API Reference

Complete HTTP API documentation for the Elydora platform. All endpoints use JSON request and response bodies.

Base URL

https://api.elydora.com

Authentication

Most endpoints require a Bearer token in the Authorization header. Obtain a token via the Authentication endpoints.

http

Authorization: Bearer <your-session-token>

Error Format

All errors return a consistent JSON structure with an error code and human-readable message. See the full list of error codes.

json

{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication is required.",
    "request_id": "019605a3-7b2c-7d00-8000-abcdef123456"
  }
}

Pagination

List endpoints support cursor-based pagination using cursor and limit query parameters. The response includes a nextCursor field when more results are available.

json

{
  "operations": [...],
  "cursor": "eyJpZCI6MTAwfQ==",
  "total_count": 42
}

Endpoint Overview

POST

/api/auth/sign-up/email

POST

/api/auth/sign-in/email

Authenticate and receive a session token

GET

/api/auth/session

Get current user profile

Auth: Any authenticated user

POST

/api/auth/session/refresh

Create a new session token

Auth: Any authenticated user

POST

/v1/auth/token

Issue an API token

Auth: Any authenticated user

POST

/v1/agents/register

Auth: integration_engineer

GET

/v1/agents

List all agents

Auth: readonly_investigator

GET

/v1/agents/:agent_id

Get agent details

Auth: readonly_investigator

PATCH

/v1/agents/:agent_id

Update agent integration type

Auth: integration_engineer

DELETE

/v1/agents/:agent_id

Delete an agent

Auth: security_admin

POST

/v1/agents/:agent_id/freeze

Freeze an agent

Auth: security_admin

POST

/v1/agents/:agent_id/unfreeze

Unfreeze an agent

Auth: security_admin

POST

/v1/agents/:agent_id/revoke

Revoke an agent

Auth: security_admin

POST

/v1/operations

Submit a signed operation

Auth: integration_engineer

GET

/v1/operations/:operation_id

Retrieve an operation record

Auth: readonly_investigator

POST

/v1/operations/:operation_id/verify

Verify operation integrity

Auth: readonly_investigator

POST

/v1/audit/query

Query audit records

Auth: compliance_auditor

GET

/v1/epochs

List epochs

Auth: readonly_investigator

GET

/v1/epochs/:epoch_id

Get epoch details

Auth: readonly_investigator

POST

/v1/exports

Create an export job

Auth: compliance_auditor

GET

/v1/exports

List export jobs

Auth: compliance_auditor

GET

/v1/exports/:export_id

Get export status

Auth: compliance_auditor

GET

/v1/exports/:export_id/download

Download export data

Auth: compliance_auditor

GET

/.well-known/elydora/jwks.json

Public JWKS endpoint

GET

/v1/health

Health check

POST

/v1/auth/rotate

apiRef.endpoints.authRotate

Auth: Any authenticated user

GET

/v1/health/deep

apiRef.endpoints.healthDeep

GET

/v1/webhooks

apiRef.endpoints.webhooksList

Auth: security_admin

POST

/v1/webhooks

apiRef.endpoints.webhooksCreate

Auth: security_admin

DELETE

/v1/webhooks/:webhook_id

apiRef.endpoints.webhooksDelete

Auth: security_admin

GET

/v1/onboarding/status

apiRef.endpoints.onboardingStatus

Auth: Any authenticated user

POST

/v1/onboarding/personal

apiRef.endpoints.onboardingPersonal

Auth: Any authenticated user

POST

/v1/onboarding/organization

apiRef.endpoints.onboardingOrg

Auth: Any authenticated user

GET

/v1/members

apiRef.endpoints.membersList

Auth: readonly_investigator

GET

/v1/members/invitations

apiRef.endpoints.membersInvitations

Auth: security_admin

GET

/v1/agents/:agent_id/assignments

apiRef.endpoints.agentAssignmentsList

Auth: security_admin

POST

/v1/agents/:agent_id/assignments

apiRef.endpoints.agentAssignmentsCreate

Auth: security_admin

DELETE

/v1/agents/:agent_id/assignments/:user_id

apiRef.endpoints.agentAssignmentsDelete

Auth: security_admin

GET

/v1/members/:user_id/agents

apiRef.endpoints.memberAgents

Auth: security_admin or self

GET

/v1/admin/events

apiRef.endpoints.adminEvents

Auth: compliance_auditor