# Open Mercato API Version: 0.6.1 Auto-generated OpenAPI definition for all enabled modules. ## Servers - https://cc.kawalec.pl – Default environment ## GET `/ai_assistant/ai/actions/{id}` Fetch the current state of an AI pending action by id. Returns the tenant-scoped {@link AiPendingAction} addressed by `:id`. Powers the chat UI reconnect/polling path: after a page reload or SSE reconnect the client carries the `pendingActionId` from an earlier `mutation-preview-card` UI part and calls this route to re-hydrate the card. Server-internal fields (`normalizedInput`, `createdByUserId`, `idempotencyKey`) are stripped by a whitelist serializer. Enforces tenant/org scoping via the repository. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Serialized pending action. Never includes normalizedInput, createdByUserId, or idempotencyKey. Content-Type: `application/json` **404** – No pending action with the given id is accessible to the caller. Content-Type: `application/json` **500** – Internal runtime failure. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/ai/actions/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/ai_assistant/ai/actions/{id}/cancel` Cancel an AI pending action without executing the wrapped tool. Flips a pending AI action from `pending` to `cancelled` and emits the `ai.action.cancelled` event. The tool handler is never invoked. Idempotent: a second call on a row already in `cancelled` status returns 200 with the current row without re-emitting the event. Rows whose `expiresAt` is in the past are flipped to `expired` and returned as 409 `expired` so the client can surface the TTL loss instead of silently masking it as a cancellation. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Cancellation complete (or idempotent replay); body includes the serialized pending action with status `cancelled`. Content-Type: `application/json` **400** – Invalid cancel request body (unknown field, reason exceeds 500 chars, wrong type). Content-Type: `application/json` **404** – Pending action not found in the caller scope. Content-Type: `application/json` **409** – Pending action is not in `pending` status (already confirmed/failed/executing) or has expired. Content-Type: `application/json` **500** – Unexpected server failure during cancel. Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/ai/actions/:id/cancel" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/ai_assistant/ai/actions/{id}/confirm` Confirm an AI pending action, re-running every server-side check before execution. Re-verifies the full contract from spec §9.4 (status, expiry, agent registration, required features, mutation policy, tool whitelist, attachment tenant scope, record version, and schema drift), flips the pending-action state machine to `executing`, invokes the wrapped tool handler, and persists `executionResult`. Idempotent: a second call on a row already in `confirmed` state returns the prior result without re-executing the handler. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Confirmation complete; body includes the serialized pending action and the mutation result. Content-Type: `application/json` **404** – Pending action or agent not found in the caller scope. Content-Type: `application/json` **409** – Pending action is not in `pending` status or has expired. Content-Type: `application/json` **412** – Record version changed between propose and confirm, or the input schema no longer accepts the stored payload. Content-Type: `application/json` **500** – Unexpected server failure during confirm. Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/ai/actions/:id/confirm" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/ai/agents` List registered AI agents, filtered by the caller's features. Returns `{ agents: [...] }` — the subset of agents from `ai-agents.generated.ts` that the authenticated caller can invoke based on each agent's `requiredFeatures`. Mirrors the `meta.list_agents` tool handler so backoffice pages (e.g. the playground) can render an agent picker without going through the MCP tool transport. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **200** – Accessible agent summaries. Content-Type: `application/json` **500** – Internal failure while loading the agent registry. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/ai/agents" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/ai_assistant/ai/agents/{agentId}/loop-override` Remove the loop-policy columns from the agent-scoped runtime override row. Nulls out all seven loop columns on the agent-scoped `ai_agent_runtime_overrides` row. Idempotent — returns 200 even when no override exists. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Responses **200** – Loop override cleared (or already absent). Content-Type: `application/json` **400** – Invalid agent id. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/loop-override" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/ai/agents/{agentId}/loop-override` Read the current loop-policy override for this agent, if any. Returns `{ agentId, override }` where `override` is the agent-scoped loop-policy row from `ai_agent_runtime_overrides` (or `null`). Requires `ai_assistant.view`. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Responses **200** – Loop override payload. Content-Type: `application/json` **400** – Invalid agent id. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/loop-override" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/ai_assistant/ai/agents/{agentId}/loop-override` Set (or replace) the tenant-scoped loop-policy override for this agent. Body: loop columns. All fields are nullable/optional; `null` explicitly clears that axis. Validates `loopStopWhenJson` items and `loopActiveToolsJson` membership. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "loopDisabled": null, "loopMaxSteps": null, "loopMaxToolCalls": null, "loopMaxWallClockMs": null, "loopMaxTokens": null, "loopStopWhenJson": null, "loopActiveToolsJson": null } ``` ### Responses **200** – Override persisted. Content-Type: `application/json` **400** – Invalid agent id or validation error. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/loop-override" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"loopDisabled\": null, \"loopMaxSteps\": null, \"loopMaxToolCalls\": null, \"loopMaxWallClockMs\": null, \"loopMaxTokens\": null, \"loopStopWhenJson\": null, \"loopActiveToolsJson\": null }" ``` ## GET `/ai_assistant/ai/agents/{agentId}/models` Get the providers and curated models available for the chat-UI picker for this agent Returns all configured providers with their curated model catalogs, filtered to providers that have an API key configured in the current environment. When the agent declares `allowRuntimeOverride: false`, the response reflects that constraint so the UI picker can hide itself. Includes the agent's resolved default provider/model so the picker can render a "(default)" badge next to the right entry. RBAC: requires the same features as the agent itself (typically `ai_assistant.view`). Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Responses **200** – Providers and curated models available for the agent picker. Empty `providers` array when `allowRuntimeOverride` is false. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/models" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/ai_assistant/ai/agents/{agentId}/mutation-policy` Remove the tenant-scoped mutationPolicy override for this agent. Deletes the override row if it exists; subsequent calls fall back to the agent's code-declared policy. Idempotent — returns 200 even when no override exists. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Responses **200** – Override cleared (or already absent). Content-Type: `application/json` **400** – Invalid agent id. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/mutation-policy" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/ai/agents/{agentId}/mutation-policy` Read the effective mutationPolicy for an agent — code-declared value plus any tenant override. Returns `{ agentId, codeDeclared, override }` where `codeDeclared` is the agent's compiled-in `mutationPolicy` and `override` is the persisted tenant-scoped override (or `null`). Requires `ai_assistant.view`. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Responses **200** – Effective mutationPolicy payload. Content-Type: `application/json` **400** – Invalid agent id. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/mutation-policy" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/ai_assistant/ai/agents/{agentId}/mutation-policy` Set (or replace) the tenant-scoped mutationPolicy override for this agent. Body: `{ mutationPolicy: "read-only" | "confirm-required" | "destructive-confirm-required", notes? }`. The override MUST NOT escalate beyond the agent's code-declared policy. Escalation attempts are rejected with 400 + `code: "escalation_not_allowed"`. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "mutationPolicy": "read-only" } ``` ### Responses **200** – Override persisted. Content-Type: `application/json` **400** – Invalid agent id, malformed body, or escalation attempt. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/mutation-policy" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"mutationPolicy\": \"read-only\" }" ``` ## GET `/ai_assistant/ai/agents/{agentId}/prompt-override` Read the latest prompt-section override for an agent plus recent version history. Returns `{ agentId, override, versions }` where `override` is the latest persisted row (or `null`) and `versions` is the newest-first history capped at 10 rows. Tenant-scoped; requires `ai_assistant.settings.manage`. **Tags:** AI Assistant ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Responses **200** – Latest override + recent version history. Content-Type: `application/json` **400** – Invalid agent id. Content-Type: `application/json` **401** – Unauthenticated caller. Content-Type: `application/json` **403** – Caller lacks `ai_assistant.settings.manage`. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/prompt-override" \ -H "Accept: application/json" ``` ## POST `/ai_assistant/ai/agents/{agentId}/prompt-override` Save a new prompt-section override version for the agent. Persists an additive `{ sections: Record, notes? }` override, allocating the next monotonic version for `(tenant, org, agent)`. Reserved policy keys (`mutationPolicy`, `readOnly`, `allowedTools`, `acceptedMediaTypes`) are rejected with 400 / `reserved_key`. Requires `ai_assistant.settings.manage`. **Tags:** AI Assistant ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agentId | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Override persisted. Returns `{ ok: true, version, updatedAt }`. Content-Type: `application/json` **400** – Invalid agent id, malformed body, or reserved policy key. Content-Type: `application/json` **401** – Unauthenticated caller. Content-Type: `application/json` **403** – Caller lacks `ai_assistant.settings.manage`. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/ai/agents/:agentId/prompt-override" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -d "{}" ``` ## POST `/ai_assistant/ai/chat` Stream a chat turn for a registered AI agent Dispatches a chat turn to the focused AI agent identified by `?agent=.`. Enforces agent-level `requiredFeatures`, tool whitelisting, read-only / mutationPolicy, execution-mode compatibility, and attachment media-type policy. The streaming response body uses an AI SDK-compatible `text/event-stream` transport. Optional `?provider=`, `?model=`, and `?baseUrl=` query params let callers override the resolved provider/model/base-URL for this turn (Phase 4a). Provider must be registered and configured; baseUrl must match `AI_RUNTIME_BASEURL_ALLOWLIST` when set. Both are suppressed when the agent declares `allowRuntimeOverride: false`. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | agent | query | any | Required | | provider | query | any | Optional | | model | query | any | Optional | | baseUrl | query | any | Optional | | loopBudget | query | any | Optional | ### Request Body Content-Type: `application/json` ```json { "messages": [ { "role": "user", "content": "string" } ] } ``` ### Responses **200** – Streaming text/event-stream response compatible with AI SDK chat transports. Content-Type: `text/event-stream` **400** – Invalid query param, malformed payload, or message count above the cap. Typed codes: `runtime_override_disabled` (agent has allowRuntimeOverride:false), `provider_unknown` (provider id not registered), `provider_not_configured` (provider registered but no API key in env), `baseurl_not_allowlisted` (baseUrl not in AI_RUNTIME_BASEURL_ALLOWLIST). Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` **409** – Agent/tool/execution-mode policy violation. Content-Type: `application/json` **500** – Internal runtime failure. Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/ai/chat?agent=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"messages\": [ { \"role\": \"user\", \"content\": \"string\" } ] }" ``` ## POST `/ai_assistant/ai/run-object` Run an object-mode AI agent and return the generated object Invokes `runAiAgentObject` server-side for the registered AI agent identified by `agent` (matching "."). Enforces the same `requiredFeatures`, tool whitelisting, mutationPolicy, and attachment media-type policy as the chat dispatcher, but additionally requires the agent to declare `executionMode: "object"`. Returns the generated object in a single JSON response (no streaming). Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Request Body Content-Type: `application/json` ```json { "agent": "string", "messages": [ { "role": "user", "content": "string" } ] } ``` ### Responses **200** – Object-mode run completed; response body contains `{ object, usage?, finishReason? }`. Content-Type: `application/json` **400** – Malformed payload or message cap exceeded. Content-Type: `application/json` **404** – Unknown agent id. Content-Type: `application/json` **409** – Agent/tool/execution-mode policy violation. Content-Type: `application/json` **422** – Agent does not support object-mode execution. Content-Type: `application/json` **500** – Internal runtime failure. Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/ai/run-object" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"agent\": \"string\", \"messages\": [ { \"role\": \"user\", \"content\": \"string\" } ] }" ``` ## POST `/ai_assistant/chat` Send message to AI agent via SSE stream Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/chat" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/health` Check OpenCode and MCP connection status Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/health" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/ai_assistant/route` Route user query to appropriate AI handler Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/route" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/ai_assistant/session-key` Generate session key Generates a new session token that can be included in MCP tool calls via the _sessionToken parameter. The token inherits the calling user's roles and organization context. Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **200** – Session key created successfully Content-Type: `application/json` ```json { "sessionToken": "string", "expiresAt": "string" } ``` **500** – Failed to create session key Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/session-key" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/ai_assistant/settings` Clear per-tenant AI runtime override Soft-deletes the active per-tenant runtime override. Pass `agentId` to clear only the agent-specific row; omit to clear the tenant-wide default. Gated by `ai_assistant.settings.manage`. Idempotent — returns 200 with `cleared: false` when no active row existed. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Request Body Content-Type: `application/json` ```json { "agentId": null } ``` ### Responses **200** – Returns `{ cleared: boolean }` indicating whether a row was found and removed. Content-Type: `application/json` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/ai_assistant/settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"agentId\": null }" ``` ## GET `/ai_assistant/settings` Get AI provider configuration Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/ai_assistant/settings` Upsert per-tenant AI runtime override Creates or updates the per-tenant AI runtime override (provider, model, baseURL). Optionally scoped to a specific agent via `agentId`. Gated by `ai_assistant.settings.manage`. baseURL must match AI_RUNTIME_BASEURL_ALLOWLIST when set. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Request Body Content-Type: `application/json` ```json { "providerId": null, "modelId": null, "baseURL": null, "agentId": null, "allowedOverrideProviders": null } ``` ### Responses **200** – Override saved. Returns the saved row. Content-Type: `application/json` **400** – Validation error: unknown provider, invalid URL, or baseURL not allowlisted. Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/ai_assistant/settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"providerId\": null, \"modelId\": null, \"baseURL\": null, \"agentId\": null, \"allowedOverrideProviders\": null }" ``` ## DELETE `/ai_assistant/settings/allowlist` Clear per-tenant AI provider/model allowlist Soft-deletes the tenant allowlist row. Tenant overrides revert to env-only enforcement. Idempotent — returns `{ cleared: false }` when no active row existed. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Responses **200** – Returns `{ cleared: boolean }`. Content-Type: `application/json` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/ai_assistant/settings/allowlist" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/ai_assistant/settings/allowlist` Upsert per-tenant AI provider/model allowlist Persists the per-tenant allowlist of providers and models. The runtime intersects this with the env allowlist (`OM_AI_AVAILABLE_*`) at resolution time. Tenant values that fall outside the env allowlist are rejected with `provider_not_in_env_allowlist` / `model_not_in_env_allowlist` 400 codes. Gated by `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Request Body Content-Type: `application/json` ```json { "allowedProviders": null } ``` ### Responses **200** – Allowlist saved. Returns the saved snapshot. Content-Type: `application/json` **400** – Validation error or values outside env allowlist. Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/ai_assistant/settings/allowlist" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"allowedProviders\": null }" ``` ## GET `/ai_assistant/tools` List available MCP tools filtered by user permissions Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/tools" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/ai_assistant/tools/execute` Execute a specific MCP tool by name Requires features: ai_assistant.view **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.view ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/ai_assistant/tools/execute" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/usage/daily` Fetch daily token-usage rollup rows for a date window. Returns aggregated token-usage data from `ai_token_usage_daily` for the given date window. Tenant-scoped. Optionally filtered by `agentId` and/or `modelId`. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | from | query | any | Required | | to | query | any | Required | | agentId | query | any | Optional | | modelId | query | any | Optional | ### Responses **200** – Array of daily rollup rows. Content-Type: `application/json` **400** – Invalid query parameters. Content-Type: `application/json` **500** – Internal failure. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/usage/daily?from=string&to=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/usage/sessions` List per-session token usage totals for a date window. Returns aggregated token-usage data grouped by `session_id` from `ai_token_usage_events` for the given date window. Tenant-scoped. Optionally filtered by `agentId`. Paginated via `limit` / `offset`. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | from | query | any | Required | | to | query | any | Required | | agentId | query | any | Optional | | limit | query | any | Required | | offset | query | any | Required | ### Responses **200** – Array of session-level usage summaries plus pagination metadata. Content-Type: `application/json` **400** – Invalid query parameters. Content-Type: `application/json` **500** – Internal failure. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/usage/sessions?from=string&to=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/ai_assistant/usage/sessions/{sessionId}` Fetch per-step token usage event rows for a single session. Returns up to 200 raw `ai_token_usage_events` rows for the given `sessionId`, ordered by `created_at ASC, step_index ASC`. Tenant-scoped. Requires `ai_assistant.settings.manage`. Requires features: ai_assistant.settings.manage **Tags:** AI Assistant **Requires authentication.** **Features:** ai_assistant.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | sessionId | path | any | Required | ### Responses **200** – Array of per-step event rows for the session. Content-Type: `application/json` **400** – Invalid session id (must be a UUID). Content-Type: `application/json` **404** – No events found for the given session id in the caller's tenant. Content-Type: `application/json` **500** – Internal failure. Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/ai_assistant/usage/sessions/:sessionId" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/attachments` Delete attachment Removes an uploaded attachment and deletes the stored asset. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Required | ### Responses **200** – Attachment deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing attachment identifier Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Attachment not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/attachments?id=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/attachments` List attachments for a record Returns uploaded attachments for the given entity record, ordered by newest first. Requires features: attachments.view **Tags:** Attachments **Requires authentication.** **Features:** attachments.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Required. Entity identifier that owns the attachments | | recordId | query | any | Required. Record identifier within the entity | | page | query | any | Optional | | pageSize | query | any | Optional | ### Responses **200** – Attachments found for the record Content-Type: `application/json` ```json { "items": [ { "id": "string", "url": "string", "fileName": "string", "fileSize": 1, "createdAt": "string", "mimeType": null, "content": null } ] } ``` **400** – Missing entity or record identifiers Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/attachments?entityId=string&recordId=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/attachments` Upload attachment Uploads a new attachment using multipart form-data and stores metadata for later retrieval. