GET /snapshots/{project_name}/diff—src/api/routers/dashboard_core/dashboard_v2_history.py:91GET /snapshots/{project_name}/trends—src/api/routers/dashboard_core/dashboard_v2_history.py:59GET /snapshots/{snapshot_id}—src/api/routers/dashboard_core/dashboard_v2_snapshots.py:282GET /subscriptions—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:140GET /surface-refresh-jobs/{job_id}—src/api/routers/dashboard_jobs/dashboard_v2_surface_refresh_routes.py:790GET /sync-jobs—src/api/routers/project_suite/repositories_sync_routes.py:79GET /sync-jobs/backlog—src/api/routers/project_suite/repositories_sync_routes.py:121GET /api/v1/employee-tasks/tasks/{task_id}/workflow—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:133GET /users—src/api/routers/auth_suite/auth_local_routes.py:260GET /users/{user_id}—src/api/routers/auth_suite/auth_local_routes.py:351GET /users/{user_id}/access—src/api/routers/auth_suite/auth_local_routes.py:558GET /{employee_id}—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:410GET /{employee_id}/control-plane—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:541GET /{employee_id}/pinned-profile—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:622GET /{employee_id}/presence—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:522GET /{employee_id}/skills—src/api/routers/digital_employee_suite/digital_employees_skill_memory_routes.py:95GET /api/v1/admin/workforce/{employee_id}/skills/proposals—src/api/routers/digital_employee_suite/digital_employees_skill_memory_routes.py:64GET /api/v1/admin/workforce/{employee_id}/skills/proposals/{proposal_id}—src/api/routers/digital_employee_suite/digital_employees_skill_memory_routes.py:80GET /api/v1/admin/workforce/{employee_id}/skills/{skill_id}—src/api/routers/digital_employee_suite/digital_employees_skill_memory_routes.py:270PATCH /personal-memory/{memory_uri:path}—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:274PATCH /provider-connections/{connection_id}—src/api/routers/project_suite/repositories_onboarding_routes.py:168PATCH /subscriptions/{sub_id}—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:211PATCH /users/{user_id}—src/api/routers/auth_suite/auth_local_routes.py:370POST /ai-finops/billing-records—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:366POST /ai-finops/billing-sync/yandex/refresh—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:403POST /ai-finops/budgets—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:136POST /ai-finops/catalog—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:194POST /ai-finops/catalog/estimate—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:252POST /ai-finops/catalog/refresh—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:213POST /ai-finops/export—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:432POST /ai-finops/fx-rates—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:311POST /ai-finops/model-portfolio—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:230POST /ai-finops/optimization/what-if—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:423POST /ai-finops/policies—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:167POST /ai-finops/recurring-costs—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:277POST /ai-finops/tax-profiles—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:338POST /api-keys—src/api/routers/auth_suite/auth_machine_routes.py:46POST /api/v1/admin/runtime/deployment-profiles/exceptions—src/api/routers/project_suite/deployment_profiles.py:64POST /api/v1/admin/runtime/pools—src/api/routers/project_suite/managed_runtime.py:63POST /api/v1/admin/runtime/sessions/start—src/api/routers/project_suite/managed_runtime.py:76POST /api/v1/admin/runtime/sessions/{session_id}/commands/decide—src/api/routers/project_suite/managed_runtime.py:97POST /api/v1/admin/runtime/sessions/{session_id}/stop—src/api/routers/project_suite/managed_runtime.py:91POST /api/v1/projects/{project_id}/business-graph/sources—src/api/routers/project_suite/projects.py:694POST /api/v1/admin/access/grants—src/api/routers/query_support/workspace_access.py:233POST /api/v1/admin/access/memberships—src/api/routers/query_support/workspace_access.py:159POST /api/v1/admin/access/skill-bundles—src/api/routers/query_support/workspace_access.py:185POST /api/v1/admin/access/team-agents—src/api/routers/query_support/workspace_access.py:133POST /api/v1/admin/access/teams—src/api/routers/query_support/workspace_access.py:99POST /api/v1/admin/access/tool-policies—src/api/routers/query_support/workspace_access.py:209POST /bindings/{binding_id}/archive—src/api/routers/project_suite/repositories_onboarding_routes.py:527POST /bindings/{binding_id}/delete—src/api/routers/project_suite/repositories_onboarding_routes.py:559POST /bindings/{binding_id}/force-rebuild—src/api/routers/project_suite/repositories_sync_routes.py:247POST /bindings/{binding_id}/pause—src/api/routers/project_suite/repositories_onboarding_routes.py:463POST /bindings/{binding_id}/reconcile—src/api/routers/project_suite/repositories_sync_routes.py:187POST /bindings/{binding_id}/resume—src/api/routers/project_suite/repositories_onboarding_routes.py:495POST /bindings/{binding_id}/subprojects/import—src/api/routers/project_suite/repositories_onboarding_routes.py:773POST /bindings/{binding_id}/sync-identity—src/api/routers/project_suite/repositories_onboarding_routes.py:423POST /bulk-import—src/api/routers/project_suite/repositories_onboarding_routes.py:823POST /cross-repo/run—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:509POST /export—src/api/routers/dashboard_core/dashboard_v2_portfolio_routes.py:536POST /gitverse/projects/{project_name}/binding—src/api/routers/dashboard_domains/dashboard_v2_gitverse.py:190POST /gitverse/projects/{project_name}/validate—src/api/routers/dashboard_domains/dashboard_v2_gitverse.py:157POST /api/v1/employee-tasks/handoffs—src/api/routers/digital_employee_suite/digital_employees_governance_routes.py:239POST /api/v1/employee-tasks/handoffs/{handoff_id}/accept—src/api/routers/digital_employee_suite/digital_employees_governance_routes.py:265POST /api/v1/employee-tasks/handoffs/{handoff_id}/complete—src/api/routers/digital_employee_suite/digital_employees_governance_routes.py:319POST /api/v1/employee-tasks/handoffs/{handoff_id}/reject—src/api/routers/digital_employee_suite/digital_employees_governance_routes.py:290POST /import—src/api/routers/project_suite/repositories_onboarding_routes.py:313POST /knowledge/deprecate—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:769POST /knowledge/policy/reset—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:748POST /knowledge/review—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:803POST /knowledge/review-plan/apply—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:673POST /knowledge/source-refresh/apply—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:641POST /ldap—src/api/routers/auth_suite/auth_external_routes.py:270POST /memory/conflicts—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:323POST /memory/shelf—src/api/routers/agent_context_suite/agent_context_memory_routes.py:206POST /oauth/token—src/api/routers/auth_suite/auth_local_routes.py:948POST /personal-memory—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:103POST /personal-memory/interaction-profile/learn—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:208POST /personal-memory/interaction-profile/preview—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:233POST /personal-memory/promotions—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:144POST /api/v1/employee-tasks/prd-delivery/{case_id}/execute—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:202POST /api/v1/employee-tasks/prd-delivery/{case_id}/start—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:237POST /provider-connections—src/api/routers/project_suite/repositories_onboarding_routes.py:43POST /recall—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:366POST /recall-feedback—src/api/routers/agent_context_suite/agent_context_memory_routes.py:772POST /recall/explain—src/api/routers/agent_context_suite/agent_context_memory_routes.py:746POST /refresh—src/api/routers/auth_suite/auth_local_routes.py:853POST /review-snapshots/{snapshot_id}/expire—src/api/routers/project_suite/repositories_sync_routes.py:571POST /review-snapshots/{snapshot_id}/rerun—src/api/routers/project_suite/repositories_sync_routes.py:528POST /saved-views—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:569POST /service-accounts—src/api/routers/auth_suite/auth_machine_routes.py:221POST /sessions/open—src/api/routers/agent_context_suite/agent_context_session_routes.py:62POST /sessions/{session_id}/accept-handoff—src/api/routers/agent_context_suite/agent_context_sharing_routes.py:64POST /sessions/{session_id}/archive—src/api/routers/agent_context_suite/agent_context_session_routes.py:698POST /sessions/{session_id}/browse—src/api/routers/agent_context_suite/agent_context_session_routes.py:582POST /sessions/{session_id}/close—src/api/routers/agent_context_suite/agent_context_session_routes.py:675POST /sessions/{session_id}/commit—src/api/routers/agent_context_suite/agent_context_session_routes.py:644POST /sessions/{session_id}/fetch—src/api/routers/agent_context_suite/agent_context_session_routes.py:371POST /sessions/{session_id}/memory/dismiss—src/api/routers/agent_context_suite/agent_context_session_routes.py:531POST /sessions/{session_id}/messages—src/api/routers/agent_context_suite/agent_context_session_routes.py:339POST /sessions/{session_id}/read—src/api/routers/agent_context_suite/agent_context_session_routes.py:549POST /sessions/{session_id}/recall-feedback—src/api/routers/agent_context_suite/agent_context_session_routes.py:514POST /sessions/{session_id}/reject-handoff—src/api/routers/agent_context_suite/agent_context_sharing_routes.py:88POST /api/v1/admin/context-sessions/{session_id}/share-revocations—src/api/routers/agent_context_suite/agent_context_sharing_routes.py:221POST /sessions/{session_id}/share—src/api/routers/agent_context_suite/agent_context_sharing_routes.py:32POST /sessions/{session_id}/used-context—src/api/routers/agent_context_suite/agent_context_session_routes.py:616POST /snapshots—src/api/routers/dashboard_core/dashboard_v2_snapshots.py:196POST /snapshots/compare—src/api/routers/dashboard_core/dashboard_v2_snapshots.py:298POST /snapshots/{snapshot_id}/export—src/api/routers/dashboard_core/dashboard_v2_snapshots.py:358POST /subscriptions—src/api/routers/dashboard_domains/dashboard_v2_notifications.py:161POST /surface-refresh/{surface_id}—src/api/routers/dashboard_jobs/dashboard_v2_surface_refresh_routes.py:620POST /sync-jobs/{job_id}/replay—src/api/routers/project_suite/repositories_sync_routes.py:387POST /tasks—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:22POST /api/v1/employee-tasks/tasks/{task_id}/approval-decision—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:115POST /api/v1/employee-tasks/tasks/{task_id}/checklist/generate—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:152POST /api/v1/employee-tasks/tasks/{task_id}/pre-completion—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:176POST /api/v1/admin/employee-runtime/temporal/governance-readiness—src/api/routers/digital_employee_suite/digital_employees_topology_routes.py:738POST /token—src/api/routers/auth_suite/auth_local_routes.py:136POST /users—src/api/routers/auth_suite/auth_local_routes.py:302POST /users/{user_id}/activate—src/api/routers/auth_suite/auth_local_routes.py:441POST /users/{user_id}/deactivate—src/api/routers/auth_suite/auth_local_routes.py:475POST /users/{user_id}/reset-password—src/api/routers/auth_suite/auth_local_routes.py:515PUT /ai-finops/billing-records/{billing_record_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:375PUT /ai-finops/budgets/{budget_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:146PUT /ai-finops/catalog/{card_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:203PUT /ai-finops/fx-rates/{fx_rate_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:320PUT /ai-finops/model-portfolio/{portfolio_entry_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:239PUT /ai-finops/policies/{policy_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:176PUT /ai-finops/recurring-costs/{recurring_cost_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:288PUT /ai-finops/tax-profiles/{tax_profile_id}—src/api/routers/dashboard_domains/dashboard_v2_ai_finops.py:347PUT /api/v1/projects/{project_id}/business-graph—src/api/routers/project_suite/projects.py:642PUT /api/v1/projects/{project_id}/preference—src/api/routers/project_suite/projects.py:539PUT /bindings/{binding_id}/slices—src/api/routers/project_suite/repositories_onboarding_routes.py:636PUT /knowledge/policy—src/api/routers/agent_context_suite/agent_context_knowledge_routes.py:726PUT /personal-memory/interaction-profile—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:183PUT /personal-memory/settings—src/api/routers/agent_context_suite/agent_context_personal_memory_routes.py:67PUT /security/dlp/config—src/api/routers/dashboard_domains/dashboard_v2_security.py:92PUT /security/siem/config—src/api/routers/dashboard_domains/dashboard_v2_security.py:150PUT /users/{user_id}/access—src/api/routers/auth_suite/auth_local_routes.py:598list_digital_employees—src/api/routers/digital_employee_suite/digital_employees_profile_routes.py:12