API Documentation
Overview
The API surface is designed around runtime health, model/tool dispatch, tenant-aware operations, audit/provenance, and domain workflows.
Common conventions
- JSON request and response bodies.
- Tenant-aware endpoints should require explicit tenant context.
- Security-sensitive operations should fail closed.
- Clinical or biological outputs should include evidence/provenance where applicable.
Endpoint groups
Health
GET /health
Returns service status and runtime metadata.
Models and agents
GET /models
POST /v1/inference
Lists available model adapters and submits inference requests.
Consent and governance
POST /v1/consent/grant
POST /v1/consent/revoke
GET /audit/events
Clinical and PHI-aware workflows should use explicit consent, policy, and audit records.
Workflows
POST /v1/workflows/run
GET /v1/workflows/{id}
Runs reproducible agent/tool pipelines and returns traceable outputs.
OpenAPI
When the service is running, generate the OpenAPI schema from the application runtime and commit a versioned snapshot under docs/openapi.json.