The Inkweld API follows OpenAPI 3.0 specifications. You can access the complete API specification and try endpoints interactively.
The Inkweld API uses session-based authentication with httpOnly cookies.
POST /api/auth/login
Content-Type: application/json
{
"username": "your-username",
"password": "your-password"
}
Response:
{
"user": {
"id": "uuid",
"username": "your-username",
"email": "you@example.com"
}
}GET /api/projects - List your projectsPOST /api/projects - Create a new projectGET /api/projects/:id - Get project detailsPUT /api/projects/:id - Update projectDELETE /api/projects/:id - Delete projectGET /api/projects/:projectId/elements - List project files and foldersPOST /api/projects/:projectId/elements - Create file or folderGET /api/documents/:id - Get document contentPUT /api/documents/:id - Update documentGET /api/projects/:projectId/worldbuilding - List worldbuilding entriesPOST /api/projects/:projectId/worldbuilding - Create entryGET /api/worldbuilding/:id - Get entry detailsReal-time collaboration uses WebSocket connections:
wss://your-server/ws/:projectId
Connection authenticated via session cookie.
Yjs CRDT updates exchanged in binary format.The API implements rate limiting to prevent abuse. Default limits:
Rate limit configuration can be adjusted via environment variables.
The API returns standard HTTP status codes:
200 - Success201 - Resource created400 - Bad request (validation error)401 - Unauthorized (not logged in)403 - Forbidden (insufficient permissions)404 - Resource not found429 - Too many requests (rate limited)500 - Internal server errorGenerate type-safe API clients from the OpenAPI specification:
# TypeScript/Angular client (included in repo)
cd backend
bun run generate:angular-client
# Other languages via openapi-generator
npx @openapitools/openapi-generator-cli generate \
-i backend/openapi.json \
-g python \
-o ./python-client