Skip to content

Overview

HTTP/JSON control-plane API for the core-switch SIP platform.

Authentication

Every protected endpoint requires a JWT passed as Authorization: Bearer <jwt>. There are two ways to obtain one:

  • API-key loginPOST /v1/login with Authorization: Bearer <api-key> returns a full JWT ({"token": "...", "type": "full"}). Service users authenticate this way; there is no second factor on the API-key path.
  • Password loginPOST /v1/ns/{nsid}/login or POST /v1/pt/{ptid}/login with a username-or-email + password body, scoped to the namespace or partition that owns the user. The response branches on the user’s TOTP state: a user with no second factor gets a short-lived bootstrap token (only the TOTP-enrollment endpoints are open) so they can enroll one; a user with TOTP gets a 2fa-required challenge, exchanged for a full JWT via the matching .../login/2fa endpoint.

The JWT is automatically re-minted on a 401 response.

Error format

All errors follow RFC 7807 Problem Details (application/problem+json). The type field carries a slug URI; known slugs: unauthorized, invalid-input, namespace-not-found, namespace-version-not-found, partition-not-found, peer-not-found, yaml-parse-failed, config-validation-failed, config-apply-failed, patch-apply-failed, request-too-large, internal, precondition-failed, conflict, not-descendant, schema-version-mismatch, not-acceptable, unsupported-media-type, vm-box-not-found, vm-box-conflict, line-not-found, line-invalid, line-forbidden, lcr-table-not-found, lcr-version-not-found, lcr-route-not-found, lcr-invalid, lcr-unknown-trunks, lcr-upload-not-found, lcr-upload-state-invalid, lcr-upload-expired, lcr-row-limit-exceeded, lcr-table-in-use, lcr-not-implemented, user-not-found, credential-not-found, weak-password.

Content negotiation

Config endpoints accept application/yaml or application/json bodies. GET /v1/ns/{nsid}/config/{version} returns bare YAML by default; send Accept: application/json+yaml to receive a ConfigVersionEnvelope.

Information

  • OpenAPI version: 3.1.0

Security scheme type: http

Bearer format: JWT