trustgraph/specs/api/README.md

# TrustGraph OpenAPI Specification

This directory contains the modular OpenAPI 3.1 specification for the TrustGraph REST API Gateway.

## Authentication

Clients authenticate by passing an opaque bearer token in the
`Authorization` header.  The gateway resolves the token to an
authenticated identity and an associated workspace.  Tokens are
obtained via the IAM service (e.g. `tg-login` or `tg-create-api-key`).

## Service Tiers

API services are organized into three tiers based on their scoping:

### Global services

These services are not scoped to a workspace.  They manage
system-wide resources.

- **IAM** — user management, authentication, API key lifecycle

### Workspace-scoped services

These services operate within the workspace associated with the
authenticated token.  The workspace is resolved by the gateway from
the bearer token — it is not passed as an explicit parameter.

- **Config** — configuration management (prompts, token costs, etc.)
- **Librarian** — document library management
- **Knowledge** — knowledge graph core management
- **Collection Management** — collection metadata
- **Flow** — flow lifecycle and blueprint management

### Flow-scoped services

These services require a `flow` parameter identifying the processing
flow to use, in addition to the workspace context from the token.

- **Agent** — agentic AI interactions
- **Document RAG** — retrieval-augmented generation over documents
- **Graph RAG** — retrieval-augmented generation over knowledge graphs
- **Text Completion** — LLM text completion
- **Prompt** — prompt template expansion
- **Embeddings** — vector embedding generation
- **SPARQL Query** — SPARQL queries against the knowledge graph
- **Graph Embeddings** — knowledge graph embedding queries
- **Document Embeddings** — document embedding queries
- **Structured Query** — structured data queries
- **Row Embeddings** — structured data embedding queries
- **Rows Query** — row-level data queries
- **Triples Query** — knowledge graph triple queries

## Structure

```
specs/api/
├── openapi.yaml              # Main entry point
├── paths/                    # Endpoint definitions
│   ├── config.yaml
│   ├── flow.yaml
│   ├── flow-services/        # Flow-hosted services
│   └── import-export/
├── components/
│   ├── schemas/              # Request/response schemas
│   │   ├── config/
│   │   ├── flow/
│   │   ├── ai-services/
│   │   ├── common/
│   │   └── errors/
│   ├── parameters/           # Reusable parameters
│   ├── responses/            # Reusable responses
│   └── examples/             # Example payloads
└── security/                 # Security schemes
    └── bearerAuth.yaml
```

## Viewing the Spec

### Swagger UI

```bash
# Install swagger-ui
npm install -g swagger-ui-watcher

# View in browser
swagger-ui-watcher specs/api/openapi.yaml
```

### Redoc

```bash
# Install redoc-cli
npm install -g redoc-cli

# Generate static HTML
redoc-cli bundle specs/api/openapi.yaml -o api-docs.html

# View
open api-docs.html
```

### Online Validators

Upload `openapi.yaml` to:
- https://editor.swagger.io/
- https://redocly.com/redoc/

## Validation

```bash
# Install openapi-spec-validator
pip install openapi-spec-validator

# Validate
openapi-spec-validator specs/api/openapi.yaml
```

## Development

When adding a new service:

1. Create schema files in `components/schemas/{service}/`
2. Create path file in `paths/` or `paths/flow-services/`
3. Add examples if needed
4. Reference from `openapi.yaml`
5. Validate

## References

- [OpenAPI 3.1 Specification](https://spec.openapis.org/oas/v3.1.0)
- [TrustGraph Tech Spec](../../docs/tech-specs/openapi-spec.md)
- [API Services Summary](../../API_SERVICES_SUMMARY.md)
REST API OpenAPI spec (#612) * OpenAPI spec in specs/api. Checked lint with redoc. 2026-01-15 11:04:37 +00:00			`# TrustGraph OpenAPI Specification`

			`This directory contains the modular OpenAPI 3.1 specification for the TrustGraph REST API Gateway.`

Update API docs for 2.4 (#960) - Update API specs for 2.4 (#960) - Update API docs - Regenerate Python docs 2026-05-28 17:55:51 +01:00			`## Authentication`

			`Clients authenticate by passing an opaque bearer token in the`
			`Authorization` header. The gateway resolves the token to an
			`authenticated identity and an associated workspace. Tokens are`
			obtained via the IAM service (e.g. `tg-login` or `tg-create-api-key`).

