Skip to main content

API Reference Documentation Update

Summary

Updated the API Reference documentation to reflect the real, implemented features from the ai2-core-app codebase. Removed all template content and replaced with production-ready API documentation.

Changes Made

1. Complete OpenAPI 3.1 Specification (openapi.json)

Created comprehensive OpenAPI specification with:

Authentication

  • POST /api/auth/register - User registration
  • POST /api/auth/login - User login with JWT
  • GET /api/auth/me - Get current user profile

Bank Transactions

  • GET /api/bank/transactions - List transactions with pagination and filtering
  • POST /api/bank/transactions - Create transaction manually
  • GET /api/bank/transactions/{id} - Get single transaction
  • PUT /api/bank/transactions/{id} - Update transaction
  • DELETE /api/bank/transactions/{id} - Delete transaction
  • POST /api/bank/upload - CSV import with AI categorization

Bills & Recurring Payments

  • GET /api/bills - List bills with filtering
  • POST /api/bills - Create bill
  • GET /api/bills/patterns - List recurring bill patterns
  • POST /api/bills/patterns - Create bill pattern with auto-occurrence generation

Expenses

  • GET /api/expenses - List expenses with tax deduction info
  • Full CRUD operations for expense management

AI Services

  • GET /api/ai/classify-transaction - AI-powered categorization with confidence scores
  • Intelligent tax deduction analysis
  • Pattern recognition and reasoning

Custom Rules & Automation

  • GET /api/custom-rules - List automation rules
  • POST /api/custom-rules - Create custom rule
  • POST /api/custom-rules/{id}/execute - Execute rule manually
  • Support for conditions (contains, equals, regex, etc.)
  • Actions (set category, tax flags, business %, etc.)

Categories

  • GET /api/categories - List categories with tax settings
  • POST /api/categories - Create category
  • PUT /api/categories/{id} - Update category
  • DELETE /api/categories/{id} - Delete category

Analytics & Reports

  • GET /api/analytics/summary - Financial summaries with trends
  • POST /api/export/ato - ATO-compliant tax export (CSV/PDF/XLSX)

Travel & Vehicles (ATO Compliance)

  • GET/POST /api/vehicles - Vehicle registration for logbook
  • GET/POST /api/trips - Business trip tracking
  • GET /api/search - AI-powered unified search across all entities

Subscription & Quotas

  • GET /api/subscription/status - User tier and usage quotas

2. Updated Introduction (introduction.mdx)

Replaced template content with:
  • Real authentication examples with JWT
  • Quick start guide with actual endpoints
  • API features showcase (6 core features)
  • Enterprise architecture concepts:
    • Multi-tenant with row-level security
    • Pagination standards
    • Rate limiting by tier
    • Consistent error handling
  • Advanced features:
    • Custom rules engine
    • GST/VAT calculations
    • AI-powered features
    • Access control & security
  • SDK examples (TypeScript, Python, cURL)
  • Performance guarantees (200ms p95, 100K+ concurrent users)

3. Removed Template Files

Deleted placeholder endpoints:
  • endpoint/create.mdx
  • endpoint/delete.mdx
  • endpoint/get.mdx
  • endpoint/webhook.mdx
  • Removed empty endpoint/ folder

4. Updated docs.json

  • Added "openapi": "/api-reference/openapi.json" to API Reference tab
  • Removed placeholder endpoint pages
  • Simplified navigation to just “Getting Started” group

Key Features Documented

Security & Authentication

✅ JWT Bearer token authentication
✅ Cookie-based session management
✅ CSRF protection
✅ Row-level security (RLS)
✅ NoSQL injection guards
✅ Audit logging

Enterprise Architecture

✅ Multi-tenant with data isolation
✅ 100K+ concurrent user support
✅ Advanced rate limiting (per tier)
✅ Request queue middleware
✅ Connection pool monitoring
✅ Memory optimization

AI & Intelligence

✅ Transaction categorization with confidence scores
✅ Tax deduction analysis
✅ Pattern recognition for recurring bills
✅ Intelligent search with NLP
✅ Custom rules engine

Financial Management

✅ CSV import with duplicate detection
✅ GST/VAT calculations (tax-inclusive/exclusive)
✅ Recurring bill patterns with auto-generation
✅ Travel expense tracking (ATO compliance)
✅ Category management with tax settings

Compliance & Reporting

✅ ATO-compliant export formats
✅ Tax deduction tracking
✅ Audit trail
✅ GDPR-compliant data handling

API Authentication

All endpoints (except /api/auth/register and /api/auth/login) require authentication via:
  1. Bearer Token (recommended for API clients) 
    Authorization: Bearer <JWT_TOKEN>
  2. Session Cookie (for web applications) 
    Cookie: ai2_sess=<SESSION_TOKEN>

Middleware Stack

Documented middleware applied to routes:
  • authenticateToken - JWT verification
  • withUserProvisioning - Auto-provision user in DB
  • enforceAccess - Role-based access control
  • requireSubscription - Tier-based feature gating
  • nosqlGuard - Injection protection
  • auditLogger - Activity logging
  • userLimiter - Rate limiting

Response Format

All endpoints return consistent JSON: Success: 
{
  "success": true,
  "data": { ... },
  "pagination": { ... }
}
Error: 
{
  "success": false,
  "error": "Error message",
  "code": "ERROR_CODE"
}

Next Steps

The API reference is now production-ready with:
  • ✅ Real endpoints from ai2-core-app
  • ✅ Accurate request/response schemas
  • ✅ Complete authentication documentation
  • ✅ Enterprise features highlighted
  • ✅ All template content removed

Testing the API

Use the OpenAPI spec with tools like:
  • Postman (import OpenAPI JSON)
  • Swagger UI
  • Insomnia
  • Bruno
OpenAPI spec location: docs/api-reference/openapi.json
Last Updated: October 17, 2025
Status: Complete ✅
Platform: AI2Fin | ai2fin.com