Skip to content

Latest commit

 

History

History
766 lines (653 loc) · 10.8 KB

API.md

File metadata and controls

766 lines (653 loc) · 10.8 KB

Continuo API Documentation

Overview

The Continuo API is built with GraphQL using Apollo Server, providing a flexible and efficient way to interact with the platform's data. This documentation covers all available queries, mutations, and types.

Base URL

Authentication

The API uses JWT (JSON Web Tokens) for authentication. Include the token in the Authorization header:

Authorization: Bearer <your-jwt-token>

GraphQL Playground

In development mode, you can access the GraphQL Playground at the same URL to explore the API interactively.

Core Types

User

type User {
  id: ID!
  email: String!
  firstName: String!
  lastName: String!
  fullName: String!
  role: UserRole!
  status: UserStatus!
  avatar: String
  phone: String
  companyId: String!
  company: Company!
  lastLoginAt: DateTime
  emailVerifiedAt: DateTime
  createdAt: DateTime!
  updatedAt: DateTime!
}

Company

type Company {
  id: ID!
  name: String!
  slug: String!
  email: String
  phone: String
  website: String
  address: String
  city: String
  state: String
  zipCode: String
  country: String
  industry: String
  description: String
  logo: String
  status: CompanyStatus!
  plan: SubscriptionPlan!
  planStartedAt: DateTime
  planExpiresAt: DateTime
  users: [User!]!
  userCount: Int!
  createdAt: DateTime!
  updatedAt: DateTime!
}

Enums

enum UserRole {
  OWNER
  ADMIN
  MANAGER
  EMPLOYEE
  VIEWER
}

enum UserStatus {
  ACTIVE
  INACTIVE
  PENDING
  SUSPENDED
}

enum CompanyStatus {
  TRIAL
  ACTIVE
  SUSPENDED
  CANCELLED
}

enum SubscriptionPlan {
  FREE
  STARTER
  PROFESSIONAL
  ENTERPRISE
}

Queries

Authentication Queries

Get Current User

query Me {
  me {
    id
    email
    firstName
    lastName
    fullName
    role
    status
    avatar
    phone
    companyId
    company {
      id
      name
      slug
      plan
      status
    }
    lastLoginAt
    emailVerifiedAt
    createdAt
  }
}

Verify Email

query VerifyEmail($token: String!) {
  verifyEmail(token: $token)
}

User Queries

Get Company Users

query GetUsers($companyId: String!) {
  users(companyId: $companyId) {
    id
    email
    firstName
    lastName
    fullName
    role
    status
    avatar
    phone
    lastLoginAt
    emailVerifiedAt
    createdAt
  }
}

Get Specific User

query GetUser($id: ID!) {
  user(id: $id) {
    id
    email
    firstName
    lastName
    fullName
    role
    status
    avatar
    phone
    companyId
    lastLoginAt
    emailVerifiedAt
    createdAt
    updatedAt
  }
}

Company Queries

Get My Company

query GetMyCompany {
  myCompany {
    id
    name
    slug
    email
    phone
    website
    address
    city
    state
    zipCode
    country
    industry
    description
    logo
    status
    plan
    planStartedAt
    planExpiresAt
    userCount
    createdAt
    updatedAt
  }
}

Get Specific Company

query GetCompany($id: ID!) {
  company(id: $id) {
    id
    name
    slug
    email
    phone
    website
    address
    city
    state
    zipCode
    country
    industry
    description
    logo
    status
    plan
    planStartedAt
    planExpiresAt
    users {
      id
      firstName
      lastName
      email
      role
      status
    }
    userCount
    createdAt
    updatedAt
  }
}

Mutations

Authentication Mutations

Register User

mutation Register($input: RegisterInput!) {
  register(input: $input) {
    token
    user {
      id
      email
      firstName
      lastName
      fullName
      role
      status
      companyId
      company {
        id
        name
        slug
        plan
        status
      }
    }
    company {
      id
      name
      slug
      plan
      status
    }
  }
}

Input Type:

input RegisterInput {
  email: String!
  firstName: String!
  lastName: String!
  password: String!
  companyName: String!
  phone: String
}

Login User

mutation Login($input: LoginInput!) {
  login(input: $input) {
    token
    user {
      id
      email
      firstName
      lastName
      fullName
      role
      status
      companyId
      company {
        id
        name
        slug
        plan
        status
      }
    }
    company {
      id
      name
      slug
      plan
      status
    }
  }
}

Input Type:

input LoginInput {
  email: String!
  password: String!
}

Logout

mutation Logout {
  logout
}

Forgot Password

mutation ForgotPassword($email: String!) {
  forgotPassword(email: $email)
}

Reset Password

mutation ResetPassword($input: ResetPasswordInput!) {
  resetPassword(input: $input)
}

Input Type:

input ResetPasswordInput {
  token: String!
  password: String!
}

Change Password

mutation ChangePassword($input: ChangePasswordInput!) {
  changePassword(input: $input)
}