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Request Body Content-Type: `multipart/form-data` ```text entityId=string recordId=string file=string ``` ### Responses **200** – Attachment stored successfully Content-Type: `application/json` ```json { "ok": true, "item": { "id": "string", "url": "string", "fileName": "string", "fileSize": 1, "content": null } } ``` **400** – Payload validation error Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/attachments" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: multipart/form-data" \ -d "{ \"entityId\": \"string\", \"recordId\": \"string\", \"file\": \"string\" }" ``` ## GET `/attachments/file/{id}` Download or serve attachment file Returns the raw file content for an attachment. Path parameter: {id} - Attachment UUID. Query parameter: ?download=1 - Force file download with Content-Disposition header. Access control is enforced based on partition settings. **Tags:** Attachments ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – File content with appropriate MIME type Content-Type: `application/json` **400** – Missing attachment ID Content-Type: `application/json` ```json { "error": "string" } ``` **401** – Unauthorized - authentication required for private partitions Content-Type: `application/json` ```json { "error": "string" } ``` **403** – Forbidden - insufficient permissions Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Attachment or file not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Partition misconfigured Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/attachments/file/:id" \ -H "Accept: application/json" ``` ## GET `/attachments/image/{id}/{slug}` Serve image with optional resizing Returns an image attachment with optional on-the-fly resizing and cropping. Resized images are cached for performance. Only works with image MIME types. Path parameter: {id} - Attachment UUID. Query parameters: ?width=N (1-4000 pixels), ?height=N (1-4000 pixels), ?cropType=cover|contain (resize behavior). **Tags:** Attachments ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | slug | path | any | Optional | ### Responses **200** – Binary image content (Content-Type: image/jpeg, image/png, etc.) Content-Type: `application/json` **400** – Invalid parameters, missing ID, or non-image attachment Content-Type: `application/json` ```json { "error": "string" } ``` **401** – Unauthorized - authentication required for private partitions Content-Type: `application/json` ```json { "error": "string" } ``` **403** – Forbidden - insufficient permissions Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Image not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Partition misconfigured or image rendering failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/attachments/image/:id/:slug" \ -H "Accept: application/json" ``` ## GET `/attachments/library` List attachments Returns paginated list of attachments with optional filtering by search term, partition, and tags. Includes available tags and partitions. Requires features: attachments.view **Tags:** Attachments **Requires authentication.** **Features:** attachments.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional. Page number for pagination | | pageSize | query | any | Optional. Number of items per page (max 100) | | search | query | any | Optional. Search by file name (case-insensitive) | | partition | query | any | Optional. Filter by partition code | | tags | query | any | Optional. Filter by tags (comma-separated) | | sortField | query | any | Optional. Field to sort by | | sortDir | query | any | Optional. Sort direction | ### Responses **200** – Attachments list with pagination and metadata Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "fileName": "string", "fileSize": 1, "mimeType": "string", "partitionCode": "string", "partitionTitle": null, "url": null, "createdAt": "string", "tags": [ "string" ], "assignments": [], "content": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1, "availableTags": [ "string" ], "partitions": [ { "code": "string", "title": "string", "description": null, "isPublic": true } ] } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/attachments/library?page=1&pageSize=25" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/attachments/library/{id}` Delete attachment Permanently deletes an attachment file from storage and database. Emits CRUD side effects. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Attachment deleted successfully Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid attachment ID Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Attachment not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/attachments/library/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/attachments/library/{id}` Get attachment details Returns complete details of an attachment including metadata, tags, assignments, and custom fields. Requires features: attachments.view **Tags:** Attachments **Requires authentication.** **Features:** attachments.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Attachment details Content-Type: `application/json` ```json { "item": { "id": "00000000-0000-4000-8000-000000000000", "fileName": "string", "fileSize": 1, "mimeType": "string", "partitionCode": "string", "partitionTitle": null, "tags": [ "string" ], "assignments": [], "content": null, "customFields": null } } ``` **400** – Invalid attachment ID Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Attachment not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/attachments/library/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PATCH `/attachments/library/{id}` Update attachment metadata Updates attachment tags, assignments, and custom fields. Emits CRUD side effects for indexing and events. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Attachment updated successfully Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid payload or attachment ID Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Attachment not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to save attributes Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/attachments/library/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## DELETE `/attachments/partitions` Delete partition Deletes a partition. Default partitions cannot be deleted. Partitions with existing attachments cannot be deleted. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Responses **200** – Partition deleted successfully Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid ID or default partition deletion attempt Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Partition not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Partition in use Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/attachments/partitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/attachments/partitions` List all attachment partitions Returns all configured attachment partitions with storage settings, OCR configuration, and access control settings. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Responses **200** – List of partitions Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "code": "string", "title": "string", "description": null, "isPublic": true, "requiresOcr": true, "ocrModel": null, "createdAt": null, "updatedAt": null, "envKey": "string" } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/attachments/partitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/attachments/partitions` Create new partition Creates a new attachment partition with specified storage and OCR settings. Requires unique partition code. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Request Body Content-Type: `application/json` ```json { "code": "string", "title": "string", "description": null, "ocrModel": null } ``` ### Responses **201** – Partition created successfully Content-Type: `application/json` ```json { "item": { "id": "00000000-0000-4000-8000-000000000000", "code": "string", "title": "string", "description": null, "isPublic": true, "requiresOcr": true, "ocrModel": null, "createdAt": null, "updatedAt": null, "envKey": "string" } } ``` **400** – Invalid payload or partition code Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Partition code already exists Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/attachments/partitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"code\": \"string\", \"title\": \"string\", \"description\": null, \"ocrModel\": null }" ``` ## PUT `/attachments/partitions` Update partition Updates an existing partition. Partition code cannot be changed. Title, description, OCR settings, and access control can be modified. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Request Body Content-Type: `application/json` ```json { "code": "string", "title": "string", "description": null, "ocrModel": null, "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Partition updated successfully Content-Type: `application/json` ```json { "item": { "id": "00000000-0000-4000-8000-000000000000", "code": "string", "title": "string", "description": null, "isPublic": true, "requiresOcr": true, "ocrModel": null, "createdAt": null, "updatedAt": null, "envKey": "string" } } ``` **400** – Invalid payload or code change attempt Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Partition not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/attachments/partitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"code\": \"string\", \"title\": \"string\", \"description\": null, \"ocrModel\": null, \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/attachments/transfer` Transfer attachments to different record Transfers one or more attachments from one record to another within the same entity type. Updates attachment assignments and metadata to reflect the new record. Requires features: attachments.manage **Tags:** Attachments **Requires authentication.** **Features:** attachments.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "attachmentIds": [ "00000000-0000-4000-8000-000000000000" ], "toRecordId": "string" } ``` ### Responses **200** – Attachments transferred successfully Content-Type: `application/json` ```json { "ok": true, "updated": 1 } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Attachments not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Attachment model missing Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/attachments/transfer" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"attachmentIds\": [ \"00000000-0000-4000-8000-000000000000\" ], \"toRecordId\": \"string\" }" ``` ## GET `/audit_logs/audit-logs/access` Retrieve access logs Fetches paginated access audit logs scoped to the authenticated user. Tenant administrators can optionally expand the search to other actors or organizations. Requires features: audit_logs.view_self **Tags:** Audit & Action Logs **Requires authentication.** **Features:** audit_logs.view_self ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | organizationId | query | any | Optional. Limit results to a specific organization | | actorUserId | query | any | Optional. Filter by actor user id (tenant administrators only) | | resourceKind | query | any | Optional. Restrict to a resource kind such as `order` or `product` | | accessType | query | any | Optional. Access type filter, e.g. `read` or `export` | | page | query | any | Optional. Page number (default 1) | | pageSize | query | any | Optional. Page size (default 50) | | limit | query | any | Optional. Explicit maximum number of records when paginating manually | | before | query | any | Optional. Return logs created before this ISO-8601 timestamp | | after | query | any | Optional. Return logs created after this ISO-8601 timestamp | ### Responses **200** – Access logs returned successfully Content-Type: `application/json` ```json { "items": [ { "id": "string", "resourceKind": "string", "resourceId": "string", "accessType": "string", "actorUserId": null, "actorUserName": null, "tenantId": null, "tenantName": null, "organizationId": null, "organizationName": null, "fields": [ "string" ], "context": null, "createdAt": "string" } ], "canViewTenant": true, "page": 1, "pageSize": 1, "total": 1, "totalPages": 1 } ``` **400** – Invalid filters supplied Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/audit_logs/audit-logs/access" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/audit_logs/audit-logs/actions` Fetch action logs Returns recent action audit log entries. Tenant administrators can widen the scope to other actors or organizations, and callers can optionally restrict results to undoable actions. Requires features: audit_logs.view_self **Tags:** Audit & Action Logs **Requires authentication.** **Features:** audit_logs.view_self ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | organizationId | query | any | Optional. Limit results to a specific organization | | actorUserId | query | any | Optional. Filter logs created by specific actor IDs (tenant administrators only). Accepts a single UUID or a comma-separated UUID list. | | resourceKind | query | any | Optional. Filter by resource kind (e.g., "order", "product") | | resourceId | query | any | Optional. Filter by resource ID (UUID of the specific record) | | actionType | query | any | Optional. Filter by action type (`create`, `edit`, `delete`, `assign`). Accepts a single value or a comma-separated list. | | fieldName | query | any | Optional. Filter to entries where the given field changed. Accepts a single field name or a comma-separated list. | | includeRelated | query | any | Optional. When `true`, also returns changes to child entities linked via parentResourceKind/parentResourceId | | includeTotal | query | any | Optional. When `true`, the response includes the filtered total count. | | undoableOnly | query | any | Optional. When `true`, only undoable actions are returned | | limit | query | any | Optional. Maximum number of records to return (default 50, max 1000) | | offset | query | any | Optional. Zero-based record offset for pagination (legacy — prefer page/pageSize) | | page | query | any | Optional. Page number (default 1) | | pageSize | query | any | Optional. Page size (default 50, max 200) | | sortField | query | any | Optional. Sort field: `createdAt`, `user`, `action`, `field`, or `source`. | | sortDir | query | any | Optional. Sort direction: `asc` or `desc`. | | before | query | any | Optional. Return actions created before this ISO-8601 timestamp | | after | query | any | Optional. Return actions created after this ISO-8601 timestamp | ### Responses **200** – Action logs retrieved successfully Content-Type: `application/json` ```json { "items": [ { "id": "string", "commandId": "string", "actionLabel": null, "executionState": "done", "actorUserId": null, "actorUserName": null, "tenantId": null, "tenantName": null, "organizationId": null, "organizationName": null, "resourceKind": null, "resourceId": null, "parentResourceKind": null, "parentResourceId": null, "undoToken": null, "createdAt": "string", "updatedAt": "string", "snapshotBefore": null, "snapshotAfter": null, "changes": null, "context": null } ], "canViewTenant": true, "page": 1, "pageSize": 1, "total": 1, "totalPages": 1 } ``` **400** – Invalid filter values Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/audit_logs/audit-logs/actions?includeRelated=false&includeTotal=false&undoableOnly=false" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/audit_logs/audit-logs/actions/export` Export action logs as CSV Returns a CSV attachment containing filtered action audit log entries. Tenant administrators can widen the scope to other actors or organizations. Requires features: audit_logs.view_self **Tags:** Audit & Action Logs **Requires authentication.** **Features:** audit_logs.view_self ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | organizationId | query | any | Optional. Limit results to a specific organization | | actorUserId | query | any | Optional. Filter logs created by specific actor IDs (tenant administrators only). Accepts a single UUID or a comma-separated UUID list. | | resourceKind | query | any | Optional. Filter by resource kind (e.g., "order", "product") | | resourceId | query | any | Optional. Filter by resource ID (UUID of the specific record) | | actionType | query | any | Optional. Filter by action type (`create`, `edit`, `delete`, `assign`). Accepts a single value or a comma-separated list. | | fieldName | query | any | Optional. Filter to entries where the given field changed. Accepts a single field name or a comma-separated list. | | includeRelated | query | any | Optional. When `true`, also returns changes to child entities linked via parentResourceKind/parentResourceId | | undoableOnly | query | any | Optional. When `true`, only undoable actions are returned | | limit | query | any | Optional. Maximum number of records to export (default 1000, capped at 1000) | | sortField | query | any | Optional. Sort field: `createdAt`, `user`, `action`, `field`, or `source`. | | sortDir | query | any | Optional. Sort direction: `asc` or `desc`. | | before | query | any | Optional. Return actions created before this ISO-8601 timestamp | | after | query | any | Optional. Return actions created after this ISO-8601 timestamp | ### Responses **200** – CSV export generated successfully Content-Type: `application/json` ```json { "file": "csv" } ``` **400** – Invalid filter values Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/audit_logs/audit-logs/actions/export?includeRelated=false&undoableOnly=false" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/audit_logs/audit-logs/actions/redo` Redo by action log id Redoes the latest undone command owned by the caller. Requires the action to still be eligible for redo within tenant and organization scope. Requires features: audit_logs.redo_self **Tags:** Audit & Action Logs **Requires authentication.** **Features:** audit_logs.redo_self ### Request Body Content-Type: `application/json` ```json { "logId": "string" } ``` ### Responses **200** – Redo executed successfully Content-Type: `application/json` ```json { "ok": true, "logId": null, "undoToken": null } ``` **400** – Log not eligible for redo Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/audit_logs/audit-logs/actions/redo" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"logId\": \"string\" }" ``` ## POST `/audit_logs/audit-logs/actions/undo` Undo action by token Replays the undo handler registered for a command. The provided undo token must match the latest undoable log entry accessible to the caller. Requires features: audit_logs.undo_self **Tags:** Audit & Action Logs **Requires authentication.** **Features:** audit_logs.undo_self ### Request Body Content-Type: `application/json` ```json { "undoToken": "string" } ``` ### Responses **200** – Undo applied successfully Content-Type: `application/json` ```json { "ok": true, "logId": "string" } ``` **400** – Invalid or unavailable undo token Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/audit_logs/audit-logs/actions/undo" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"undoToken\": \"string\" }" ``` ## GET `/auth/admin/nav` Resolve backend chrome bootstrap payload Returns the backend chrome payload available to the authenticated administrator after applying scope, RBAC, role defaults, and personal sidebar preferences. **Tags:** Authentication & Accounts **Requires authentication.** ### Responses **200** – Backend chrome payload Content-Type: `application/json` ```json { "groups": [ { "name": "string", "items": [ { "href": "string", "title": "string" } ] } ], "settingsSections": [ { "id": "string", "label": "string", "items": [ { "id": "string", "label": "string", "href": "string" } ] } ], "settingsPathPrefixes": [ "string" ], "profileSections": [ { "id": "string", "label": "string", "items": [ { "id": "string", "label": "string", "href": "string" } ] } ], "profilePathPrefixes": [ "string" ], "grantedFeatures": [ "string" ], "roles": [ "string" ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/admin/nav" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/auth/feature-check` Check feature grants for the current user Evaluates which of the requested features are available to the signed-in user within the active tenant / organization context. **Tags:** Authentication & Accounts **Requires authentication.** ### Request Body Content-Type: `application/json` ```json { "features": [ "string" ] } ``` ### Responses **200** – Evaluation result Content-Type: `application/json` ```json { "ok": true, "granted": [ "string" ], "userId": "string" } ``` **400** – Invalid request — features array missing, too large, or contains invalid entries Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/feature-check" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"features\": [ \"string\" ] }" ``` ## GET `/auth/features` List declared feature flags Returns all static features contributed by the enabled modules along with their module source. Requires features: auth.acl.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.acl.manage ### Responses **200** – Aggregated feature catalog Content-Type: `application/json` ```json { "items": [ { "id": "string", "title": "string", "module": "string" } ], "modules": [ { "id": "string", "title": "string" } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/features" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/auth/locale` GET /auth/locale **Tags:** Authentication & Accounts ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/locale" \ -H "Accept: application/json" ``` ## POST `/auth/locale` POST /auth/locale **Tags:** Authentication & Accounts ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/locale" \ -H "Accept: application/json" ``` ## POST `/auth/login` Authenticate user credentials Validates the submitted credentials and issues a bearer token cookie for subsequent API calls. **Tags:** Authentication & Accounts ### Request Body Content-Type: `application/x-www-form-urlencoded` ```text email=user%40example.com&password=string ``` ### Responses **200** – Authentication succeeded Content-Type: `application/json` ```json { "ok": true, "token": "string", "redirect": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` **401** – Invalid credentials Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` **403** – User lacks required role Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` **429** – Too many login attempts Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/login" \ -H "Accept: application/json" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "email=user%40example.com&password=string" ``` ## GET `/auth/logout` Log out (legacy GET) For convenience, the GET variant performs the same logout logic as POST and issues a redirect. **Tags:** Authentication & Accounts **Requires authentication.** ### Responses **200** – Success response Content-Type: `application/json` **302** – Redirect to login after successful logout Content-Type: `text/html` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/logout" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/auth/logout` Invalidate session and redirect Clears authentication cookies and redirects the browser to the login page. **Tags:** Authentication & Accounts **Requires authentication.** ### Responses **201** – Success response Content-Type: `application/json` **302** – Redirect to login after successful logout Content-Type: `text/html` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/logout" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/auth/profile` Get current profile Returns the email address for the signed-in user. **Tags:** Authentication & Accounts **Requires authentication.** ### Responses **200** – Profile payload Content-Type: `application/json` ```json { "email": "user@example.com", "roles": [ "string" ] } ``` **404** – User not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/profile" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/auth/profile` Update current profile Updates the email address or password for the signed-in user. **Tags:** Authentication & Accounts **Requires authentication.** ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Profile updated Content-Type: `application/json` ```json { "ok": true, "email": "user@example.com" } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/profile" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## POST `/auth/reset` Send reset email Requests a password reset email for the given account. The endpoint always returns `ok: true` to avoid leaking account existence. **Tags:** Authentication & Accounts ### Request Body Content-Type: `application/x-www-form-urlencoded` ```text email=user%40example.com ``` ### Responses **200** – Reset email dispatched (or ignored for unknown accounts) Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid request origin Content-Type: `application/json` ```json { "error": "string" } ``` **429** – Too many password reset requests Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Password reset email origin is not configured Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/reset" \ -H "Accept: application/json" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "email=user%40example.com" ``` ## POST `/auth/reset/confirm` Complete password reset Validates the reset token and updates the user password. **Tags:** Authentication & Accounts ### Request Body Content-Type: `application/x-www-form-urlencoded` ```text token=string&password=string ``` ### Responses **200** – Password reset succeeded Content-Type: `application/json` ```json { "ok": true, "redirect": "string" } ``` **400** – Invalid token or payload Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` **429** – Too many reset confirmation attempts Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/reset/confirm" \ -H "Accept: application/json" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "token=string&password=string" ``` ## DELETE `/auth/roles` Delete role Deletes a role by identifier. Fails when users remain assigned. Requires features: auth.roles.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Required. Role identifier | ### Responses **200** – Role deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Role cannot be deleted Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/auth/roles?id=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/auth/roles` List roles Returns available roles within the current tenant. Super administrators receive visibility across tenants. Requires features: auth.roles.list **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.roles.list ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Optional | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | tenantId | query | any | Optional | ### Responses **200** – Role collection Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "usersCount": 1, "tenantId": null, "tenantName": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/roles?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/auth/roles` Create role Creates a new role for the current tenant or globally when `tenantId` is omitted. Requires features: auth.roles.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.roles.manage ### Request Body Content-Type: `application/json` ```json { "name": "string" } ``` ### Responses **201** – Role created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/roles" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"name\": \"string\" }" ``` ## PUT `/auth/roles` Update role Updates mutable fields on an existing role. Requires features: auth.roles.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.roles.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Role updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/roles" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/auth/roles/acl` Fetch role ACL Returns the feature and organization assignments associated with a role within the current tenant. Requires features: auth.acl.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.acl.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | roleId | query | any | Required | | tenantId | query | any | Optional | ### Responses **200** – Role ACL entry Content-Type: `application/json` ```json { "isSuperAdmin": true, "features": [ "string" ], "organizations": null } ``` **400** – Invalid role id Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/roles/acl?roleId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/auth/roles/acl` Update role ACL Replaces the feature list, super admin flag, and optional organization assignments for a role. Requires features: auth.acl.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.acl.manage ### Request Body Content-Type: `application/json` ```json { "roleId": "00000000-0000-4000-8000-000000000000", "organizations": null } ``` ### Responses **200** – Role ACL updated Content-Type: `application/json` ```json { "ok": true, "sanitized": true } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/roles/acl" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"roleId\": \"00000000-0000-4000-8000-000000000000\", \"organizations\": null }" ``` ## GET `/auth/session/refresh` Refresh auth cookie from session token (browser) Exchanges an existing `session_token` cookie for a fresh JWT auth cookie and redirects the browser. **Tags:** Authentication & Accounts ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | redirect | query | any | Optional. Absolute or relative URL to redirect after refresh | ### Responses **200** – Success response Content-Type: `application/json` **302** – Redirect to target location when session is valid Content-Type: `text/html` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/session/refresh" \ -H "Accept: application/json" ``` ## POST `/auth/session/refresh` Refresh access token (API/mobile) Exchanges a refresh token for a new JWT access token. Pass the refresh token obtained from login in the request body. **Tags:** Authentication & Accounts ### Request Body Content-Type: `application/json` ```json { "refreshToken": "string" } ``` ### Responses **200** – New access token issued Content-Type: `application/json` ```json { "ok": true, "accessToken": "string", "expiresIn": 1 } ``` **400** – Missing refresh token Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` **401** – Invalid or expired token Content-Type: `application/json` ```json { "ok": false, "error": "string" } ``` **429** – Too many refresh attempts Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/session/refresh" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -d "{ \"refreshToken\": \"string\" }" ``` ## DELETE `/auth/sidebar/preferences` Delete a role sidebar variant Removes the role variant for the current tenant + locale. Idempotent. Requires `auth.sidebar.manage`. Requires features: auth.sidebar.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.sidebar.manage ### Responses **200** – Variant deleted (or never existed) Content-Type: `application/json` ```json { "ok": true, "scope": { "type": "user" } } ``` **400** – Missing roleId query parameter Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found in current tenant scope Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/auth/sidebar/preferences" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/auth/sidebar/preferences` Get sidebar preferences Returns sidebar customization for the current user (default) or the specified role (`?roleId=…`, requires `auth.sidebar.manage`). **Tags:** Authentication & Accounts **Requires authentication.** ### Responses **200** – Current sidebar configuration Content-Type: `application/json` ```json { "locale": "string", "settings": { "version": 1, "groupOrder": [ "string" ], "groupLabels": { "key": "string" }, "itemLabels": { "key": "string" }, "hiddenItems": [ "string" ], "itemOrder": { "key": [ "string" ] } }, "canApplyToRoles": true, "roles": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "hasPreference": true } ], "scope": { "type": "user" } } ``` **403** – Missing features for role-scope read Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found in current tenant scope Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/sidebar/preferences" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/auth/sidebar/preferences` Update sidebar preferences Updates sidebar configuration. With `scope.type === "user"` (default) writes the calling user's personal preferences and may optionally apply the same settings to selected roles via `applyToRoles[]`. With `scope.type === "role"` writes the named role variant directly (requires `auth.sidebar.manage`); `applyToRoles[]` and `clearRoleIds[]` are rejected in this mode. Requires features: auth.sidebar.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.sidebar.manage ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Preferences saved Content-Type: `application/json` ```json { "locale": "string", "settings": { "version": 1, "groupOrder": [ "string" ], "groupLabels": { "key": "string" }, "itemLabels": { "key": "string" }, "hiddenItems": [ "string" ], "itemOrder": { "key": [ "string" ] } }, "canApplyToRoles": true, "roles": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "hasPreference": true } ], "scope": { "type": "user" }, "appliedRoles": [ "00000000-0000-4000-8000-000000000000" ], "clearedRoles": [ "00000000-0000-4000-8000-000000000000" ] } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found in current tenant scope Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/sidebar/preferences" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## GET `/auth/sidebar/variants` List sidebar variants Returns the named sidebar variants saved by the current user for the current tenant + locale. **Tags:** Authentication & Accounts **Requires authentication.** ### Responses **200** – Variant list Content-Type: `application/json` ```json { "locale": "string", "variants": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isActive": true, "settings": { "version": 1, "groupOrder": [ "string" ], "groupLabels": { "key": "string" }, "itemLabels": { "key": "string" }, "hiddenItems": [ "string" ], "itemOrder": { "key": [ "string" ] } }, "createdAt": "string", "updatedAt": null } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/sidebar/variants" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/auth/sidebar/variants` Create a sidebar variant Creates a new variant. If `name` is omitted or blank, an auto-name like "My preferences", "My preferences 2", … is assigned. Requires features: auth.sidebar.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.sidebar.manage ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Variant created Content-Type: `application/json` ```json { "locale": "string", "variant": { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isActive": true, "settings": { "version": 1, "groupOrder": [ "string" ], "groupLabels": { "key": "string" }, "itemLabels": { "key": "string" }, "hiddenItems": [ "string" ], "itemOrder": { "key": [ "string" ] } }, "createdAt": "string", "updatedAt": null } } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/sidebar/variants" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## DELETE `/auth/sidebar/variants/{id}` Delete a sidebar variant Soft-deletes the variant (sets deleted_at). Requires features: auth.sidebar.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.sidebar.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Variant deleted Content-Type: `application/json` ```json { "ok": true } ``` **404** – Variant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/auth/sidebar/variants/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/auth/sidebar/variants/{id}` Get a sidebar variant **Tags:** Authentication & Accounts **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Variant Content-Type: `application/json` ```json { "locale": "string", "variant": { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isActive": true, "settings": { "version": 1, "groupOrder": [ "string" ], "groupLabels": { "key": "string" }, "itemLabels": { "key": "string" }, "hiddenItems": [ "string" ], "itemOrder": { "key": [ "string" ] } }, "createdAt": "string", "updatedAt": null } } ``` **404** – Variant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/sidebar/variants/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/auth/sidebar/variants/{id}` Update a sidebar variant Updates the variant's name, settings, and/or isActive flag. Setting `isActive: true` deactivates other variants in the same scope (only one active per user/tenant/locale). Requires features: auth.sidebar.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.sidebar.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Variant updated Content-Type: `application/json` ```json { "locale": "string", "variant": { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isActive": true, "settings": { "version": 1, "groupOrder": [ "string" ], "groupLabels": { "key": "string" }, "itemLabels": { "key": "string" }, "hiddenItems": [ "string" ], "itemOrder": { "key": [ "string" ] } }, "createdAt": "string", "updatedAt": null } } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Variant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/sidebar/variants/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## DELETE `/auth/users` Delete user Deletes a user by identifier. Undo support is provided via the command bus. Requires features: auth.users.delete **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.users.delete ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Required. User identifier | ### Responses **200** – User deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – User cannot be deleted Content-Type: `application/json` ```json { "error": "string" } ``` **404** – User not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/auth/users?id=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/auth/users` List users Returns users for the current tenant. Search matches email, organization name, and role name. Super administrators may scope the response via organization or role filters. Requires features: auth.users.list **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.users.list ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Optional | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | name | query | any | Optional | | organizationId | query | any | Optional | | roleIds | query | any | Optional | ### Responses **200** – User collection Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "email": "user@example.com", "name": null, "organizationId": null, "organizationName": null, "tenantId": null, "tenantName": null, "roles": [ "string" ] } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/users?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/auth/users` Create user Creates a new confirmed user within the specified organization, optional display name, and optional roles. Requires features: auth.users.create **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.users.create ### Request Body Content-Type: `application/json` ```json { "email": "user@example.com", "organizationId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **201** – User created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid payload or duplicate email Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/users" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"email\": \"user@example.com\", \"organizationId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## PUT `/auth/users` Update user Updates profile fields including display name, organization assignment, credentials, or role memberships. Requires features: auth.users.edit **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.users.edit ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – User updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – User not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/users" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/auth/users/acl` Fetch user ACL Returns custom ACL overrides for a user within the current tenant, if any. Requires features: auth.acl.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.acl.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | userId | query | any | Required | ### Responses **200** – User ACL entry Content-Type: `application/json` ```json { "hasCustomAcl": true, "isSuperAdmin": true, "features": [ "string" ], "organizations": null } ``` **400** – Invalid user id Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/users/acl?userId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/auth/users/acl` Update user ACL Configures per-user ACL overrides, including super admin access, feature list, and organization scope. Requires features: auth.acl.manage **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.acl.manage ### Request Body Content-Type: `application/json` ```json { "userId": "00000000-0000-4000-8000-000000000000", "organizations": null } ``` ### Responses **200** – User ACL updated Content-Type: `application/json` ```json { "ok": true, "sanitized": true } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/auth/users/acl" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"userId\": \"00000000-0000-4000-8000-000000000000\", \"organizations\": null }" ``` ## GET `/auth/users/consents` List user consents Returns all consent records for a given user, with integrity verification status. Requires features: auth.users.edit **Tags:** Auth **Requires authentication.** **Features:** auth.users.edit ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | userId | query | any | Required | ### Responses **200** – Consent list returned Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/auth/users/consents?userId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/auth/users/resend-invite` Resend invitation email Resends the invitation email to a user who has not yet set up their password. Generates a new 48-hour setup token and invalidates prior tokens. Requires features: auth.users.create **Tags:** Authentication & Accounts **Requires authentication.** **Features:** auth.users.create ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Invite email sent Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid request origin Content-Type: `application/json` ```json { "error": "string" } ``` **404** – User not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – User already has a password Content-Type: `application/json` ```json { "error": "string" } ``` **422** – Validation error Content-Type: `application/json` ```json { "error": "string" } ``` **429** – Rate limit exceeded Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Invitation email origin is not configured Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/auth/users/resend-invite" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/configs/cache` Get cache statistics Returns detailed cache statistics including total entries and breakdown by cache segments. Requires cache service to be available. Requires features: configs.cache.view **Tags:** Configs **Requires authentication.** **Features:** configs.cache.view ### Responses **200** – Cache statistics Content-Type: `application/json` ```json { "total": 1, "segments": { "key": 1 } } ``` **500** – Failed to resolve cache stats Content-Type: `application/json` ```json { "error": "string" } ``` **503** – Cache service unavailable Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/configs/cache" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/configs/cache` Purge cache Purges cache entries. Supports two actions: purgeAll (clears entire cache) or purgeSegment (clears specific segment). Returns updated cache statistics after purge. Requires features: configs.cache.manage **Tags:** Configs **Requires authentication.** **Features:** configs.cache.manage ### Request Body Content-Type: `application/json` ```json { "action": "purgeAll" } ``` ### Responses **200** – Cache segment cleared successfully Content-Type: `application/json` ```json { "action": "purgeSegment", "segment": "string", "deleted": 1, "stats": { "total": 1, "segments": { "key": 1 } } } ``` **400** – Invalid request - missing segment identifier for purgeSegment action Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to purge cache Content-Type: `application/json` ```json { "error": "string" } ``` **503** – Cache service unavailable Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/configs/cache" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"action\": \"purgeAll\" }" ``` ## GET `/configs/system-status` Get system health status Returns comprehensive system health information including environment details, version, resource usage, and service connectivity status. Requires features: configs.system_status.view **Tags:** Configs **Requires authentication.** **Features:** configs.system_status.view ### Responses **200** – System status snapshot Content-Type: `application/json` ```json { "generatedAt": "string", "runtimeMode": "development", "categories": [ { "key": "profiling", "labelKey": "string", "descriptionKey": null, "items": [ { "key": "string", "category": "profiling", "kind": "boolean", "labelKey": "string", "descriptionKey": "string", "docUrl": null, "defaultValue": null, "state": "enabled", "value": null, "normalizedValue": null } ] } ] } ``` **500** – Failed to load system status Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/configs/system-status" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/configs/system-status` Clear system cache Purges the entire cache for the current tenant. Useful for troubleshooting or forcing fresh data loading. Requires features: configs.manage **Tags:** Configs **Requires authentication.** **Features:** configs.manage ### Responses **200** – Cache cleared successfully Content-Type: `application/json` ```json { "cleared": true } ``` **500** – Failed to purge cache Content-Type: `application/json` ```json { "error": "string" } ``` **503** – Cache service unavailable Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/configs/system-status" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/configs/upgrade-actions` List pending upgrade actions Returns a list of pending upgrade actions for the current version. These are one-time setup tasks that need to be executed after upgrading to a new version. Requires organization and tenant context. Requires features: configs.manage **Tags:** Configs **Requires authentication.** **Features:** configs.manage ### Responses **200** – List of pending upgrade actions Content-Type: `application/json` ```json { "version": "string", "actions": [ { "id": "string", "version": "string", "message": "string", "ctaLabel": "string", "successMessage": "string", "loadingLabel": "string" } ] } ``` **400** – Missing organization or tenant context Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to load upgrade actions Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/configs/upgrade-actions" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/configs/upgrade-actions` Execute upgrade action Executes a specific upgrade action by ID. Typically used for one-time setup tasks like seeding example data after version upgrade. Returns execution status and localized success message. Requires features: configs.manage **Tags:** Configs **Requires authentication.** **Features:** configs.manage ### Request Body Content-Type: `application/json` ```json { "actionId": "string" } ``` ### Responses **200** – Upgrade action executed successfully Content-Type: `application/json` ```json { "status": "string", "message": "string", "version": "string" } ``` **400** – Invalid request body or missing context Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to execute upgrade action Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/configs/upgrade-actions" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"actionId\": \"string\" }" ``` ## DELETE `/customers/activities` Delete activity DEPRECATED (sunset 2026-06-30): Deletes an activity. Use DELETE /api/customers/interactions instead. