Skip to content

API Overview

OpenSESA routes are primarily server-rendered Django views, with selected API-style endpoints for dynamic UI interactions.

API Surfaces

  • Route-based CRUD endpoints in each domain module.
  • Targeted API endpoints for client-side data loading.

API Conventions

  • Apply project-scoped permission checks before data access.
  • Prefer explicit validation errors over generic failure responses.
  • Keep mutation endpoints auditable with clear result messaging.
  • Treat exports as generated artifacts, not source-of-truth updates.
  1. Authentication and Permissions
  2. Error and Response Model
  3. API and Route Catalog
  4. API and Route Examples

Request Lifecycle

sequenceDiagram
    participant U as User
    participant R as Router
    participant V as View
    participant M as Model
    U->>R: HTTP request
    R->>V: route match
    V->>M: query/update
    M-->>V: result
    V-->>U: HTML or JSON response

Authentication

Most endpoints require authenticated access and project-aware permissions.

Collapsed integration advice

For automation and integrations, prefer stable route groups and validate permissions explicitly before relying on mutation endpoints.

Stability guidance

Integrations should pin expected route behavior to release versions and include fallback handling for validation or permission failures.