docs/api/README.md

# API Documentation

## GraphQL API

The Phoenix Sankofa Cloud API is a GraphQL API built with Apollo Server.

### Endpoint

- Development: `http://localhost:4000/graphql`
- Production: `https://api.sankofa.cloud/graphql`

### Authentication

All queries and mutations (except `login`) require authentication via JWT token:

```http
Authorization: Bearer <token>
```

### Schema

See [schema.graphql](./schema.graphql) for the complete GraphQL schema.

### Queries

#### Get Resources

```graphql
query GetResources($filter: ResourceFilter) {
  resources(filter: $filter) {
    id
    name
    type
    status
    site {
      id
      name
    }
  }
}
```

#### Get Sites

```graphql
query GetSites {
  sites {
    id
    name
    region
    status
  }
}
```

#### Get Current User

```graphql
query GetMe {
  me {
    id
    email
    name
    role
  }
}
```

### Mutations

#### Login

```graphql
mutation Login($email: String!, $password: String!) {
  login(email: $email, password: $password) {
    token
    user {
      id
      email
      name
    }
  }
}
```

#### Create Resource

```graphql
mutation CreateResource($input: CreateResourceInput!) {
  createResource(input: $input) {
    id
    name
    type
    status
  }
}
```

### Error Handling

The API returns errors in the standard GraphQL error format:

```json
{
  "errors": [
    {
      "message": "Authentication required",
      "extensions": {
        "code": "UNAUTHENTICATED"
      }
    }
  ]
}
```

### Error Codes

- `UNAUTHENTICATED`: Authentication required
- `FORBIDDEN`: Insufficient permissions
- `NOT_FOUND`: Resource not found
- `VALIDATION_ERROR`: Input validation failed
- `SERVER_ERROR`: Internal server error

### Rate Limiting

- 100 requests per minute per IP
- 1000 requests per hour per authenticated user

### Examples

See [examples.md](./examples.md) for more usage examples.
Initial Phoenix Sankofa Cloud setup - Complete project structure with Next.js frontend - GraphQL API backend with Apollo Server - Portal application with NextAuth - Crossplane Proxmox provider - GitOps configurations - CI/CD pipelines - Testing infrastructure (Vitest, Jest, Go tests) - Error handling and monitoring - Security hardening - UI component library - Documentation 2025-11-28 12:54:33 -08:00			`# API Documentation`

			`## GraphQL API`

			`The Phoenix Sankofa Cloud API is a GraphQL API built with Apollo Server.`

			`### Endpoint`

			- Development: `http://localhost:4000/graphql`
			- Production: `https://api.sankofa.cloud/graphql`

			`### Authentication`

			All queries and mutations (except `login`) require authentication via JWT token:

			```http
			`Authorization: Bearer <token>`
			```

			`### Schema`

			`See [schema.graphql](./schema.graphql) for the complete GraphQL schema.`

			`### Queries`

			`#### Get Resources`

			```graphql
			`query GetResources($filter: ResourceFilter) {`
			`resources(filter: $filter) {`
			`id`
			`name`
			`type`
			`status`
			`site {`
			`id`
			`name`
			`}`
			`}`
			`}`
			```

			`#### Get Sites`

			```graphql
			`query GetSites {`
			`sites {`
			`id`
			`name`
			`region`
			`status`
			`}`
			`}`
			```

			`#### Get Current User`

			```graphql
			`query GetMe {`
			`me {`
			`id`
			`email`
			`name`
			`role`
			`}`
			`}`
			```

			`### Mutations`

			`#### Login`

			```graphql
			`mutation Login($email: String!, $password: String!) {`
			`login(email: $email, password: $password) {`
			`token`
			`user {`
			`id`
			`email`
			`name`
			`}`
			`}`
			`}`
			```

			`#### Create Resource`

			```graphql
			`mutation CreateResource($input: CreateResourceInput!) {`
			`createResource(input: $input) {`
			`id`
			`name`
			`type`
			`status`
			`}`
			`}`
			```

			`### Error Handling`

			`The API returns errors in the standard GraphQL error format:`

			```json
			`{`
			`"errors": [`
			`{`
			`"message": "Authentication required",`
			`"extensions": {`
			`"code": "UNAUTHENTICATED"`
			`}`
			`}`
			`]`
			`}`
			```

			`### Error Codes`

			- `UNAUTHENTICATED`: Authentication required
			- `FORBIDDEN`: Insufficient permissions
			- `NOT_FOUND`: Resource not found
			- `VALIDATION_ERROR`: Input validation failed
			- `SERVER_ERROR`: Internal server error

			`### Rate Limiting`

			`- 100 requests per minute per IP`
			`- 1000 requests per hour per authenticated user`

			`### Examples`

			`See [examples.md](./examples.md) for more usage examples.`