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Activity deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/activities" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/activities` List activitys Returns a paginated collection of activitys scoped to the authenticated organization. Requires features: customers.activities.view **Tags:** Customers **Requires authentication.** **Features:** customers.activities.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | entityId | query | any | Optional | | dealId | query | any | Optional | | activityType | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated activitys Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "activityType": "string", "subject": null, "body": null, "occurredAt": null, "createdAt": "string", "appearanceIcon": null, "appearanceColor": null, "entityId": null, "authorUserId": null, "authorName": null, "authorEmail": null, "dealId": null, "dealTitle": null, "customValues": null, "activityTypeLabel": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/activities?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/activities` Create activity DEPRECATED (sunset 2026-06-30): Creates a timeline activity. Use POST /api/customers/interactions instead. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "00000000-0000-4000-8000-000000000000", "activityType": "string", "phoneNumber": null, "appearanceIcon": null, "appearanceColor": null } ``` ### Responses **201** – Activity created Content-Type: `application/json` ```json { "id": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/activities" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"00000000-0000-4000-8000-000000000000\", \"activityType\": \"string\", \"phoneNumber\": null, \"appearanceIcon\": null, \"appearanceColor\": null }" ``` ## PUT `/customers/activities` Update activity DEPRECATED (sunset 2026-06-30): Updates an activity. Use PUT /api/customers/interactions instead. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "phoneNumber": null, "appearanceIcon": null, "appearanceColor": null } ``` ### Responses **200** – Activity updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/activities" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\", \"phoneNumber\": null, \"appearanceIcon\": null, \"appearanceColor\": null }" ``` ## DELETE `/customers/addresses` Delete address Deletes an address by id. The identifier may be included in the body or query. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Address deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/addresses" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/addresses` List addresss Returns a paginated collection of addresss scoped to the authenticated organization. Requires features: customers.activities.view **Tags:** Customers **Requires authentication.** **Features:** customers.activities.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | entityId | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated addresss Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "entity_id": "00000000-0000-4000-8000-000000000000", "name": null, "purpose": null, "company_name": null, "address_line1": null, "address_line2": null, "building_number": null, "flat_number": null, "city": null, "region": null, "postal_code": null, "country": null, "latitude": null, "longitude": null, "is_primary": null, "organization_id": null, "tenant_id": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/addresses?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/addresses` Create address Creates a customer address record and associates it with the referenced entity. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "entityId": "00000000-0000-4000-8000-000000000000", "addressLine1": "string" } ``` ### Responses **201** – Address created Content-Type: `application/json` ```json { "id": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/addresses" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"entityId\": \"00000000-0000-4000-8000-000000000000\", \"addressLine1\": \"string\" }" ``` ## PUT `/customers/addresses` Update address Updates fields on an existing customer address. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Address updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/addresses" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/assignable-staff` List staff members that can be assigned from customer flows Returns active staff members linked to auth users. Access requires either customers.roles.manage or customers.activities.manage. Requires features: customers.roles.view **Tags:** Customers **Requires authentication.** **Features:** customers.roles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | ### Responses **200** – Assignable staff members Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "teamMemberId": "00000000-0000-4000-8000-000000000000", "userId": "00000000-0000-4000-8000-000000000000", "displayName": "string", "email": null, "teamName": null, "user": null, "team": null } ], "total": 1, "totalPages": 1 } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/assignable-staff?page=1&pageSize=24" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/customers/comments` Delete comment Deletes a comment identified by `id` supplied via body or query string. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Comment deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/comments" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/comments` List comments Returns a paginated collection of comments scoped to the authenticated organization. Requires features: customers.activities.view **Tags:** Customers **Requires authentication.** **Features:** customers.activities.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | entityId | query | any | Optional | | dealId | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated comments Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "entity_id": null, "deal_id": null, "body": null, "author_user_id": null, "appearance_icon": null, "appearance_color": null, "organization_id": null, "tenant_id": null, "created_at": null, "updated_at": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/comments?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/comments` Create comment Adds a comment to a customer timeline. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "entityId": "00000000-0000-4000-8000-000000000000", "body": "string", "appearanceIcon": null, "appearanceColor": null } ``` ### Responses **201** – Comment created Content-Type: `application/json` ```json { "id": null, "authorUserId": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/comments" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"entityId\": \"00000000-0000-4000-8000-000000000000\", \"body\": \"string\", \"appearanceIcon\": null, \"appearanceColor\": null }" ``` ## PUT `/customers/comments` Update comment Updates an existing timeline comment. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "appearanceIcon": null, "appearanceColor": null } ``` ### Responses **200** – Comment updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/comments" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\", \"appearanceIcon\": null, \"appearanceColor\": null }" ``` ## DELETE `/customers/companies` Delete company Deletes a company by id. The identifier can be provided via body or query. Requires features: customers.companies.manage **Tags:** Customers **Requires authentication.** **Features:** customers.companies.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Company deleted Content-Type: `application/json` ```json { "ok": true } ``` **422** – Company has dependent records (people, deals, or direct staff); unlink or reassign before delete. Content-Type: `application/json` ```json { "error": "string", "code": "COMPANY_HAS_DEPENDENTS" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/companies" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/companies` List companies Returns a paginated collection of companies scoped to the authenticated organization. Requires features: customers.companies.view **Tags:** Customers **Requires authentication.** **Features:** customers.companies.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | email | query | any | Optional | | emailStartsWith | query | any | Optional | | emailContains | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | status | query | any | Optional | | lifecycleStage | query | any | Optional | | source | query | any | Optional | | hasEmail | query | any | Optional | | hasPhone | query | any | Optional | | hasNextInteraction | query | any | Optional | | createdFrom | query | any | Optional | | createdTo | query | any | Optional | | id | query | any | Optional | | tagIds | query | any | Optional | | tagIdsEmpty | query | any | Optional | | excludeIds | query | any | Optional | | excludeLinkedPersonId | query | any | Optional | | excludeLinkedCompanyId | query | any | Optional | | excludeLinkedDealId | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated companies Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "description": null, "owner_user_id": null, "primary_email": null, "primary_phone": null, "status": null, "lifecycle_stage": null, "source": null, "next_interaction_at": null, "next_interaction_name": null, "next_interaction_ref_id": null, "next_interaction_icon": null, "next_interaction_color": null, "organization_id": null, "tenant_id": null, "created_at": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/companies?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/companies` Create company Creates a company record and associated profile data. Requires features: customers.companies.manage **Tags:** Customers **Requires authentication.** **Features:** customers.companies.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "displayName": "string", "nextInteraction": null } ``` ### Responses **201** – Company created Content-Type: `application/json` ```json { "id": null, "companyId": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/companies" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"displayName\": \"string\", \"nextInteraction\": null }" ``` ## PUT `/customers/companies` Update company Updates company profile fields, tags, or custom attributes. Requires features: customers.companies.manage **Tags:** Customers **Requires authentication.** **Features:** customers.companies.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "nextInteraction": null } ``` ### Responses **200** – Company updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/companies" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\", \"nextInteraction\": null }" ``` ## GET `/customers/companies/{id}` Fetch company with related data Returns a company customer record with optional related resources such as addresses, comments, activities, interactions, deals, todos, and linked people. Requires features: customers.companies.view **Tags:** Customers **Requires authentication.** **Features:** customers.companies.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | include | query | any | Optional. Comma-separated list of relations to include (addresses, comments, activities, interactions, deals, todos, people). | ### Responses **200** – Company detail payload Content-Type: `application/json` ```json { "interactionMode": "canonical", "company": { "id": "00000000-0000-4000-8000-000000000000", "displayName": null, "description": null, "ownerUserId": null, "primaryEmail": null, "primaryPhone": null, "status": null, "lifecycleStage": null, "source": null, "nextInteractionAt": null, "nextInteractionName": null, "nextInteractionRefId": null, "nextInteractionIcon": null, "nextInteractionColor": null, "organizationId": null, "tenantId": null, "createdAt": "string", "updatedAt": "string" }, "profile": null, "customFields": {}, "tags": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "color": null } ], "addresses": [ { "id": "00000000-0000-4000-8000-000000000000", "name": null, "purpose": null, "addressLine1": null, "addressLine2": null, "buildingNumber": null, "flatNumber": null, "city": null, "region": null, "postalCode": null, "country": null, "latitude": null, "longitude": null, "isPrimary": null, "createdAt": "string" } ], "comments": [ { "id": "00000000-0000-4000-8000-000000000000", "body": null, "authorUserId": null, "authorName": null, "authorEmail": null, "dealId": null, "createdAt": "string", "appearanceIcon": null, "appearanceColor": null } ], "activities": [ { "id": "00000000-0000-4000-8000-000000000000", "activityType": "string", "subject": null, "body": null, "occurredAt": null, "dealId": null, "authorUserId": null, "authorName": null, "authorEmail": null, "createdAt": "string", "appearanceIcon": null, "appearanceColor": null } ], "interactions": [ { "id": "00000000-0000-4000-8000-000000000000", "entityId": null, "interactionType": "string", "title": null, "body": null, "status": "string", "scheduledAt": null, "occurredAt": null, "priority": null, "authorUserId": null, "ownerUserId": null, "dealId": null, "organizationId": null, "tenantId": null, "authorName": null, "authorEmail": null, "dealTitle": null, "customValues": null, "appearanceIcon": null, "appearanceColor": null, "source": null, "createdAt": "string", "updatedAt": "string" } ], "deals": [ { "id": "00000000-0000-4000-8000-000000000000", "title": null, "status": null, "pipelineStage": null, "valueAmount": null, "valueCurrency": null, "probability": null, "expectedCloseAt": null, "ownerUserId": null, "source": null, "createdAt": "string", "updatedAt": "string" } ], "todos": [ { "id": "00000000-0000-4000-8000-000000000000", "todoId": "00000000-0000-4000-8000-000000000000", "todoSource": "string", "createdAt": "string", "createdByUserId": null, "title": null, "isDone": null, "priority": null, "severity": null, "description": null, "dueAt": null, "todoOrganizationId": null, "customValues": null } ], "people": [ { "id": "00000000-0000-4000-8000-000000000000", "displayName": null, "primaryEmail": null, "primaryPhone": null, "status": null, "lifecycleStage": null, "jobTitle": null, "department": null, "createdAt": "string", "organizationId": null, "source": null, "temperature": null, "linkedAt": null } ], "viewer": { "userId": null, "name": null, "email": null } } ``` **400** – Invalid identifier Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Company not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/companies/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/companies/{id}/people` List linked people for a company Requires features: customers.companies.view **Tags:** Customers **Requires authentication.** **Features:** customers.companies.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | sort | query | any | Optional | ### Responses **200** – Paginated linked people Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "displayName": "string", "primaryEmail": null, "primaryPhone": null, "status": null, "lifecycleStage": null, "jobTitle": null, "department": null, "createdAt": "string", "organizationId": null, "temperature": null, "source": null, "linkedAt": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/companies/:id/people?page=1&pageSize=20&sort=name-asc" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/customers/companies/{id}/roles` Remove a company role assignment Requires features: customers.roles.manage **Tags:** Customers **Requires authentication.** **Features:** customers.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | roleId | query | any | Required | ### Responses **200** – Role deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/companies/00000000-0000-4000-8000-000000000000/roles?roleId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/companies/{id}/roles` List roles for a company Requires features: customers.roles.view **Tags:** Customers **Requires authentication.** **Features:** customers.roles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Role assignments Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "entityType": "company", "entityId": "00000000-0000-4000-8000-000000000000", "userId": "00000000-0000-4000-8000-000000000000", "userName": null, "userEmail": null, "userPhone": null, "roleType": "string", "createdAt": "string", "updatedAt": "string" } ] } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/companies/00000000-0000-4000-8000-000000000000/roles" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/companies/{id}/roles` Assign a role to a company Requires features: customers.roles.manage **Tags:** Customers **Requires authentication.** **Features:** customers.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "roleType": "string", "userId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **201** – Role created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Role already assigned Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/companies/00000000-0000-4000-8000-000000000000/roles" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"roleType\": \"string\", \"userId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## PUT `/customers/companies/{id}/roles` Update a company role assignment Requires features: customers.roles.manage **Tags:** Customers **Requires authentication.** **Features:** customers.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | roleId | query | any | Required | ### Request Body Content-Type: `application/json` ```json { "userId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Role updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/companies/00000000-0000-4000-8000-000000000000/roles?roleId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"userId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/dashboard/widgets/customer-todos` Fetch recent customer tasks Returns the most recent customer tasks for display on dashboards, including legacy compatibility rows when needed. Requires features: dashboards.view, customers.widgets.todos **Tags:** Customers **Requires authentication.** **Features:** dashboards.view, customers.widgets.todos ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | limit | query | any | Optional | | tenantId | query | any | Optional | | organizationId | query | any | Optional | ### Responses **200** – Widget payload Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "todoId": "00000000-0000-4000-8000-000000000000", "todoSource": "string", "todoTitle": null, "createdAt": "string", "organizationId": null, "entity": { "id": null, "displayName": null, "kind": null, "ownerUserId": null } } ] } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Widget failed to load Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dashboard/widgets/customer-todos?limit=5" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/dashboard/widgets/new-customers` Fetch recently created customers Returns the latest customers created within the scoped tenant/organization for dashboard display. Requires features: dashboards.view, customers.widgets.new-customers **Tags:** Customers **Requires authentication.** **Features:** dashboards.view, customers.widgets.new-customers ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | limit | query | any | Optional | | tenantId | query | any | Optional | | organizationId | query | any | Optional | | kind | query | any | Optional | ### Responses **200** – Widget payload Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "displayName": null, "kind": null, "organizationId": null, "createdAt": "string", "ownerUserId": null } ] } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Widget failed to load Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dashboard/widgets/new-customers?limit=5" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/dashboard/widgets/new-deals` Fetch recently created deals Returns the latest deals created within the scoped tenant/organization for dashboard display. Requires features: dashboards.view, customers.widgets.new-deals **Tags:** Customers **Requires authentication.** **Features:** dashboards.view, customers.widgets.new-deals ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | limit | query | any | Optional | | tenantId | query | any | Optional | | organizationId | query | any | Optional | ### Responses **200** – Widget payload Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "title": null, "status": null, "organizationId": null, "createdAt": "string", "ownerUserId": null, "valueAmount": null, "valueCurrency": null } ] } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Widget failed to load Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dashboard/widgets/new-deals?limit=5" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/dashboard/widgets/next-interactions` Fetch upcoming customer interactions Lists upcoming (or optionally past) customer interaction reminders ordered by interaction date. Requires features: dashboards.view, customers.widgets.next-interactions **Tags:** Customers **Requires authentication.** **Features:** dashboards.view, customers.widgets.next-interactions ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | limit | query | any | Optional | | tenantId | query | any | Optional | | organizationId | query | any | Optional | | includePast | query | any | Optional | ### Responses **200** – Widget payload Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "displayName": null, "kind": null, "organizationId": null, "nextInteractionAt": null, "nextInteractionName": null, "nextInteractionIcon": null, "nextInteractionColor": null, "ownerUserId": null } ], "now": "string" } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Widget failed to load Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dashboard/widgets/next-interactions?limit=5" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/customers/deals` Delete deal Deletes a deal by `id`. The identifier may be provided in the body or query parameters. Requires features: customers.deals.manage **Tags:** Customers **Requires authentication.** **Features:** customers.deals.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Deal deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/deals" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/deals` List deals Returns a paginated collection of deals scoped to the authenticated organization. Requires features: customers.deals.view **Tags:** Customers **Requires authentication.** **Features:** customers.deals.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | status | query | any | Optional | | pipelineStage | query | any | Optional | | pipelineId | query | any | Optional | | pipelineStageId | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | personEntityId | query | any | Optional | | companyEntityId | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated deals Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "title": null, "description": null, "status": null, "pipeline_stage": null, "pipeline_id": null, "pipeline_stage_id": null, "value_amount": null, "value_currency": null, "probability": null, "expected_close_at": null, "owner_user_id": null, "source": null, "organization_id": null, "tenant_id": null, "created_at": null, "updated_at": null, "organizationId": null, "tenantId": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/deals?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/deals` Create deal Creates a sales deal, optionally associating people and companies. Requires features: customers.deals.manage **Tags:** Customers **Requires authentication.** **Features:** customers.deals.