{ "schemes": [ "http" ], "swagger": "2.0", "info": { "description": "API for managing K3s clusters across cloud providers", "title": "AutoGlue API", "contact": {}, "version": "1.0" }, "basePath": "/", "paths": { "/api/healthz": { "get": { "description": "Returns a 200 if the service is up", "consumes": [ "application/json" ], "produces": [ "text/plain" ], "tags": [ "health" ], "summary": "Basic health check", "responses": { "200": { "description": "ok", "schema": { "type": "string" } } } } }, "/api/v1/auth/introspect": { "post": { "description": "Returns whether the token is active and basic metadata", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Introspect a token", "parameters": [ { "description": "token", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "200": { "description": "OK", "schema": { "type": "object", "additionalProperties": true } } } } }, "/api/v1/auth/login": { "post": { "description": "Authenticates a user and returns a JWT bearer token", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Authenticate and return a token", "parameters": [ { "description": "User login input", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/authn.LoginInput" } } ], "responses": { "200": { "description": "token", "schema": { "type": "object", "additionalProperties": { "type": "string" } } }, "401": { "description": "unauthorized", "schema": { "type": "string" } } } } }, "/api/v1/auth/logout": { "post": { "security": [ { "BearerAuth": [] } ], "description": "Revoke a refresh token", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Logout user", "parameters": [ { "description": "refresh_token", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "204": { "description": "no content", "schema": { "type": "string" } } } } }, "/api/v1/auth/logout_all": { "post": { "security": [ { "BearerAuth": [] } ], "description": "Revokes all active refresh tokens for the authenticated user", "produces": [ "text/plain" ], "tags": [ "auth" ], "summary": "Logout from all sessions", "responses": { "204": { "description": "no content", "schema": { "type": "string" } } } } }, "/api/v1/auth/me": { "get": { "security": [ { "BearerAuth": [] } ], "description": "Returns the authenticated user's profile and auth context", "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Get authenticated user info", "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/authn.MeResponse" } }, "401": { "description": "unauthorized", "schema": { "type": "string" } } } } }, "/api/v1/auth/password/change": { "post": { "security": [ { "BearerAuth": [] } ], "description": "Changes the password for the authenticated user", "consumes": [ "application/json" ], "produces": [ "text/plain" ], "tags": [ "auth" ], "summary": "Change password", "parameters": [ { "description": "current_password, new_password", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "204": { "description": "no content", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "type": "string" } } } } }, "/api/v1/auth/password/forgot": { "post": { "description": "Sends a reset token to the user's email address", "consumes": [ "application/json" ], "produces": [ "text/plain" ], "tags": [ "auth" ], "summary": "Request password reset", "parameters": [ { "description": "email", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "204": { "description": "no content", "schema": { "type": "string" } } } } }, "/api/v1/auth/password/reset": { "post": { "description": "Resets the password using a valid reset token", "consumes": [ "application/json" ], "produces": [ "text/plain" ], "tags": [ "auth" ], "summary": "Confirm password reset", "parameters": [ { "description": "token, new_password", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "204": { "description": "no content", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "type": "string" } } } } }, "/api/v1/auth/refresh": { "post": { "security": [ { "BearerAuth": [] } ], "description": "Use a refresh token to obtain a new access token", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Refresh access token", "parameters": [ { "description": "refresh_token", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "200": { "description": "new access token", "schema": { "type": "object", "additionalProperties": { "type": "string" } } }, "401": { "description": "unauthorized", "schema": { "type": "string" } } } } }, "/api/v1/auth/refresh/rotate": { "post": { "security": [ { "BearerAuth": [] } ], "description": "Exchanges a valid refresh token for a new access and refresh token, revoking the old one", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Rotate refresh token", "parameters": [ { "description": "refresh_token", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "200": { "description": "access_token, refresh_token", "schema": { "type": "object", "additionalProperties": { "type": "string" } } }, "401": { "description": "unauthorized", "schema": { "type": "string" } } } } }, "/api/v1/auth/register": { "post": { "description": "Registers a new user and stores credentials", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "auth" ], "summary": "Register a new user", "parameters": [ { "description": "User registration input", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/authn.RegisterInput" } } ], "responses": { "201": { "description": "created", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "type": "string" } } } } }, "/api/v1/auth/verify": { "get": { "description": "Verifies the user's email using a token (often from an emailed link)", "produces": [ "text/plain" ], "tags": [ "auth" ], "summary": "Verify email address", "parameters": [ { "type": "string", "description": "verification token", "name": "token", "in": "query", "required": true } ], "responses": { "204": { "description": "no content", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "type": "string" } } } } }, "/api/v1/auth/verify/resend": { "post": { "description": "Sends a new email verification token if needed", "consumes": [ "application/json" ], "produces": [ "text/plain" ], "tags": [ "auth" ], "summary": "Resend email verification", "parameters": [ { "description": "email", "name": "body", "in": "body", "required": true, "schema": { "type": "object", "additionalProperties": { "type": "string" } } } ], "responses": { "204": { "description": "no content", "schema": { "type": "string" } } } } }, "/api/v1/orgs": { "get": { "security": [ { "BearerAuth": [] } ], "produces": [ "application/json" ], "tags": [ "organizations" ], "summary": "List organizations for user", "responses": { "200": { "description": "OK", "schema": { "type": "array", "items": { "$ref": "#/definitions/models.Organization" } } }, "401": { "description": "unauthorized", "schema": { "type": "string" } } } }, "post": { "security": [ { "BearerAuth": [] } ], "description": "Creates a new organization and assigns the authenticated user as an admin member", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "organizations" ], "summary": "Create a new organization", "parameters": [ { "type": "string", "description": "Optional organization context (ignored for creation)", "name": "X-Org-ID", "in": "header" }, { "description": "Organization Input", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/orgs.OrgInput" } } ], "responses": { "200": { "description": "organization_id", "schema": { "type": "object", "additionalProperties": { "type": "string" } } }, "400": { "description": "invalid input", "schema": { "type": "string" } }, "401": { "description": "unauthorized", "schema": { "type": "string" } }, "500": { "description": "internal error", "schema": { "type": "string" } } } } } }, "definitions": { "authn.AuthClaimsDTO": { "type": "object", "properties": { "aud": { "type": "array", "items": { "type": "string" } }, "exp": { "type": "integer" }, "iat": { "type": "integer" }, "iss": { "type": "string" }, "nbf": { "type": "integer" }, "orgs": { "type": "array", "items": { "type": "string" } }, "roles": { "type": "array", "items": { "type": "string" } }, "sub": { "type": "string" } } }, "authn.LoginInput": { "type": "object", "properties": { "email": { "type": "string", "example": "me@here.com" }, "password": { "type": "string", "example": "123456" } } }, "authn.MeResponse": { "type": "object", "properties": { "claims": { "$ref": "#/definitions/authn.AuthClaimsDTO" }, "org_role": { "type": "string" }, "organization_id": { "type": "string" }, "user_id": { "$ref": "#/definitions/authn.UserDTO" } } }, "authn.RegisterInput": { "type": "object", "properties": { "email": { "type": "string", "example": "me@here.com" }, "name": { "type": "string", "example": "My Name" }, "password": { "type": "string", "example": "123456" } } }, "authn.UserDTO": { "type": "object", "properties": { "created_at": { "type": "string" }, "email": { "type": "string" }, "email_verified": { "type": "boolean" }, "id": { "type": "string" }, "name": { "type": "string" }, "role": { "$ref": "#/definitions/models.Role" }, "updated_at": { "type": "string" } } }, "models.Organization": { "type": "object", "properties": { "created_at": { "type": "string" }, "id": { "type": "string" }, "logo": { "type": "string" }, "metadata": { "type": "string" }, "name": { "type": "string" }, "slug": { "type": "string" }, "updated_at": { "type": "string" } } }, "models.Role": { "type": "string", "enum": [ "admin", "user" ], "x-enum-varnames": [ "RoleAdmin", "RoleUser" ] }, "orgs.OrgInput": { "type": "object", "properties": { "name": { "type": "string" }, "slug": { "type": "string" } } } }, "securityDefinitions": { "BearerAuth": { "type": "apiKey", "name": "Authorization", "in": "header" } } }