Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.userepo.com/llms.txt

Use this file to discover all available pages before exploring further.

Base URL

EnvironmentURL
Productionhttps://api.userepo.com
Local devhttp://localhost:4000

Authentication

All /v1/* requests (except OAuth callbacks and webhooks) require a bearer token: 
Authorization: Bearer repo_your_key
See Authentication for full details on minting and scoping keys.

Two endpoint surfaces

Repo exposes two parallel route surfaces:
  • Agent API (/v1/*) — authenticated by repo_ API keys. This is what your agent code calls.
  • Console API (/v1/console/*) — authenticated by Supabase Auth bearer tokens. This is what the browser console calls. Documented in [the Console section] (coming soon) — most agent integrations should ignore it.
This reference documents the Agent API. If you’re building a script or an admin tool that needs human-style access (creating organizations, listing audit events for compliance), use the agent API with an admin-scoped key instead.

Endpoints at a glance

POST /v1/search

Vector search across your org’s memory. Returns ranked hits.

POST /v1/context

Search + Context Contract with citations, exclusions, and limitations.

POST /v1/ask

Grounded answer generation. Citations included.

GET /v1/memory-canvas

Graph view of entities, relationships, and sources.

GET/POST/DELETE /v1/api-keys

Mint, list, and revoke API keys (admin only).

GET /v1/sources

List connectors and their health.

GET/POST /v1/sync-runs

View sync history; trigger manual syncs.

POST /v1/ingest

Push documents directly without a connector.

GET /v1/audit-events

Pull the audit trail for compliance review.

Conventions

  • Request body: JSON. Always include Content-Type: application/json.
  • Response body: JSON. UTF-8.
  • Timestamps: ISO 8601 UTC, e.g. 2026-05-30T20:14:00.123Z.
  • IDs: UUIDv4 unless otherwise noted.
  • Pagination: cursor-based on endpoints that need it (none yet require it heavily). When introduced, the pattern will be ?cursor=...&limit=... with a nextCursor in the response.

Errors

See Errors for the full status code catalog. The short version:
CodeMeaning
200OK
201Created
400Bad request (validation, missing params, malformed state)
401Missing or invalid bearer token
402Subscription required (no active plan)
403Authenticated but lacking the required scope or role
404Resource not found
409Conflict (e.g. trying to revoke the key making the request)
429Rate limit or credit budget exceeded
500Server error
502Upstream OAuth or provider error
503Service not configured (e.g. Stripe missing in dev)
Error bodies are JSON: { "error": "human-readable message" } plus optional structured fields.