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "title": "string" } ``` ### Responses **201** – Deal created Content-Type: `application/json` ```json { "id": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/deals" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"title\": \"string\" }" ``` ## PUT `/customers/deals` Update deal Updates pipeline position, metadata, or associations for an existing deal. Requires features: customers.deals.manage **Tags:** Customers **Requires authentication.** **Features:** customers.deals.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Deal updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/deals" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/deals/{id}` Fetch deal with associations and pipeline context Returns a deal with linked people, companies, closure fields, optional pipeline history, custom fields, and viewer context. Requires features: customers.deals.view **Tags:** Customers **Requires authentication.** **Features:** customers.deals.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | include | query | any | Optional | ### Responses **200** – Deal detail payload Content-Type: `application/json` ```json { "deal": { "id": "00000000-0000-4000-8000-000000000000", "title": null, "description": null, "status": null, "pipelineStage": null, "pipelineId": null, "pipelineStageId": null, "valueAmount": null, "valueCurrency": null, "probability": null, "expectedCloseAt": null, "ownerUserId": null, "source": null, "closureOutcome": null, "lossReasonId": null, "lossNotes": null, "organizationId": null, "tenantId": null, "createdAt": "string", "updatedAt": "string" }, "people": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "subtitle": null, "kind": "person" } ], "companies": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "subtitle": null, "kind": "company" } ], "customFields": {}, "viewer": { "userId": null, "name": null, "email": null }, "pipelineStages": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "order": 1, "color": null, "icon": null } ], "stageTransitions": [ { "stageId": "00000000-0000-4000-8000-000000000000", "stageLabel": "string", "stageOrder": 1, "transitionedAt": "string" } ], "owner": null } ``` **404** – Deal not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/deals/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/deals/{id}/companies` List linked companies for a deal Requires features: customers.deals.view **Tags:** Customers **Requires authentication.** **Features:** customers.deals.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | sort | query | any | Optional | ### Responses **200** – Paginated linked companies Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "subtitle": null, "kind": "company", "linkedAt": "string" } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/deals/:id/companies?page=1&pageSize=20&sort=label-asc" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/deals/{id}/people` List linked people for a deal Requires features: customers.deals.view **Tags:** Customers **Requires authentication.** **Features:** customers.deals.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | sort | query | any | Optional | ### Responses **200** – Paginated linked people Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "subtitle": null, "kind": "person", "linkedAt": "string" } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/deals/:id/people?page=1&pageSize=20&sort=label-asc" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/deals/{id}/stats` Fetch analytics for a closed deal Returns week-to-date closure counts, sales cycle length, quarter ranking, and loss reason context for a closed deal. Requires features: customers.deals.view **Tags:** Customers **Requires authentication.** **Features:** customers.deals.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Deal closure stats payload Content-Type: `application/json` ```json { "dealValue": null, "dealCurrency": null, "closureOutcome": "won", "closedAt": "string", "pipelineName": null, "dealsClosedThisPeriod": 1, "salesCycleDays": null, "dealRankInQuarter": null, "lossReason": null } ``` **400** – Deal is not closed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Deal not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/deals/:id/stats" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/dictionaries/{kind}` List dictionary entries Returns dictionary entries for the requested kind within the currently selected organization. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | kind | path | any | Required | ### Responses **200** – Dictionary entries Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": null, "color": null, "icon": null, "organizationId": null } ] } ``` **400** – Failed to resolve dictionary context Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dictionaries/:kind" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/dictionaries/{kind}` Create or override dictionary entry Creates a dictionary entry (or updates the existing entry for the same value) within the current organization scope. Requires features: customers.settings.manage **Tags:** Customers **Requires authentication.** **Features:** customers.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | kind | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "value": "string" } ``` ### Responses **200** – Dictionary entry updated Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": null, "color": null, "icon": null, "organizationId": null } ``` **201** – Dictionary entry created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": null, "color": null, "icon": null, "organizationId": null } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Duplicate value conflict Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/dictionaries/:kind" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"value\": \"string\" }" ``` ## DELETE `/customers/dictionaries/{kind}/{id}` Delete dictionary entry Removes a customer dictionary entry by identifier. Requires features: customers.settings.manage **Tags:** Customers **Requires authentication.** **Features:** customers.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | kind | path | any | Required | | id | path | any | Required | ### Responses **200** – Entry deleted Content-Type: `application/json` ```json { "success": true } ``` **404** – Entry not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Entry is in use and cannot be deleted Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/dictionaries/:kind/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PATCH `/customers/dictionaries/{kind}/{id}` Update dictionary entry Updates value, label, color, or icon for an existing customer dictionary entry. Requires features: customers.settings.manage **Tags:** Customers **Requires authentication.** **Features:** customers.settings.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | kind | path | any | Required | | id | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Updated dictionary entry Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": null, "color": null, "icon": null, "organizationId": null } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Entry not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Duplicate value conflict Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/customers/dictionaries/:kind/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## GET `/customers/dictionaries/currency` Resolve currency dictionary Returns the active currency dictionary for the current organization scope, falling back to shared entries when required. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Responses **200** – Currency dictionary entries Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "entries": [ { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": null } ] } ``` **404** – Currency dictionary missing Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Unexpected error Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dictionaries/currency" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/dictionaries/kind-settings` List kind settings Returns selection mode and visibility settings for each dictionary kind. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Responses **200** – Kind settings Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "kind": "string", "selectionMode": "single", "visibleInTags": true, "sortOrder": 1 } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/dictionaries/kind-settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PATCH `/customers/dictionaries/kind-settings` Update kind setting Creates or updates settings for a specific dictionary kind. Requires features: customers.settings.manage **Tags:** Customers **Requires authentication.** **Features:** customers.settings.manage ### Request Body Content-Type: `application/json` ```json { "kind": "string" } ``` ### Responses **200** – Setting updated Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "kind": "string", "selectionMode": "single", "visibleInTags": true, "sortOrder": 1 } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/customers/dictionaries/kind-settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"kind\": \"string\" }" ``` ## DELETE `/customers/interactions` Delete interaction Soft-deletes an interaction identified by `id`. Accepts id via body or query string. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Interaction deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/interactions" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/interactions` List interactions Returns a paginated collection of interactions scoped to the authenticated organization. Requires features: customers.interactions.view **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | limit | query | any | Optional | | cursor | query | any | Optional | | entityId | query | any | Optional | | dealId | query | any | Optional | | status | query | any | Optional | | interactionType | query | any | Optional | | type | query | any | Optional | | excludeInteractionType | query | any | Optional | | search | query | any | Optional | | from | query | any | Optional | | to | query | any | Optional | | pinned | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated interactions Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "entityId": null, "dealId": null, "interactionType": "string", "title": null, "body": null, "status": "string", "scheduledAt": null, "occurredAt": null, "priority": null, "authorUserId": null, "ownerUserId": null, "appearanceIcon": null, "appearanceColor": null, "source": null, "duration": null, "durationMinutes": null, "location": null, "allDay": null, "recurrenceRule": null, "recurrenceEnd": null, "participants": null, "reminderMinutes": null, "visibility": null, "linkedEntities": null, "guestPermissions": null, "organizationId": null, "tenantId": null, "createdAt": null, "updatedAt": null, "authorName": null, "authorEmail": null, "dealTitle": null, "customValues": null } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/interactions?limit=25" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/interactions` Create interaction Creates a new interaction linked to a customer entity or deal. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` No example available for this content type. ### Responses **201** – Interaction created Content-Type: `application/json` ```json { "id": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/interactions" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/customers/interactions` Update interaction Updates fields for an existing interaction. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` No example available for this content type. ### Responses **200** – Interaction updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/interactions" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/interactions/cancel` Cancel an interaction Marks an interaction as canceled. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Interaction canceled Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Interaction not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/interactions/cancel" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/customers/interactions/complete` Complete an interaction Marks an interaction as done and sets occurredAt to current time (or a provided timestamp). Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Interaction completed Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Interaction not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/interactions/complete" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/interactions/conflicts` Detect scheduling conflicts Checks for overlapping planned interactions within the requested time window. Requires features: customers.interactions.view **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | date | query | any | Required | | startTime | query | any | Required | | duration | query | any | Required | | excludeId | query | any | Optional | | userId | query | any | Optional | | timezoneOffsetMinutes | query | any | Optional | ### Responses **200** – Conflict detection result Content-Type: `application/json` ```json { "ok": true, "result": { "hasConflicts": true, "conflicts": [ { "id": "string", "title": null, "startTime": "string", "endTime": "string", "type": "string" } ] } } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/interactions/conflicts?date=string&startTime=string&duration=1" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/interactions/counts` Get interaction counts by type Returns per-type interaction counts scoped to an entity. Requires features: customers.interactions.view **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Required | | status | query | any | Optional | ### Responses **200** – Counts by interaction type Content-Type: `application/json` ```json { "ok": true, "result": { "call": 1, "email": 1, "meeting": 1, "note": 1, "task": 1, "total": 1 } } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/interactions/counts?entityId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/interactions/tasks` List customertasks Returns a paginated collection of customertasks scoped to the authenticated organization. Requires features: customers.interactions.view **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | all | query | any | Optional | | entityId | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated customertasks Content-Type: `application/json` ```json { "items": [ { "id": "string", "todoId": "string", "todoSource": "string", "todoTitle": null, "todoIsDone": null, "todoPriority": null, "todoSeverity": null, "todoDescription": null, "todoDueAt": null, "todoCustomValues": null, "todoOrganizationId": null, "organizationId": "string", "tenantId": "string", "createdAt": "string", "externalHref": null, "customer": { "id": null, "displayName": null, "kind": null } } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/interactions/tasks?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/labels` List labels Returns labels for the current user within the selected organization. Optionally includes assignment status for a specific entity. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Responses **200** – Labels list Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "slug": "string", "label": "string" } ], "assignedIds": [ "00000000-0000-4000-8000-000000000000" ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/labels" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/labels` Create label Creates a new label scoped to the current user and selected organization. Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Request Body Content-Type: `application/json` ```json { "label": "string" } ``` ### Responses **201** – Label created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "slug": "string", "label": "string" } ``` **409** – Duplicate slug Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/labels" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"label\": \"string\" }" ``` ## POST `/customers/labels/assign` Assign label **Tags:** Customers **Requires authentication.** ### Request Body Content-Type: `application/json` ```json { "labelId": "00000000-0000-4000-8000-000000000000", "entityId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Already assigned Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **201** – Assigned Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **404** – Label or entity not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/labels/assign" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"labelId\": \"00000000-0000-4000-8000-000000000000\", \"entityId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/customers/labels/unassign` Unassign label **Tags:** Customers **Requires authentication.** ### Request Body Content-Type: `application/json` ```json { "labelId": "00000000-0000-4000-8000-000000000000", "entityId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Unassigned Content-Type: `application/json` ```json { "id": null } ``` **404** – Label or entity not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/labels/unassign" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"labelId\": \"00000000-0000-4000-8000-000000000000\", \"entityId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## DELETE `/customers/people` Delete person Deletes a person by id. Request body or query may provide the identifier. Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Person deleted Content-Type: `application/json` ```json { "ok": true } ``` **422** – Person has dependent records (e.g. linked deals); unlink or reassign before delete. Content-Type: `application/json` ```json { "error": "string", "code": "PERSON_HAS_DEPENDENTS" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/people" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/people` List people Returns a paginated collection of people scoped to the authenticated organization. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | email | query | any | Optional | | emailStartsWith | query | any | Optional | | emailContains | query | any | Optional | | status | query | any | Optional | | lifecycleStage | query | any | Optional | | source | query | any | Optional | | hasEmail | query | any | Optional | | hasPhone | query | any | Optional | | hasNextInteraction | query | any | Optional | | createdFrom | query | any | Optional | | createdTo | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | id | query | any | Optional | | tagIds | query | any | Optional | | tagIdsEmpty | query | any | Optional | | excludeIds | query | any | Optional | | excludeLinkedCompanyId | query | any | Optional | | excludeLinkedDealId | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated people Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "description": null, "owner_user_id": null, "primary_email": null, "primary_phone": null, "status": null, "lifecycle_stage": null, "source": null, "next_interaction_at": null, "next_interaction_name": null, "next_interaction_ref_id": null, "next_interaction_icon": null, "next_interaction_color": null, "organization_id": null, "tenant_id": null, "created_at": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/people?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/people` Create person Creates a person contact using scoped organization and tenant identifiers. Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "nextInteraction": null, "firstName": "string", "lastName": "string", "companyEntityId": null } ``` ### Responses **201** – Person created Content-Type: `application/json` ```json { "id": null, "personId": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/people" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"nextInteraction\": null, \"firstName\": \"string\", \"lastName\": \"string\", \"companyEntityId\": null }" ``` ## PUT `/customers/people` Update person Updates contact details or custom fields for a person. Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "nextInteraction": null, "companyEntityId": null } ``` ### Responses **200** – Person updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/people" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\", \"nextInteraction\": null, \"companyEntityId\": null }" ``` ## GET `/customers/people/{id}` Fetch person with related data Returns a person customer record with optional related resources such as addresses, comments, activities, interactions, deals, and todos. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | include | query | any | Optional. Comma-separated list of relations to include (addresses, comments, activities, interactions, deals, todos). | ### Responses **200** – Person detail payload Content-Type: `application/json` ```json { "interactionMode": "canonical", "person": { "id": "00000000-0000-4000-8000-000000000000", "displayName": null, "description": null, "ownerUserId": null, "primaryEmail": null, "primaryPhone": null, "status": null, "lifecycleStage": null, "source": null, "nextInteractionAt": null, "nextInteractionName": null, "nextInteractionRefId": null, "nextInteractionIcon": null, "nextInteractionColor": null, "organizationId": null, "tenantId": null, "createdAt": "string", "updatedAt": "string" }, "profile": null, "customFields": {}, "tags": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "color": null } ], "addresses": [ { "id": "00000000-0000-4000-8000-000000000000", "name": null, "purpose": null, "addressLine1": null, "addressLine2": null, "buildingNumber": null, "flatNumber": null, "city": null, "region": null, "postalCode": null, "country": null, "latitude": null, "longitude": null, "isPrimary": null, "createdAt": "string" } ], "comments": [ { "id": "00000000-0000-4000-8000-000000000000", "body": null, "authorUserId": null, "authorName": null, "authorEmail": null, "dealId": null, "createdAt": "string", "appearanceIcon": null, "appearanceColor": null } ], "activities": [ { "id": "00000000-0000-4000-8000-000000000000", "activityType": "string", "subject": null, "body": null, "occurredAt": null, "dealId": null, "authorUserId": null, "authorName": null, "authorEmail": null, "createdAt": "string", "appearanceIcon": null, "appearanceColor": null } ], "interactions": [ { "id": "00000000-0000-4000-8000-000000000000", "entityId": null, "interactionType": "string", "title": null, "body": null, "status": "string", "scheduledAt": null, "occurredAt": null, "priority": null, "authorUserId": null, "ownerUserId": null, "dealId": null, "organizationId": null, "tenantId": null, "authorName": null, "authorEmail": null, "dealTitle": null, "customValues": null, "appearanceIcon": null, "appearanceColor": null, "source": null, "createdAt": "string", "updatedAt": "string" } ], "deals": [ { "id": "00000000-0000-4000-8000-000000000000", "title": null, "status": null, "pipelineStage": null, "valueAmount": null, "valueCurrency": null, "probability": null, "expectedCloseAt": null, "ownerUserId": null, "source": null, "closureOutcome": null, "lossReasonId": null, "lossNotes": null, "createdAt": "string", "updatedAt": "string" } ], "todos": [ { "id": "00000000-0000-4000-8000-000000000000", "todoId": "00000000-0000-4000-8000-000000000000", "todoSource": "string", "createdAt": "string", "createdByUserId": null, "title": null, "isDone": null, "priority": null, "severity": null, "description": null, "dueAt": null, "todoOrganizationId": null, "customValues": null } ], "isPrimary": true, "companies": [ { "id": "00000000-0000-4000-8000-000000000000", "displayName": "string", "isPrimary": true } ], "viewer": { "userId": null, "name": null, "email": null } } ``` **400** – Invalid identifier Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Person not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/people/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/people/{id}/companies` List linked companies for a person Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Linked company rows Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "companyId": "00000000-0000-4000-8000-000000000000", "displayName": "string", "isPrimary": true } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/people/:id/companies" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/people/{id}/companies` Link a company to a person Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "companyId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Linked company row Content-Type: `application/json` ```json { "ok": true, "result": { "id": "00000000-0000-4000-8000-000000000000", "companyId": "00000000-0000-4000-8000-000000000000", "displayName": "string", "isPrimary": true } } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/people/:id/companies" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"companyId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## DELETE `/customers/people/{id}/companies/{linkId}` Remove a linked company from a person Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | linkId | path | any | Required | ### Responses **200** – Deletion result Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/people/:id/companies/:linkId" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PATCH `/customers/people/{id}/companies/{linkId}` Update a linked company for a person Requires features: customers.people.manage **Tags:** Customers **Requires authentication.