Input Type:

input ChangePasswordInput {
  currentPassword: String!
  newPassword: String!
}

Resend Verification Email

mutation ResendVerificationEmail {
  resendVerificationEmail
}

User Mutations

Update User

mutation UpdateUser($id: ID!, $input: UpdateUserInput!) {
  updateUser(id: $id, input: $input) {
    id
    email
    firstName
    lastName
    fullName
    role
    status
    avatar
    phone
    companyId
    updatedAt
  }
}

Input Type:

input UpdateUserInput {
  firstName: String
  lastName: String
  phone: String
  avatar: String
}

Delete User

mutation DeleteUser($id: ID!) {
  deleteUser(id: $id)
}

Invite User

mutation InviteUser($input: InviteUserInput!) {
  inviteUser(input: $input) {
    id
    email
    firstName
    lastName
    fullName
    role
    status
    phone
    createdAt
  }
}

Input Type:

input InviteUserInput {
  email: String!
  firstName: String!
  lastName: String!
  role: UserRole!
  phone: String
}

Update User Role

mutation UpdateUserRole($id: ID!, $role: UserRole!) {
  updateUserRole(id: $id, role: $role) {
    id
    role
    updatedAt
  }
}

Update User Status

mutation UpdateUserStatus($id: ID!, $status: UserStatus!) {
  updateUserStatus(id: $id, status: $status) {
    id
    status
    updatedAt
  }
}

Company Mutations

Update Company

mutation UpdateCompany($input: UpdateCompanyInput!) {
  updateCompany(input: $input) {
    id
    name
    email
    phone
    website
    address
    city
    state
    zipCode
    country
    industry
    description
    logo
    updatedAt
  }
}

Input Type:

input UpdateCompanyInput {
  name: String
  email: String
  phone: String
  website: String
  address: String
  city: String
  state: String
  zipCode: String
  country: String
  industry: String
  description: String
  logo: String
}

Update Subscription

mutation UpdateSubscription($plan: SubscriptionPlan!) {
  updateSubscription(plan: $plan) {
    id
    plan
    planStartedAt
    planExpiresAt
    status
    updatedAt
  }
}

Error Handling

The API returns GraphQL errors with the following structure:

{
  "errors": [
    {
      "message": "Error description",
      "locations": [{"line": 1, "column": 10}],
      "path": ["fieldName"],
      "extensions": {
        "code": "ERROR_CODE"
      }
    }
  ]
}

Common Error Codes

  • GRAPHQL_VALIDATION_FAILED: Invalid GraphQL query
  • UNAUTHENTICATED: Authentication required
  • FORBIDDEN: Insufficient permissions
  • BAD_USER_INPUT: Invalid input data
  • INTERNAL_SERVER_ERROR: Server error

Rate Limiting

The API implements rate limiting to prevent abuse:

  • Default: 100 requests per 15 minutes per IP
  • Authentication endpoints: 10 requests per 15 minutes per IP
  • GraphQL queries: 100 requests per 15 minutes per IP

Pagination

For queries that return lists, pagination is supported:

query GetUsers($companyId: String!, $first: Int, $after: String) {
  users(companyId: $companyId, first: $first, after: $after) {
    edges {
      node {
        id
        email
        firstName
        lastName
      }
      cursor
    }
    pageInfo {
      hasNextPage
      hasPreviousPage
      startCursor
      endCursor
    }
  }
}

WebSocket Subscriptions

Real-time features are planned for future sprints. The WebSocket endpoint will be available at:

  • Development: ws://localhost:4000/graphql
  • Production: wss://api.continuo.pro/graphql

Health Check

Check API health at:

GET /health

Response:

{
  "status": "healthy",
  "timestamp": "2025-07-19T02:35:23.561Z",
  "version": "0.1.0"
}

Examples

Complete Authentication Flow

// 1. Register a new user
const registerResponse = await fetch('/graphql', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    query: `
      mutation Register($input: RegisterInput!) {
        register(input: $input) {
          token
          user { id email firstName lastName }
          company { id name }
        }
      }
    `,
    variables: {
      input: {
        email: 'john@example.com',
        firstName: 'John',
        lastName: 'Doe',
        password: 'SecurePass123!',
        companyName: 'Example Corp'
      }
    }
  })
});

// 2. Login
const loginResponse = await fetch('/graphql', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    query: `
      mutation Login($input: LoginInput!) {
        login(input: $input) {
          token
          user { id email firstName lastName }
        }
      }
    `,
    variables: {
      input: {
        email: 'john@example.com',
        password: 'SecurePass123!'
      }
    }
  })
});

// 3. Get user data with token
const userResponse = await fetch('/graphql', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Bearer ${token}`
  },
  body: JSON.stringify({
    query: `
      query Me {
        me {
          id
          email
          firstName
          lastName
          company { name plan status }
        }
      }
    `
  })
});

SDKs and Libraries

JavaScript/TypeScript

npm install @apollo/client graphql

React

npm install @apollo/client graphql

Python

pip install gql[requests]

Ruby

gem install graphql-client

Support

For API support:

Last updated: July 19, 2025