			`## Service Tiers`

			`API services are organized into three tiers based on their scoping:`

			`### Global services`

			`These services are not scoped to a workspace. They manage`
			`system-wide resources.`

			`- IAM — user management, authentication, API key lifecycle`

			`### Workspace-scoped services`

			`These services operate within the workspace associated with the`
			`authenticated token. The workspace is resolved by the gateway from`
			`the bearer token — it is not passed as an explicit parameter.`

			`- Config — configuration management (prompts, token costs, etc.)`
			`- Librarian — document library management`
			`- Knowledge — knowledge graph core management`
			`- Collection Management — collection metadata`
			`- Flow — flow lifecycle and blueprint management`

			`### Flow-scoped services`

			These services require a `flow` parameter identifying the processing
			`flow to use, in addition to the workspace context from the token.`

			`- Agent — agentic AI interactions`
			`- Document RAG — retrieval-augmented generation over documents`
			`- Graph RAG — retrieval-augmented generation over knowledge graphs`
			`- Text Completion — LLM text completion`
			`- Prompt — prompt template expansion`
			`- Embeddings — vector embedding generation`
			`- SPARQL Query — SPARQL queries against the knowledge graph`
			`- Graph Embeddings — knowledge graph embedding queries`
			`- Document Embeddings — document embedding queries`
			`- Structured Query — structured data queries`
			`- Row Embeddings — structured data embedding queries`
			`- Rows Query — row-level data queries`
			`- Triples Query — knowledge graph triple queries`

REST API OpenAPI spec (#612) * OpenAPI spec in specs/api. Checked lint with redoc. 2026-01-15 11:04:37 +00:00			`## Structure`

			```
			`specs/api/`
			`├── openapi.yaml # Main entry point`
			`├── paths/ # Endpoint definitions`
			`│ ├── config.yaml`
			`│ ├── flow.yaml`
			`│ ├── flow-services/ # Flow-hosted services`
			`│ └── import-export/`
			`├── components/`
			`│ ├── schemas/ # Request/response schemas`
			`│ │ ├── config/`
			`│ │ ├── flow/`
			`│ │ ├── ai-services/`
			`│ │ ├── common/`
			`│ │ └── errors/`
			`│ ├── parameters/ # Reusable parameters`
			`│ ├── responses/ # Reusable responses`
			`│ └── examples/ # Example payloads`
			`└── security/ # Security schemes`
			`└── bearerAuth.yaml`
			```

			`## Viewing the Spec`

			`### Swagger UI`

			```bash
			`# Install swagger-ui`
			`npm install -g swagger-ui-watcher`

			`# View in browser`
			`swagger-ui-watcher specs/api/openapi.yaml`
			```

			`### Redoc`

			```bash
			`# Install redoc-cli`
			`npm install -g redoc-cli`

			`# Generate static HTML`
			`redoc-cli bundle specs/api/openapi.yaml -o api-docs.html`

			`# View`
			`open api-docs.html`
			```

			`### Online Validators`

			Upload `openapi.yaml` to:
			`- https://editor.swagger.io/`
			`- https://redocly.com/redoc/`

			`## Validation`

			```bash
			`# Install openapi-spec-validator`
			`pip install openapi-spec-validator`

			`# Validate`
			`openapi-spec-validator specs/api/openapi.yaml`
			```

			`## Development`

			`When adding a new service:`

			1. Create schema files in `components/schemas/{service}/`
			2. Create path file in `paths/` or `paths/flow-services/`
			`3. Add examples if needed`
			4. Reference from `openapi.yaml`
			`5. Validate`

			`## References`

			`- [OpenAPI 3.1 Specification](https://spec.openapis.org/oas/v3.1.0)`
			`- [TrustGraph Tech Spec](../../docs/tech-specs/openapi-spec.md)`
			`- [API Services Summary](../../API_SERVICES_SUMMARY.md)`