** **Features:** customers.people.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | linkId | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Updated company link Content-Type: `application/json` ```json { "ok": true, "result": null } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/customers/people/:id/companies/:linkId" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## GET `/customers/people/{id}/companies/enriched` Get enriched company data for a person's linked companies Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | sort | query | any | Optional | ### Responses **200** – Enriched company rows with profile, billing, tags, deals and more Content-Type: `application/json` ```json { "items": [ { "linkId": "00000000-0000-4000-8000-000000000000", "companyId": "00000000-0000-4000-8000-000000000000", "displayName": "string", "isPrimary": true, "subtitle": null, "profile": null, "billing": null, "primaryAddress": null, "tags": [ { "id": "00000000-0000-4000-8000-000000000000", "label": "string", "color": null } ], "roles": [ { "id": "00000000-0000-4000-8000-000000000000", "roleValue": "string" } ], "activeDeal": null, "lastContactAt": null, "clv": null, "status": null, "lifecycleStage": null, "temperature": null, "renewalQuarter": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/people/:id/companies/enriched?page=1&pageSize=20&sort=name-asc" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/customers/people/{id}/roles` Remove a person role assignment Requires features: customers.roles.manage **Tags:** Customers **Requires authentication.** **Features:** customers.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | roleId | query | any | Required | ### Responses **200** – Role deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/people/00000000-0000-4000-8000-000000000000/roles?roleId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/customers/people/{id}/roles` List roles for a person Requires features: customers.roles.view **Tags:** Customers **Requires authentication.** **Features:** customers.roles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Role assignments Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "entityType": "company", "entityId": "00000000-0000-4000-8000-000000000000", "userId": "00000000-0000-4000-8000-000000000000", "userName": null, "userEmail": null, "userPhone": null, "roleType": "string", "createdAt": "string", "updatedAt": "string" } ] } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/people/00000000-0000-4000-8000-000000000000/roles" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/people/{id}/roles` Assign a role to a person Requires features: customers.roles.manage **Tags:** Customers **Requires authentication.** **Features:** customers.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "roleType": "string", "userId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **201** – Role created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Role already assigned Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/people/00000000-0000-4000-8000-000000000000/roles" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"roleType\": \"string\", \"userId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## PUT `/customers/people/{id}/roles` Update a person role assignment Requires features: customers.roles.manage **Tags:** Customers **Requires authentication.** **Features:** customers.roles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | | roleId | query | any | Required | ### Request Body Content-Type: `application/json` ```json { "userId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Role updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Role not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/people/00000000-0000-4000-8000-000000000000/roles?roleId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"userId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/people/check-phone` Find person by phone digits Performs an exact digits comparison (stripping non-numeric characters) to determine whether a customer contact matches the provided phone fragment. Requires features: customers.people.view **Tags:** Customers **Requires authentication.** **Features:** customers.people.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | digits | query | any | Required | ### Responses **200** – Matching contact (if any) Content-Type: `application/json` ```json { "match": null } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/people/check-phone" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/customers/pipeline-stages` Delete pipeline stage Deletes a pipeline stage. Returns 409 if active deals use this stage. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Stage deleted Content-Type: `application/json` ```json { "ok": true } ``` **404** – Stage not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Stage has active deals Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/pipeline-stages" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/pipeline-stages` List pipeline stages Returns pipeline stages for the authenticated organization, optionally filtered by pipelineId. Requires features: customers.pipelines.view **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | pipelineId | query | any | Optional | ### Responses **200** – Stage list Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "pipelineId": "00000000-0000-4000-8000-000000000000", "label": "string", "order": 1, "color": null, "icon": null, "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "createdAt": "2025-01-01T00:00:00.000Z", "updatedAt": "2025-01-01T00:00:00.000Z" } ], "total": 1 } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/pipeline-stages" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/pipeline-stages` Create pipeline stage Creates a new pipeline stage. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "pipelineId": "00000000-0000-4000-8000-000000000000", "label": "string" } ``` ### Responses **201** – Stage created Content-Type: `application/json` ```json { "id": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/pipeline-stages" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"pipelineId\": \"00000000-0000-4000-8000-000000000000\", \"label\": \"string\" }" ``` ## PUT `/customers/pipeline-stages` Update pipeline stage Updates an existing pipeline stage. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Stage updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Stage not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/pipeline-stages" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/customers/pipeline-stages/reorder` Reorder pipeline stages Updates the order of pipeline stages in bulk. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "stages": [ { "id": "00000000-0000-4000-8000-000000000000", "order": 1 } ] } ``` ### Responses **200** – Stages reordered Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/pipeline-stages/reorder" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"stages\": [ { \"id\": \"00000000-0000-4000-8000-000000000000\", \"order\": 1 } ] }" ``` ## DELETE `/customers/pipelines` Delete pipeline Deletes a pipeline. Returns 409 if active deals exist. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Pipeline deleted Content-Type: `application/json` ```json { "ok": true } ``` **404** – Pipeline not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Pipeline has active deals Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/pipelines" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/pipelines` List pipelines Returns a list of pipelines scoped to the authenticated organization. Requires features: customers.pipelines.view **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | isDefault | query | any | Optional | ### Responses **200** – Pipeline list Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isDefault": true, "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "createdAt": "2025-01-01T00:00:00.000Z", "updatedAt": "2025-01-01T00:00:00.000Z" } ], "total": 1 } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/pipelines" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/pipelines` Create pipeline Creates a new pipeline within the authenticated organization. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "name": "string" } ``` ### Responses **201** – Pipeline created Content-Type: `application/json` ```json { "id": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/pipelines" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"name\": \"string\" }" ``` ## PUT `/customers/pipelines` Update pipeline Updates an existing pipeline. Requires features: customers.pipelines.manage **Tags:** Customers **Requires authentication.** **Features:** customers.pipelines.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Pipeline updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Pipeline not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/pipelines" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/settings/address-format` Retrieve address format Returns the current address formatting preference for the selected organization. Requires features: customers.settings.manage **Tags:** Customers **Requires authentication.** **Features:** customers.settings.manage ### Responses **200** – Current address format Content-Type: `application/json` ```json { "addressFormat": "string" } ``` **400** – Organization context missing Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/settings/address-format" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/customers/settings/address-format` Update address format Updates the address format preference for the selected organization. Requires features: customers.settings.manage **Tags:** Customers **Requires authentication.** **Features:** customers.settings.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "addressFormat": "line_first" } ``` ### Responses **200** – Updated address format Content-Type: `application/json` ```json { "addressFormat": "string" } ``` **400** – Invalid payload or organization context Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/settings/address-format" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"addressFormat\": \"line_first\" }" ``` ## DELETE `/customers/tags` Delete tag Deletes a tag identified by `id`. The identifier may be provided via body or query string. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Tag deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/tags" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/tags` List tags Returns a paginated collection of tags scoped to the authenticated organization. Requires features: customers.activities.view **Tags:** Customers **Requires authentication.** **Features:** customers.activities.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated tags Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "slug": "string", "label": "string", "color": null, "description": null, "organization_id": null, "tenant_id": null } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/tags?page=1&pageSize=100" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/tags` Create tag Creates a tag scoped to the current tenant and organization. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "slug": "string", "label": "string" } ``` ### Responses **201** – Tag created Content-Type: `application/json` ```json { "id": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/tags" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"slug\": \"string\", \"label\": \"string\" }" ``` ## PUT `/customers/tags` Update tag Updates label, color, or description for an existing tag. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Tag updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/tags" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/customers/tags/assign` Assign tag to customer entity Links a tag to a customer entity within the validated tenant / organization scope. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "tagId": "00000000-0000-4000-8000-000000000000", "entityId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **201** – Tag assigned to customer Content-Type: `application/json` ```json { "id": null } ``` **400** – Validation or assignment failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/tags/assign" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"tagId\": \"00000000-0000-4000-8000-000000000000\", \"entityId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/customers/tags/unassign` Remove tag from customer entity Detaches a tag from a customer entity within the validated tenant / organization scope. Requires features: customers.activities.manage **Tags:** Customers **Requires authentication.** **Features:** customers.activities.manage ### Request Body Content-Type: `application/json` ```json { "organizationId": "00000000-0000-4000-8000-000000000000", "tenantId": "00000000-0000-4000-8000-000000000000", "tagId": "00000000-0000-4000-8000-000000000000", "entityId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Tag unassigned from customer Content-Type: `application/json` ```json { "id": null } ``` **400** – Validation or unassignment failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/tags/unassign" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"organizationId\": \"00000000-0000-4000-8000-000000000000\", \"tenantId\": \"00000000-0000-4000-8000-000000000000\", \"tagId\": \"00000000-0000-4000-8000-000000000000\", \"entityId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## DELETE `/customers/todos` Delete customertodo DEPRECATED (sunset 2026-06-30): Deletes a customer task. Use DELETE /api/customers/interactions instead. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – CustomerTodo deleted Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/customers/todos" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/customers/todos` List customertodos Returns a paginated collection of customertodos scoped to the authenticated organization. Requires features: customers.view **Tags:** Customers **Requires authentication.** **Features:** customers.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | all | query | any | Optional | | entityId | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated customertodos Content-Type: `application/json` ```json { "items": [ { "id": "string", "todoId": "string", "todoSource": "string", "todoTitle": null, "todoIsDone": null, "todoPriority": null, "todoSeverity": null, "todoDescription": null, "todoDueAt": null, "todoCustomValues": null, "todoOrganizationId": null, "organizationId": "string", "tenantId": "string", "createdAt": "string", "externalHref": null, "customer": { "id": null, "displayName": null, "kind": null } } ], "total": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/customers/todos?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/customers/todos` Create customertodo DEPRECATED (sunset 2026-06-30): Creates a customer task. Use POST /api/customers/interactions instead. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "00000000-0000-4000-8000-000000000000", "title": "string", "todoSource": "customers:interaction" } ``` ### Responses **201** – CustomerTodo created Content-Type: `application/json` ```json { "linkId": null, "todoId": null } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/customers/todos" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"00000000-0000-4000-8000-000000000000\", \"title\": \"string\", \"todoSource\": \"customers:interaction\" }" ``` ## PUT `/customers/todos` Update customertodo DEPRECATED (sunset 2026-06-30): Updates a customer task. Use PUT /api/customers/interactions instead. Requires features: customers.interactions.manage **Tags:** Customers **Requires authentication.** **Features:** customers.interactions.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – CustomerTodo updated Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/customers/todos" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/dashboards/layout` Load the current dashboard layout Returns the saved widget layout together with the widgets the current user is allowed to place. Requires features: dashboards.view **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.view ### Responses **200** – Current dashboard layout and available widgets. Content-Type: `application/json` ```json { "layout": { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "widgetId": "string", "order": 1 } ] }, "allowedWidgetIds": [ "string" ], "canConfigure": true, "context": { "userId": "00000000-0000-4000-8000-000000000000", "tenantId": null, "organizationId": null, "userName": null, "userEmail": null, "userLabel": "string" }, "widgets": [ { "id": "string", "title": "string", "description": null, "defaultSize": "sm", "defaultEnabled": true, "defaultSettings": null, "features": [ "string" ], "moduleId": "string", "icon": null, "loaderKey": "string", "supportsRefresh": true } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dashboards/layout" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/dashboards/layout` Persist dashboard layout changes Saves the provided widget ordering, sizes, and settings for the current user. Requires features: dashboards.configure **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.configure ### Request Body Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "widgetId": "string", "order": 1 } ] } ``` ### Responses **200** – Layout updated successfully. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid layout payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/dashboards/layout" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"items\": [ { \"id\": \"00000000-0000-4000-8000-000000000000\", \"widgetId\": \"string\", \"order\": 1 } ] }" ``` ## PATCH `/dashboards/layout/{itemId}` Update a dashboard layout item Adjusts the size or settings for a single widget within the dashboard layout. Requires features: dashboards.configure **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.configure ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | itemId | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Layout item updated. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Invalid payload or missing item id Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Item not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/dashboards/layout/00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## GET `/dashboards/roles/widgets` Fetch widget assignments for a role Returns the widgets explicitly assigned to the given role together with the evaluation scope. Requires features: dashboards.admin.assign-widgets **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.admin.assign-widgets ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | roleId | query | any | Required | | tenantId | query | any | Optional | | organizationId | query | any | Optional | ### Responses **200** – Current widget configuration for the role. Content-Type: `application/json` ```json { "widgetIds": [ "string" ], "hasCustom": true, "scope": { "tenantId": null, "organizationId": null } } ``` **400** – Missing role identifier Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dashboards/roles/widgets?roleId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/dashboards/roles/widgets` Update widgets assigned to a role Persists the widget list for a role within the provided tenant and organization scope. Requires features: dashboards.admin.assign-widgets **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.admin.assign-widgets ### Request Body Content-Type: `application/json` ```json { "roleId": "00000000-0000-4000-8000-000000000000", "widgetIds": [ "string" ] } ``` ### Responses **200** – Widgets updated successfully. Content-Type: `application/json` ```json { "ok": true, "widgetIds": [ "string" ] } ``` **400** – Invalid payload or unknown widgets Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/dashboards/roles/widgets" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"roleId\": \"00000000-0000-4000-8000-000000000000\", \"widgetIds\": [ \"string\" ] }" ``` ## GET `/dashboards/users/widgets` Read widget overrides for a user Returns the widgets inherited and explicitly configured for the requested user within the current scope. Requires features: dashboards.admin.assign-widgets **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.admin.assign-widgets ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | userId | query | any | Required | | tenantId | query | any | Optional | | organizationId | query | any | Optional | ### Responses **200** – Widget settings for the user. Content-Type: `application/json` ```json { "mode": "inherit", "widgetIds": [ "string" ], "hasCustom": true, "effectiveWidgetIds": [ "string" ], "scope": { "tenantId": null, "organizationId": null } } ``` **400** – Missing user identifier Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dashboards/users/widgets?userId=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/dashboards/users/widgets` Update user-specific dashboard widgets Sets the widget override mode and allowed widgets for a user. Passing `mode: inherit` clears overrides. Requires features: dashboards.admin.assign-widgets **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.admin.assign-widgets ### Request Body Content-Type: `application/json` ```json { "userId": "00000000-0000-4000-8000-000000000000", "mode": "inherit", "widgetIds": [ "string" ] } ``` ### Responses **200** – Overrides saved. Content-Type: `application/json` ```json { "ok": true, "mode": "inherit", "widgetIds": [ "string" ] } ``` **400** – Invalid payload or unknown widgets Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/dashboards/users/widgets" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"userId\": \"00000000-0000-4000-8000-000000000000\", \"mode\": \"inherit\", \"widgetIds\": [ \"string\" ] }" ``` ## GET `/dashboards/widgets/catalog` List available dashboard widgets Returns the catalog of widgets that modules expose, including defaults and feature requirements. Requires features: dashboards.admin.assign-widgets **Tags:** Dashboards **Requires authentication.