# API Documentation

## Base URL

```
http://localhost:3000/api/v1
```

## Authentication

Currently, authentication is not implemented. In production, use OAuth2/JWT tokens.

## Endpoints

### Health Checks

#### GET /health

Get comprehensive health status.

**Response:**
```json
{
  "status": "healthy",
  "timestamp": "2026-01-23T10:00:00.000Z",
  "version": "1.0.0",
  "services": {
    "database": "up",
    "fxRates": "up",
    "rulesEngine": "up"
  },
  "metrics": {
    "uptime": 3600,
    "memoryUsage": { ... }
  }
}
```

#### GET /health/ready

Readiness check - is the service ready to accept traffic?

**Response:**
```json
{
  "ready": true,
  "timestamp": "2026-01-23T10:00:00.000Z"
}
```

#### GET /health/live

Liveness check - is the service alive?

**Response:**
```json
{
  "alive": true,
  "timestamp": "2026-01-23T10:00:00.000Z"
}
```

### Transactions

#### POST /transactions/evaluate

Evaluate a transaction against regulatory rules.

**Request Body:**
```json
{
  "id": "TXN-123",
  "direction": "outbound",
  "amount": 15000,
  "currency": "USD",
  "orderingCustomer": {
    "name": "Test Company",
    "taxId": "11222333000181",
    "country": "BR"
  },
  "beneficiary": {
    "name": "John Doe",
    "taxId": "12345678909",
    "country": "BR",
    "accountNumber": "12345-6"
  },
  "purposeOfPayment": "Payment for services"
}
```

**Response:**
```json
{
  "success": true,
  "data": {
    "transactionId": "TXN-123",
    "timestamp": "2026-01-23T10:00:00.000Z",
    "ruleSetVersion": "1.0.0",
    "overallDecision": "Allow",
    "overallSeverity": "Info",
    "thresholdCheck": {
      "usdEquivalent": 15000,
      "requiresReporting": true
    },
    "documentationCheck": {
      "passed": true,
      "errors": []
    },
    "rules": []
  }
}
```

#### GET /transactions/:id

Get transaction by ID.

**Status:** Not implemented (requires database)

#### GET /transactions

List transactions with pagination.

**Status:** Not implemented (requires database)

## Error Responses

All errors follow this format:

```json
{
  "success": false,
  "error": "Error message"
}
```

**Status Codes:**
- `200` - Success
- `400` - Bad Request
- `404` - Not Found
- `500` - Internal Server Error
- `501` - Not Implemented
- `503` - Service Unavailable

## Rate Limiting

Rate limiting is not currently implemented. In production, implement rate limiting to prevent abuse.

## CORS

CORS is enabled for all origins in development. In production, configure allowed origins.