{ "openapi": "3.0.3", "info": { "title": "B•Code Sign API (subset público)", "version": "1.0.0", "description": "Contrato **parcial** para integradores — prioriza envelopes, uso, API keys e webhooks. O backend pode expor rotas adicionais (templates, TSA, admin, fluxo público `/sign/:token`, etc.). Fonte narrativa completa: `docs/sign/API_PLATFORM.md` no repositório.\n\n**Validação:** cada `paths.*` deste ficheiro é verificado em CI contra `apps/api/app/api/sign/**/route.ts` (`npm run sign:openapi:check`)." }, "servers": [ { "url": "https://{host}", "variables": { "host": { "default": "api.example.com" } } } ], "tags": [ { "name": "Envelopes", "description": "Criação, envio, listagem e export." }, { "name": "Usage", "description": "Consumo e limites do tenant." }, { "name": "ApiKeys", "description": "Gestão de chaves de API." }, { "name": "Webhooks", "description": "Endpoints de configuração de webhooks outbound." } ], "paths": { "/api/sign/envelopes": { "get": { "tags": ["Envelopes"], "summary": "Listar envelopes", "operationId": "listEnvelopes", "security": [{ "bearerAuth": [] }], "parameters": [ { "name": "status", "in": "query", "schema": { "type": "string" } }, { "name": "limit", "in": "query", "schema": { "type": "integer", "default": 20 } }, { "name": "offset", "in": "query", "schema": { "type": "integer", "default": 0 } } ], "responses": { "200": { "description": "Lista paginada", "content": { "application/json": { "schema": { "type": "object" } } } }, "401": { "description": "Não autenticado" }, "403": { "description": "Escopo insuficiente (INSUFFICIENT_SCOPE)" } } }, "post": { "tags": ["Envelopes"], "summary": "Criar envelope", "operationId": "createEnvelope", "security": [{ "bearerAuth": [] }], "parameters": [ { "name": "Idempotency-Key", "in": "header", "required": false, "schema": { "type": "string", "format": "uuid" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "properties": { "title": { "type": "string" }, "signers": { "type": "array", "items": { "type": "object", "properties": { "name": { "type": "string" }, "phone": { "type": "string" }, "email": { "type": "string" }, "signOrder": { "type": "integer" } }, "required": ["name", "phone"] } }, "requireOtp": { "type": "boolean" }, "sequentialSigning": { "type": "boolean" } }, "required": ["signers"] } } } }, "responses": { "200": { "description": "Envelope criado", "content": { "application/json": { "schema": { "type": "object", "properties": { "success": { "type": "boolean" }, "envelopeId": { "type": "string" } } } } } }, "429": { "description": "RATE_LIMITED" } } } }, "/api/sign/envelopes/{id}": { "get": { "tags": ["Envelopes"], "summary": "Obter envelope", "operationId": "getEnvelope", "security": [{ "bearerAuth": [] }], "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "responses": { "200": { "description": "Detalhe do envelope" }, "404": { "description": "Não encontrado" } } } }, "/api/sign/envelopes/{id}/send": { "post": { "tags": ["Envelopes"], "summary": "Enviar convites", "operationId": "sendEnvelope", "security": [{ "bearerAuth": [] }], "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } }, { "name": "Idempotency-Key", "in": "header", "schema": { "type": "string" } } ], "responses": { "200": { "description": "Envio disparado" }, "429": { "description": "RATE_LIMITED" } } } }, "/api/sign/envelopes/{id}/export": { "get": { "tags": ["Envelopes"], "summary": "Exportar proof pack (ZIP)", "operationId": "exportEnvelope", "security": [{ "bearerAuth": [] }], "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "responses": { "200": { "description": "Arquivo binário (ZIP)" }, "403": { "description": "Sem escopo export:read" }, "429": { "description": "RATE_LIMITED" } } } }, "/api/sign/usage": { "get": { "tags": ["Usage"], "summary": "Uso do mês (tenant)", "operationId": "getSignUsage", "security": [{ "bearerAuth": [] }], "responses": { "200": { "description": "Consumo e limites", "content": { "application/json": { "schema": { "type": "object" } } } } } } }, "/api/sign/api-keys": { "get": { "tags": ["ApiKeys"], "summary": "Listar API keys", "operationId": "listApiKeys", "security": [{ "bearerAuth": [] }], "responses": { "200": { "description": "Lista de chaves (sem secret)" } } }, "post": { "tags": ["ApiKeys"], "summary": "Criar API key (secret exibido uma vez)", "operationId": "createApiKey", "security": [{ "bearerAuth": [] }], "requestBody": { "content": { "application/json": { "schema": { "type": "object", "properties": { "name": { "type": "string" }, "environment": { "type": "string", "enum": ["test", "live"] }, "scopes": { "type": "array", "items": { "type": "string" } } } } } } }, "responses": { "200": { "description": "Chave criada (campo `key` apenas nesta resposta)" } } } }, "/api/sign/webhooks": { "get": { "tags": ["Webhooks"], "summary": "Listar webhooks", "operationId": "listWebhooks", "security": [{ "bearerAuth": [] }], "responses": { "200": { "description": "Lista de webhooks" } } }, "post": { "tags": ["Webhooks"], "summary": "Criar webhook", "operationId": "createWebhook", "security": [{ "bearerAuth": [] }], "parameters": [ { "name": "Idempotency-Key", "in": "header", "schema": { "type": "string" } } ], "requestBody": { "content": { "application/json": { "schema": { "type": "object", "properties": { "url": { "type": "string", "format": "uri" }, "eventTypes": { "type": "array", "items": { "type": "string" } } }, "required": ["url"] } } } }, "responses": { "200": { "description": "Webhook criado" } } } } }, "components": { "securitySchemes": { "bearerAuth": { "type": "http", "scheme": "bearer", "bearerFormat": "API key (sk_test_… / sk_live_… ou JWT de sessão)" } } } }