** **Features:** dashboards.admin.assign-widgets ### Responses **200** – Widgets available for assignment. Content-Type: `application/json` ```json { "items": [ { "id": "string", "title": "string", "description": null, "defaultSize": "sm", "defaultEnabled": true, "defaultSettings": null, "features": [ "string" ], "moduleId": "string", "icon": null, "loaderKey": "string", "supportsRefresh": true } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dashboards/widgets/catalog" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/dashboards/widgets/data` Fetch aggregated data for dashboard widgets Executes an aggregation query against the specified entity type and returns the result. Supports date range filtering, grouping, and period-over-period comparison. Requires features: analytics.view **Tags:** Dashboards **Requires authentication.** **Features:** analytics.view ### Request Body Content-Type: `application/json` ```json { "entityType": "string", "metric": { "field": "string", "aggregate": "count" } } ``` ### Responses **200** – Aggregated data for the widget. Content-Type: `application/json` ```json { "value": null, "data": [ { "value": null } ], "metadata": { "fetchedAt": "string", "recordCount": 1 } } ``` **400** – Invalid request payload Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Internal server error Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/dashboards/widgets/data" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityType\": \"string\", \"metric\": { \"field\": \"string\", \"aggregate\": \"count\" } }" ``` ## GET `/dictionaries` List dictionaries Returns dictionaries accessible to the current organization, optionally including inactive records. Requires features: dictionaries.view **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | includeInactive | query | any | Optional | ### Responses **200** – Dictionary collection. Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "key": "string", "name": "string", "description": null, "isSystem": true, "isActive": true, "managerVisibility": null, "organizationId": null, "createdAt": "string", "updatedAt": null } ] } ``` **500** – Failed to load dictionaries Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dictionaries" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/dictionaries` Create dictionary Registers a dictionary scoped to the current organization. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Request Body Content-Type: `application/json` ```json { "key": "string", "name": "string" } ``` ### Responses **201** – Dictionary created. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "key": "string", "name": "string", "description": null, "isSystem": true, "isActive": true, "managerVisibility": null, "organizationId": null, "createdAt": "string", "updatedAt": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Dictionary key already exists Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to create dictionary Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/dictionaries" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"key\": \"string\", \"name\": \"string\" }" ``` ## DELETE `/dictionaries/{dictionaryId}` Delete dictionary Soft deletes the dictionary unless it is the protected currency dictionary. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Responses **200** – Dictionary archived. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Protected dictionary cannot be deleted Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to delete dictionary Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/dictionaries/{dictionaryId}` Get dictionary Returns details for the specified dictionary, including inheritance flags. Requires features: dictionaries.view **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Responses **200** – Dictionary details. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "key": "string", "name": "string", "description": null, "isSystem": true, "isActive": true, "managerVisibility": null, "organizationId": null, "createdAt": "string", "updatedAt": null } ``` **400** – Invalid parameters Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to load dictionary Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PATCH `/dictionaries/{dictionaryId}` Update dictionary Updates mutable attributes of the dictionary. Currency dictionaries are protected from modification. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Request Body Content-Type: `application/json` ```json {} ``` ### Responses **200** – Dictionary updated. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "key": "string", "name": "string", "description": null, "isSystem": true, "isActive": true, "managerVisibility": null, "organizationId": null, "createdAt": "string", "updatedAt": null } ``` **400** – Validation failed or protected dictionary Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary not found Content-Type: `application/json` ```json { "error": "string" } ``` **409** – Dictionary key already exists Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to update dictionary Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{}" ``` ## GET `/dictionaries/{dictionaryId}/entries` List dictionary entries Returns entries for the specified dictionary ordered by position. Requires features: dictionaries.view **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Responses **200** – Dictionary entries. Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": "string", "color": null, "icon": null, "position": 1, "isDefault": true, "createdAt": "string", "updatedAt": null } ] } ``` **400** – Invalid parameters Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to load dictionary entries Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000/entries" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/dictionaries/{dictionaryId}/entries` Create dictionary entry Creates a new entry in the specified dictionary. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "value": "string", "color": null, "icon": null } ``` ### Responses **201** – Dictionary entry created. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": "string", "color": null, "icon": null, "position": 1, "isDefault": true, "createdAt": "string", "updatedAt": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to create dictionary entry Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000/entries" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"value\": \"string\", \"color\": null, \"icon\": null }" ``` ## DELETE `/dictionaries/{dictionaryId}/entries/{entryId}` Delete dictionary entry Deletes the specified dictionary entry via the command bus. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | | entryId | path | any | Required | ### Responses **200** – Entry deleted. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary or entry not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to delete entry Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PATCH `/dictionaries/{dictionaryId}/entries/{entryId}` Update dictionary entry Updates the specified dictionary entry using the command bus pipeline. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | | entryId | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "color": null, "icon": null } ``` ### Responses **200** – Dictionary entry updated. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "value": "string", "label": "string", "color": null, "icon": null, "position": 1, "isDefault": true, "createdAt": "string", "updatedAt": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary or entry not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to update entry Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PATCH "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000/entries/00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"color\": null, \"icon\": null }" ``` ## POST `/dictionaries/{dictionaryId}/entries/reorder` Reorder dictionary entries Updates the position of dictionary entries for drag-and-drop reordering. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "entries": [ { "id": "00000000-0000-4000-8000-000000000000", "position": 1 } ] } ``` ### Responses **200** – Entries reordered. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to reorder entries Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000/entries/reorder" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entries\": [ { \"id\": \"00000000-0000-4000-8000-000000000000\", \"position\": 1 } ] }" ``` ## POST `/dictionaries/{dictionaryId}/entries/set-default` Set default dictionary entry Marks the specified entry as the default for this dictionary, clearing any previous default. Requires features: dictionaries.manage **Tags:** Dictionaries **Requires authentication.** **Features:** dictionaries.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | dictionaryId | path | any | Required | ### Request Body Content-Type: `application/json` ```json { "entryId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Default entry set. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Dictionary or entry not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Failed to set default entry Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/dictionaries/00000000-0000-4000-8000-000000000000/entries/set-default" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entryId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/directory/organization-switcher` Load organization switcher menu Returns the hierarchical menu of organizations the current user may switch to within the active tenant. **Tags:** Directory **Requires authentication.** ### Responses **200** – Organization switcher payload. Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "depth": 1, "selectable": true, "children": [] } ], "selectedId": null, "canManage": true, "canViewAllOrganizations": true, "tenantId": null, "tenants": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isActive": true } ], "isSuperAdmin": true } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/directory/organization-switcher" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/directory/organizations` Delete organization Soft deletes an organization identified by id. Requires features: directory.organizations.manage **Tags:** Directory **Requires authentication.** **Features:** directory.organizations.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Organization deleted. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/directory/organizations" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/directory/organizations` List organizations Returns organizations using options, tree, or paginated manage view depending on the `view` parameter. Requires features: directory.organizations.view **Tags:** Directory **Requires authentication.** **Features:** directory.organizations.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | view | query | any | Optional | | ids | query | any | Optional | | tenantId | query | any | Optional | | includeInactive | query | any | Optional | | status | query | any | Optional | ### Responses **200** – Organization data for the requested view. Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "parentId": null, "parentName": null, "tenantId": null, "tenantName": null, "rootId": null, "treePath": null } ] } ``` **400** – Invalid query or tenant scope Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/directory/organizations?page=1&pageSize=50&view=options" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/directory/organizations` Create organization Creates a new organization within a tenant and optionally assigns hierarchy relationships. Requires features: directory.organizations.manage **Tags:** Directory **Requires authentication.** **Features:** directory.organizations.manage ### Request Body Content-Type: `application/json` ```json { "name": "string", "slug": null, "parentId": null } ``` ### Responses **201** – Organization created. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/directory/organizations" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"name\": \"string\", \"slug\": null, \"parentId\": null }" ``` ## PUT `/directory/organizations` Update organization Updates organization details and hierarchy assignments. Requires features: directory.organizations.manage **Tags:** Directory **Requires authentication.** **Features:** directory.organizations.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "slug": null, "parentId": null } ``` ### Responses **200** – Organization updated. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/directory/organizations" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\", \"slug\": null, \"parentId\": null }" ``` ## GET `/directory/organizations/lookup` Public organization lookup by slug **Tags:** Directory (Tenants & Organizations) ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/directory/organizations/lookup" \ -H "Accept: application/json" ``` ## DELETE `/directory/tenants` Delete tenant Soft deletes the tenant identified by id. Requires features: directory.tenants.manage **Tags:** Directory **Requires authentication.** **Features:** directory.tenants.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Tenant removed. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/directory/tenants" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/directory/tenants` List tenants Returns tenants visible to the current user with optional search and pagination. Requires features: directory.tenants.view **Tags:** Directory **Requires authentication.** **Features:** directory.tenants.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Optional | | page | query | any | Optional | | pageSize | query | any | Optional | | search | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | isActive | query | any | Optional | ### Responses **200** – Paged list of tenants. Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "name": "string", "isActive": true, "createdAt": null, "updatedAt": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/directory/tenants?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/directory/tenants` Create tenant Creates a new tenant and returns its identifier. Requires features: directory.tenants.manage **Tags:** Directory **Requires authentication.** **Features:** directory.tenants.manage ### Request Body Content-Type: `application/json` ```json { "name": "string" } ``` ### Responses **201** – Tenant created. Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/directory/tenants" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"name\": \"string\" }" ``` ## PUT `/directory/tenants` Update tenant Updates tenant properties such as name or activation state. Requires features: directory.tenants.manage **Tags:** Directory **Requires authentication.** **Features:** directory.tenants.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **200** – Tenant updated. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/directory/tenants" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## GET `/directory/tenants/lookup` Public tenant lookup **Tags:** Directory (Tenants & Organizations) ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/directory/tenants/lookup" \ -H "Accept: application/json" ``` ## DELETE `/entities/definitions` Soft delete custom field definition Marks the specified definition inactive and tombstones it for the current scope. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "key": "string" } ``` ### Responses **200** – Definition deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing entity id or key Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Definition not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/entities/definitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"key\": \"string\" }" ``` ## GET `/entities/definitions` List active custom field definitions Returns active custom field definitions for the supplied entity ids, respecting tenant scope and tombstones. **Tags:** Entities **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Optional | | entityIds | query | any | Optional | | fieldset | query | any | Optional | ### Responses **200** – Definition list Content-Type: `application/json` ```json { "items": [ { "key": "string", "kind": "string", "label": "string", "entityId": "string" } ] } ``` **400** – Missing entity id Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/definitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/entities/definitions` Upsert custom field definition Creates or updates a custom field definition for the current tenant/org scope. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "key": "string", "kind": "text" } ``` ### Responses **200** – Definition saved Content-Type: `application/json` ```json { "ok": true, "item": { "id": "00000000-0000-4000-8000-000000000000", "key": "string", "kind": "string", "configJson": {} } } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/entities/definitions" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"key\": \"string\", \"kind\": \"text\" }" ``` ## POST `/entities/definitions.batch` Save multiple custom field definitions Creates or updates multiple definitions for a single entity in one transaction. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "definitions": [ { "key": "string", "kind": "text" } ] } ``` ### Responses **200** – Definitions saved Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation error Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Unexpected failure Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/entities/definitions.batch" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"definitions\": [ { \"key\": \"string\", \"kind\": \"text\" } ] }" ``` ## GET `/entities/definitions.manage` Get management snapshot Returns scoped custom field definitions (including inactive tombstones) for administration interfaces. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Required | ### Responses **200** – Scoped definitions and deleted keys Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "key": "string", "kind": "string", "configJson": null, "organizationId": null, "tenantId": null } ], "deletedKeys": [ "string" ] } ``` **400** – Missing entity id Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/definitions.manage?entityId=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/entities/definitions.restore` Restore definition Reactivates a previously soft-deleted definition within the current tenant/org scope. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "key": "string" } ``` ### Responses **200** – Definition restored Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing entity id or key Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Definition not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/entities/definitions.restore" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"key\": \"string\" }" ``` ## GET `/entities/encryption` Fetch encryption map Returns the encrypted field map for the current tenant/organization scope. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Required | ### Responses **200** – Map Content-Type: `application/json` ```json { "entityId": "string", "fields": [ { "field": "string", "hashField": null } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/encryption?entityId=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/entities/encryption` Upsert encryption map Creates or updates the encryption map for the current tenant/organization scope. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "tenantId": null, "organizationId": null, "fields": [ { "field": "string", "hashField": null } ] } ``` ### Responses **200** – Saved Content-Type: `application/json` ```json { "ok": true } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/entities/encryption" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"tenantId\": null, \"organizationId\": null, \"fields\": [ { \"field\": \"string\", \"hashField\": null } ] }" ``` ## DELETE `/entities/entities` Soft delete custom entity Marks the specified custom entity inactive within the current scope. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string" } ``` ### Responses **200** – Entity deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing entity id Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Entity not found in scope Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/entities/entities" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\" }" ``` ## GET `/entities/entities` List available entities Returns generated and custom entities scoped to the caller with field counts per entity. **Tags:** Entities **Requires authentication.** ### Responses **200** – List of entities Content-Type: `application/json` ```json { "items": [ { "entityId": "string", "source": "code", "label": "string", "count": 1 } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/entities" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/entities/entities` Upsert custom entity Creates or updates a tenant/org scoped custom entity definition. Requires features: entities.definitions.manage **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "label": "string", "description": null, "showInSidebar": false } ``` ### Responses **200** – Entity saved Content-Type: `application/json` ```json { "ok": true, "item": { "id": "00000000-0000-4000-8000-000000000000", "entityId": "string", "label": "string" } } ``` **400** – Validation error Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/entities/entities" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"label\": \"string\", \"description\": null, \"showInSidebar\": false }" ``` ## DELETE `/entities/records` Delete record Soft deletes the specified record within the current tenant/org scope. Requires features: entities.records.manage **Tags:** Entities **Requires authentication.** **Features:** entities.records.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "recordId": "string" } ``` ### Responses **200** – Record deleted Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing entity id or record id Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Record not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Unexpected failure Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/entities/records" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"recordId\": \"string\" }" ``` ## GET `/entities/records` List records Returns paginated records for the supplied entity. Supports custom field filters, exports, and soft-delete toggles. Requires features: entities.records.view **Tags:** Entities **Requires authentication.** **Features:** entities.records.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Required | | page | query | any | Optional | | pageSize | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | withDeleted | query | any | Optional | | format | query | any | Optional | | exportScope | query | any | Optional | | export_scope | query | any | Optional | | all | query | any | Optional | | full | query | any | Optional | ### Responses **200** – Paginated records Content-Type: `application/json` ```json { "items": [ {} ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` **400** – Missing entity id Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Unexpected failure Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/records?entityId=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/entities/records` Create record Creates a record for the given entity. When `recordId` is omitted or not a UUID the data engine will generate one automatically. Requires features: entities.records.manage **Tags:** Entities **Requires authentication.** **Features:** entities.records.