Collaboration
Documents
Document upload and management
Authentication
Authenticate with Authorization: Bearer ak_... — see API keys. Entity-scoped routes use entityId in the query, JSON body, or x-entity-id header; a mismatched entityId returns 403.
REST reference
Full operation list, request bodies, and scopes (read:documents / write:documents) are in Documents (REST) (generated from OpenAPI).
Common endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/documents | List documents (optional linkableType + linkableId) |
| POST | /api/documents | Multipart upload, or JSON link/unlink |
| DELETE | /api/documents | Hard-delete document (body: documentId) |
| GET | /api/documents/{documentId}/file | Download or inline file |
List documents
GET /api/documents?entityId={entityId}
Returns an array of documents for the entity.
Upload document
POST /api/documents
Use multipart/form-data with file, and optional tags (JSON string). Or use POST /api/documents/upload with description / folderId.
Delete document
DELETE /api/documents
Body: { "documentId" } — permanently removes storage and the row. Use DELETE /api/documents/{documentId} for soft-delete (status: deleted).