API Reference
Filtration Gateway
Security, Authentication, and Policy Endpoints
The Filtration Gateway is the security control plane. It handles authentication, RBAC, guardrails, and policy enforcement.
Base URL
http://localhost:8000
Authentication Endpoints
POST /auth/login
Authenticate user and receive JWT tokens.
Request:
{
"email": "user@example.com",
"password": "password123",
"totp_code": "123456" // Optional, required if 2FA enabled
}Response:
{
"access_token": "eyJ...",
"refresh_token": "eyJ...",
"token_type": "bearer",
"user": { "id": "...", "email": "...", "role": "admin" }
}POST /auth/refresh
Refresh access token using refresh token.
GET /auth/me
Get current user information.
GET /auth/organizations
List organizations the user belongs to.
POST /auth/switch-org
Switch active organization context.
2FA Endpoints
POST /auth/totp/setup- Initialize TOTP setupPOST /auth/totp/verify- Verify and enable TOTPPOST /auth/totp/disable- Disable TOTP
Management Endpoints
Deployments
| Method | Endpoint | Description |
|---|---|---|
| GET | /management/deployments | List deployments |
| POST | /management/deployments | Create deployment |
| GET | /management/deployments/{id} | Get deployment details |
| DELETE | /management/deployments/{id} | Delete deployment |
| GET | /management/deployments/{id}/logs | Get inference logs |
| GET | /management/deployments/recent-logs | Get all recent logs |
API Keys
| Method | Endpoint | Description |
|---|---|---|
| GET | /management/api-keys | List API keys |
| POST | /management/api-keys | Create API key |
| DELETE | /management/api-keys/{id} | Revoke API key |
Configuration
| Method | Endpoint | Description |
|---|---|---|
| GET | /management/config/{policy_type} | Get policy config |
| POST | /management/config/{policy_type} | Update policy config |
| GET | /management/config/providers | List provider configs |
| POST | /management/config/providers | Update provider config |
Knowledge Base
| Method | Endpoint | Description |
|---|---|---|
| GET | /management/knowledge-base/collections | List collections |
| POST | /management/knowledge-base/collections | Create collection |
| POST | /management/knowledge-base/upload | Upload documents |
Prompt Templates
| Method | Endpoint | Description |
|---|---|---|
| GET | /management/prompts | List templates |
| POST | /management/prompts | Create template |
| PUT | /management/prompts/{id} | Update template |
Admin Endpoints (RBAC)
Roles
| Method | Endpoint | Description |
|---|---|---|
| GET | /admin/roles | List roles |
| POST | /admin/roles | Create role |
| PUT | /admin/roles/{name} | Update role |
| DELETE | /admin/roles/{name} | Delete role |
| GET | /admin/roles/permissions/list | List available permissions |
Users
| Method | Endpoint | Description |
|---|---|---|
| GET | /admin/users | List organization users |
| PUT | /admin/users/{id}/role | Update user role |
Audit Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | /audit/logs | Retrieve audit logs (Admin only) |
Internal Endpoints
These endpoints are for service-to-service communication and require INTERNAL_API_KEY.
| Method | Endpoint | Description |
|---|---|---|
| POST | /internal/context/resolve | Resolve API key to deployment config |
| POST | /internal/guardrails/scan | Scan content for safety violations |
| POST | /internal/prompt/process | Process prompt (RAG + templates) |
| POST | /internal/policy/check_quota | Check user quota |
| POST | /internal/policy/track_usage | Track usage statistics |
| POST | /internal/logs/create | Create inference log entry |
