API Overview

Source of truth:

• d3chat/backend/app/main.py
• d3chat/backend/app/routers/
• d3chat/backend/app/federation/
• d3chat/backend/app/websocket/router.py

Base REST URL: /api/v1

Interactive docs on a running server:

• /docs (Swagger UI)
• /redoc

Route Groups

• Auth Routes
• User Routes
• Device Routes
• Channel Routes
• Message Routes
• Key and Crypto Routes
• Admin Routes
• Attachment Routes (within Message Routes)
• System, Federation, and WebSocket

Authentication Model

• Bearer JWT in Authorization: Bearer <token> for protected REST endpoints.
• Obtain token via /auth/register or /auth/login.
• Refresh with /auth/refresh.
• For WebSocket, exchange JWT for one-time ticket via /auth/ws-ticket, then connect to /ws?ticket=....

Error Patterns

Common status codes:

• 400 bad request/validation
• 401 invalid or missing auth
• 403 role/permission/registration restriction
• 404 missing resource
• 409 conflict (duplicate membership/setting/user)
• 429 rate limit exceeded

Non-API Utility Endpoints

• GET /health
• GET /api/v1/config
• GET /.well-known/d3chat-server