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "values": {} } ``` ### Responses **200** – Record created Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failure Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Unexpected failure Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/entities/records" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"values\": {} }" ``` ## PUT `/entities/records` Update record Updates an existing record. If the provided recordId is not a UUID the record will be created instead to support optimistic flows. Requires features: entities.records.manage **Tags:** Entities **Requires authentication.** **Features:** entities.records.manage ### Request Body Content-Type: `application/json` ```json { "entityId": "string", "recordId": "string", "values": {} } ``` ### Responses **200** – Record updated Content-Type: `application/json` ```json { "ok": true } ``` **400** – Validation failure Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Unexpected failure Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/entities/records" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityId\": \"string\", \"recordId\": \"string\", \"values\": {} }" ``` ## GET `/entities/relations/options` List relation options Returns up to 200 option entries for populating relation dropdowns, automatically resolving label fields when omitted. Requires features: entities.definitions.view **Tags:** Entities **Requires authentication.** **Features:** entities.definitions.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | entityId | query | any | Required | | labelField | query | any | Optional | | q | query | any | Optional | | ids | query | any | Optional | | routeContextFields | query | any | Optional | ### Responses **200** – Option list Content-Type: `application/json` ```json { "items": [ { "value": "string", "label": "string" } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/relations/options?entityId=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/entities/sidebar-entities` Get sidebar entities Returns custom entities flagged with `showInSidebar` for the current tenant/org scope. **Tags:** Entities **Requires authentication.** ### Responses **200** – Sidebar entities for navigation Content-Type: `application/json` ```json { "items": [ { "entityId": "string", "label": "string", "href": "string" } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/entities/sidebar-entities" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/events` List declared events Returns every declared event. Filters: category, module, excludeTriggerExcluded (default true). **Tags:** Events **Requires authentication.** ### Responses **200** – Declared events Content-Type: `application/json` ```json { "data": [ { "id": "string", "label": "string" } ], "total": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/events" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/events/stream` GET /events/stream **Tags:** Events **Requires authentication.** ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/events/stream" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/check/boolean` Check if feature is enabled Checks if a feature toggle is enabled for the current context. **Tags:** Feature Toggles **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | identifier | query | any | Required. Feature toggle identifier | ### Responses **200** – Feature status Content-Type: `application/json` ```json { "enabled": true, "source": "override", "toggleId": "string", "identifier": "string", "tenantId": "string" } ``` **400** – Bad Request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Tenant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/check/boolean?identifier=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/check/json` Get json config Gets the json configuration for a feature toggle. **Tags:** Feature Toggles **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | identifier | query | any | Required. Feature toggle identifier | ### Responses **200** – Json config Content-Type: `application/json` ```json { "valueType": "json", "source": "override", "toggleId": "string", "identifier": "string", "tenantId": "string" } ``` **400** – Bad Request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Tenant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/check/json?identifier=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/check/number` Get number config Gets the number configuration for a feature toggle. **Tags:** Feature Toggles **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | identifier | query | any | Required. Feature toggle identifier | ### Responses **200** – Number config Content-Type: `application/json` ```json { "valueType": "number", "value": 1, "source": "override", "toggleId": "string", "identifier": "string", "tenantId": "string" } ``` **400** – Bad Request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Tenant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/check/number?identifier=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/check/string` Get string config Gets the string configuration for a feature toggle. **Tags:** Feature Toggles **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | identifier | query | any | Required. Feature toggle identifier | ### Responses **200** – String config Content-Type: `application/json` ```json { "valueType": "string", "value": "string", "source": "override", "toggleId": "string", "identifier": "string", "tenantId": "string" } ``` **400** – Bad Request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Tenant not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/check/string?identifier=string" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## DELETE `/feature_toggles/global` Delete global feature toggle Soft deletes a global feature toggle by ID. Requires superadmin role. Requires features: feature_toggles.manage **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | query | any | Required. Feature toggle identifier | ### Responses **200** – Feature toggle deleted Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid identifier Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Feature toggle not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X DELETE "https://cc.kawalec.pl/feature_toggles/global?id=00000000-0000-4000-8000-000000000000" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/global` List global feature toggles Returns all global feature toggles with filtering and pagination. Requires superadmin role. Requires features: feature_toggles.view **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | page | query | any | Optional. Page number for pagination | | pageSize | query | any | Optional. Number of items per page (max 200) | | search | query | any | Optional. Case-insensitive search across identifier, name, description, and category | | type | query | any | Optional. Filter by toggle type (boolean, string, number, json) | | category | query | any | Optional. Filter by category (case-insensitive partial match) | | name | query | any | Optional. Filter by name (case-insensitive partial match) | | identifier | query | any | Optional. Filter by identifier (case-insensitive partial match) | | sortField | query | any | Optional. Field to sort by | | sortDir | query | any | Optional. Sort direction (ascending or descending) | ### Responses **200** – Feature toggles collection Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "identifier": "string", "name": "string", "description": null, "category": null, "type": "boolean", "defaultValue": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/global?page=1&pageSize=50" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/feature_toggles/global` Create global feature toggle Creates a new global feature toggle. Requires superadmin role. Requires features: feature_toggles.manage **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.manage ### Request Body Content-Type: `application/json` ```json { "identifier": "string", "name": "string", "description": null, "category": null, "type": "boolean", "defaultValue": null } ``` ### Responses **201** – Feature toggle created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/feature_toggles/global" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"identifier\": \"string\", \"name\": \"string\", \"description\": null, \"category\": null, \"type\": \"boolean\", \"defaultValue\": null }" ``` ## PUT `/feature_toggles/global` Update global feature toggle Updates an existing global feature toggle. Requires superadmin role. Requires features: feature_toggles.manage **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.manage ### Request Body Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "description": null, "category": null, "defaultValue": null } ``` ### Responses **200** – Feature toggle updated Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` **400** – Invalid payload Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Feature toggle not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/feature_toggles/global" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"id\": \"00000000-0000-4000-8000-000000000000\", \"description\": null, \"category\": null, \"defaultValue\": null }" ``` ## GET `/feature_toggles/global/{id}` Fetch feature toggle by ID Returns complete details of a feature toggle. Requires features: feature_toggles.view **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Feature toggle detail Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "identifier": "string", "name": "string", "description": null, "category": null, "type": "boolean", "defaultValue": null } ``` **400** – Invalid identifier Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Feature toggle not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/global/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/global/{id}/override` Fetch feature toggle override Returns feature toggle override. Requires features: feature_toggles.view **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Feature toggle overrides Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000", "tenantName": "string", "tenantId": "00000000-0000-4000-8000-000000000000", "toggleType": "boolean" } ``` **400** – Invalid request Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Feature toggle not found Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/global/:id/override" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/feature_toggles/overrides` List overrides Returns list of feature toggle overrides. Requires features: feature_toggles.view **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | category | query | any | Optional | | name | query | any | Optional | | identifier | query | any | Optional | | sortField | query | any | Optional | | sortDir | query | any | Optional | | page | query | any | Optional | | pageSize | query | any | Optional | ### Responses **200** – List of overrides Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "toggleId": "00000000-0000-4000-8000-000000000000", "overrideState": "enabled", "identifier": "string", "name": "string", "category": null, "defaultState": true, "tenantName": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1, "isSuperAdmin": true } ``` **400** – Invalid query parameters Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/feature_toggles/overrides?page=1&pageSize=25" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/feature_toggles/overrides` Change override state Enable, disable or inherit a feature toggle for a specific tenant. Requires features: feature_toggles.manage **Tags:** Feature Toggles **Requires authentication.** **Features:** feature_toggles.manage ### Request Body Content-Type: `application/json` ```json { "toggleId": "00000000-0000-4000-8000-000000000000", "isOverride": true } ``` ### Responses **200** – Override updated Content-Type: `application/json` ```json { "ok": true, "overrideToggleId": null } ``` **400** – Validation failed Content-Type: `application/json` ```json { "error": "string" } ``` **404** – Not found Content-Type: `application/json` ```json { "error": "string" } ``` **500** – Internal server error Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/feature_toggles/overrides" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"toggleId\": \"00000000-0000-4000-8000-000000000000\", \"isOverride\": true }" ``` ## GET `/integrations` List integrations Returns a paginated collection of integrations. Requires features: integrations.view **Tags:** Integrations **Requires authentication.** **Features:** integrations.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | q | query | any | Optional | | category | query | any | Optional | | bundleId | query | any | Optional | | isEnabled | query | any | Optional | | healthStatus | query | any | Optional | | sort | query | any | Optional | | order | query | any | Optional | | page | query | any | Optional | | pageSize | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated integrations Content-Type: `application/json` ```json { "items": [ { "id": "string", "title": "string", "description": null, "category": null, "tags": [ "string" ], "hub": null, "providerKey": null, "bundleId": null, "author": null, "company": null, "version": null, "hasCredentials": true, "isEnabled": true, "apiVersion": null, "healthStatus": "healthy", "lastHealthCheckedAt": null, "lastHealthLatencyMs": null, "enabledAt": null, "analytics": { "lastActivityAt": null, "totalCount": 1, "errorCount": 1, "errorRate": 1, "dailyCounts": [ 1 ] } } ], "total": 1, "totalPages": 1, "bundles": [ { "id": "string", "title": "string", "description": "string", "icon": null, "integrationCount": 1, "enabledCount": 1 } ] } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/integrations?order=asc&page=1&pageSize=100" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/integrations/{id}` Get integration detail Requires features: integrations.view **Tags:** Integrations **Requires authentication.** **Features:** integrations.view ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/integrations/:id" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/integrations/{id}/credentials` Get or save integration credentials Requires features: integrations.credentials.manage **Tags:** Integrations **Requires authentication.** **Features:** integrations.credentials.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/integrations/:id/credentials" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/integrations/{id}/credentials` Get or save integration credentials Requires features: integrations.credentials.manage **Tags:** Integrations **Requires authentication.** **Features:** integrations.credentials.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/integrations/:id/credentials" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/integrations/{id}/health` Run health check for an integration Requires features: integrations.manage **Tags:** Integrations **Requires authentication.** **Features:** integrations.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/integrations/:id/health" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/integrations/{id}/state` Update integration state Requires features: integrations.manage **Tags:** Integrations **Requires authentication.** **Features:** integrations.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/integrations/:id/state" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/integrations/{id}/version` Change integration API version Requires features: integrations.manage **Tags:** Integrations **Requires authentication.** **Features:** integrations.manage ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/integrations/:id/version" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/integrations/logs` List integration logs Requires features: integrations.manage **Tags:** Integrations **Requires authentication.** **Features:** integrations.manage ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/integrations/logs" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/notifications` List notifications Returns a paginated collection of notifications. **Tags:** Notifications **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | status | query | any | Optional | | type | query | any | Optional | | severity | query | any | Optional | | sourceEntityType | query | any | Optional | | sourceEntityId | query | any | Optional | | since | query | any | Optional | | page | query | any | Optional | | pageSize | query | any | Optional | | ids | query | any | Optional. Comma-separated list of record UUIDs to filter by (max 200). | ### Responses **200** – Paginated notifications Content-Type: `application/json` ```json { "items": [ { "id": "00000000-0000-4000-8000-000000000000", "type": "string", "title": "string", "body": null, "titleKey": null, "bodyKey": null, "titleVariables": null, "bodyVariables": null, "icon": null, "severity": "string", "status": "string", "actions": [ { "id": "string", "label": "string" } ], "sourceModule": null, "sourceEntityType": null, "sourceEntityId": null, "linkHref": null, "createdAt": "string", "readAt": null, "actionTaken": null } ], "total": 1, "page": 1, "pageSize": 1, "totalPages": 1 } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/notifications?page=1&pageSize=20" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/notifications` Create notification Creates a notification for a user. Requires features: notifications.create **Tags:** Notifications **Requires authentication.** **Features:** notifications.create ### Request Body Content-Type: `application/json` ```json { "type": "string", "severity": "info", "recipientUserId": "00000000-0000-4000-8000-000000000000" } ``` ### Responses **201** – Notification created Content-Type: `application/json` ```json { "id": "00000000-0000-4000-8000-000000000000" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/notifications" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"type\": \"string\", \"severity\": \"info\", \"recipientUserId\": \"00000000-0000-4000-8000-000000000000\" }" ``` ## POST `/notifications/{id}/action` POST /notifications/{id}/action **Tags:** Notifications **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/notifications/:id/action" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/notifications/{id}/dismiss` PUT /notifications/{id}/dismiss **Tags:** Notifications **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/notifications/:id/dismiss" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/notifications/{id}/read` PUT /notifications/{id}/read **Tags:** Notifications **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/notifications/:id/read" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/notifications/{id}/restore` PUT /notifications/{id}/restore **Tags:** Notifications **Requires authentication.** ### Parameters | Name | Location | Type | Description | | --- | --- | --- | --- | | id | path | any | Required | ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/notifications/:id/restore" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/notifications/batch` POST /notifications/batch Requires features: notifications.create **Tags:** Notifications **Requires authentication.** **Features:** notifications.create ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/notifications/batch" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/notifications/feature` POST /notifications/feature Requires features: notifications.create **Tags:** Notifications **Requires authentication.** **Features:** notifications.create ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/notifications/feature" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## PUT `/notifications/mark-all-read` PUT /notifications/mark-all-read **Tags:** Notifications **Requires authentication.** ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X PUT "https://cc.kawalec.pl/notifications/mark-all-read" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/notifications/role` POST /notifications/role Requires features: notifications.create **Tags:** Notifications **Requires authentication.** **Features:** notifications.create ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/notifications/role" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/notifications/settings` GET /notifications/settings Requires features: notifications.manage **Tags:** Notifications **Requires authentication.** **Features:** notifications.manage ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/notifications/settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/notifications/settings` POST /notifications/settings Requires features: notifications.manage **Tags:** Notifications **Requires authentication.** **Features:** notifications.manage ### Responses **201** – Success response Content-Type: `application/json` ### Example ```bash curl -X POST "https://cc.kawalec.pl/notifications/settings" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## GET `/notifications/unread-count` GET /notifications/unread-count **Tags:** Notifications **Requires authentication.** ### Responses **200** – Success response Content-Type: `application/json` ### Example ```bash curl -X GET "https://cc.kawalec.pl/notifications/unread-count" \ -H "Accept: application/json" \ -H "authorization: Bearer " ``` ## POST `/query_index/purge` Purge query index records Queues a purge job to remove indexed records for an entity type within the active scope. Requires features: query_index.purge **Tags:** Query Index **Requires authentication.** **Features:** query_index.purge ### Request Body Content-Type: `application/json` ```json { "entityType": "string" } ``` ### Responses **200** – Purge job accepted. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing entity type Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/query_index/purge" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityType\": \"string\" }" ``` ## POST `/query_index/reindex` Trigger query index rebuild Queues a reindex job for the specified entity type within the current tenant scope. Requires features: query_index.reindex **Tags:** Query Index **Requires authentication.** **Features:** query_index.reindex ### Request Body Content-Type: `application/json` ```json { "entityType": "string" } ``` ### Responses **200** – Reindex job accepted. Content-Type: `application/json` ```json { "ok": true } ``` **400** – Missing entity type Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X POST "https://cc.kawalec.pl/query_index/reindex" \ -H "Accept: application/json" \ -H "authorization: Bearer " \ -H "Content-Type: application/json" \ -d "{ \"entityType\": \"string\" }" ``` ## GET `/query_index/status` Inspect query index coverage Returns entity counts comparing base tables with the query index along with the latest job status. Requires features: query_index.status.view **Tags:** Query Index **Requires authentication.** **Features:** query_index.status.view ### Responses **200** – Current query index status. Content-Type: `application/json` ```json { "items": [ { "entityId": "string", "label": "string", "baseCount": null, "indexCount": null, "vectorCount": null, "ok": true, "job": { "status": "idle", "startedAt": null, "finishedAt": null, "heartbeatAt": null, "processedCount": null, "totalCount": null, "scope": null } } ], "errors": [ { "id": "string", "source": "string", "handler": "string", "entityType": null, "recordId": null, "tenantId": null, "organizationId": null, "message": "string", "stack": null, "payload": null, "occurredAt": "string" } ], "logs": [ { "id": "string", "source": "string", "handler": "string", "level": "info", "entityType": null, "recordId": null, "tenantId": null, "organizationId": null, "message": "string", "details": null, "occurredAt": "string" } ] } ``` **400** – Tenant or organization context required Content-Type: `application/json` ```json { "error": "string" } ``` ### Example ```bash curl -X GET "https://cc.kawalec.pl/query_index/status" \ -H "Accept: application/json" \ -H "authorization: Bearer " ```