> ## Documentation Index
> Fetch the complete documentation index at: https://tonic-ai.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# API Overview

> Complete API reference for CreditNexus

## API Overview

CreditNexus provides a comprehensive REST API for all platform functionality. All endpoints are CDM-compliant and include policy enforcement, audit logging, and error handling.

**Base URL**: `http://localhost:8000` (development) or your production URL\
**API Version**: v1\
**Authentication**: JWT Bearer tokens

***

## Authentication

All API endpoints (except public health checks) require authentication via JWT Bearer tokens.

**Header Format**:

```
Authorization: Bearer <jwt_token>
```

**Code Reference**: `app/auth/jwt_auth.py`

***

## API Route Files

CreditNexus includes 32+ API route files covering all functionality:

### Core Routes

* **`routes.py`**: Main API routes (documents, extraction, health checks, chatbot)
* **`config_routes.py`**: Configuration management
* **`websocket_routes.py`**: WebSocket connections for real-time updates

### Trading & Market Data Routes

* **`trading_routes.py`**: Trade execution, orders, portfolio management
* **`stock_prediction_routes.py`**: Stock prediction (daily/hourly/15min), backtesting, market status
* **`portfolio_routes.py`**: Portfolio management and analytics
* **`banking_routes.py`**: Banking operations and account management

### Financial Product Routes

* **`securitization_routes.py`**: Securitization workflow endpoints
* **`polymarket_routes.py`**: Polymarket-style prediction markets for SFPs
* **`polymarket_surveillance_routes.py`**: Market surveillance and alerts
* **`cross_chain_routes.py`**: Cross-chain bridging and outcome token minting
* **`asset_routes.py`**: Asset management

### Compliance & Risk Routes

* **`recovery_routes.py`**: Loan recovery and default management
* **`auditor_routes.py`**: Audit report generation and CDM event exploration
* **`gdpr_routes.py`**: GDPR compliance endpoints (data export, deletion)
* **`green_finance_routes.py`**: Green finance and ESG metrics
* **`credit_risk_routes.py`**: Credit risk analysis and scoring
* **`policy_editor_routes.py`**: Policy rule management
* **`policy_template_routes.py`**: Policy template management

### Organization & User Management Routes

* **`organization_routes.py`**: Organization management
* **`subscription_routes.py`**: Subscription and entitlement management
* **`whitelist_routes.py`**: Whitelist profile management
* **`remote_profile_routes.py`**: Remote profile management

### Workflow & Sharing Routes

* **`workflow_delegation_routes.py`**: Workflow delegation and sharing
* **`nexus_routes.py`**: .nexus file format operations
* **`p2p_routes.py`**: Peer-to-peer file sharing
* **`remote_routes.py`**: Remote API for verification links

### Integration Routes

* **`twilio_routes.py`**: Twilio SMS and voice webhooks
* **`fdc3_routes.py`**: FDC3 app directory and interoperability
* **`layer_routes.py`**: Geospatial layer management
* **`implementation_routes.py`**: Implementation management
* **`review_routes.py`**: Review and approval workflows

### Analytics & Metrics Routes

* **`analytics_routes.py`**: Analytics and reporting (via routes.py)
* **`metrics_routes.py`**: System metrics and monitoring

### Specialized Routes

* **`challenge_coin_routes.py`**: Challenge coin NFT operations
* **`bridge_builder_routes.py`**: Bridge builder functionality

***

## Response Format

### Success Response

```json theme={null}
{
  "status": "success",
  "data": {...},
  "cdm_events": [...]
}
```

### Error Response

```json theme={null}
{
  "detail": "Error message",
  "status_code": 400,
  "cdm_events": [...]
}
```

***

## CDM Event Integration

All state-changing operations generate CDM events:

* **Policy Decisions**: PolicyEvaluation events
* **Trade Executions**: TradeExecution events
* **Recovery Actions**: Observation events
* **Securitization**: SecuritizationCreation events

**Code Reference**: `app/models/cdm_events.py`

***

## Pagination

List endpoints support pagination:

**Query Parameters**:

* `page`: Page number (default: 1)
* `limit`: Items per page (default: 20, max: 100)

**Response**:

```json theme={null}
{
  "items": [...],
  "total": 100,
  "page": 1,
  "limit": 20,
  "pages": 5
}
```

***

## Rate Limiting

API endpoints are rate-limited to prevent abuse:

* **Default**: 100 requests per minute per user
* **Burst**: 200 requests per minute

Rate limit headers:

```
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1633024800
```

***

## Error Codes

| Status Code | Description              |
| ----------- | ------------------------ |
| 200         | Success                  |
| 201         | Created                  |
| 400         | Bad Request              |
| 401         | Unauthorized             |
| 403         | Forbidden (Policy Block) |
| 404         | Not Found                |
| 402         | Payment Required (x402)  |
| 422         | Validation Error         |
| 500         | Internal Server Error    |

***

## Additional Resources

* [Authentication API](/api-reference/authentication)
* [Documents API](/api-reference/documents)
* [Securitization API](/api-reference/securitization)
* [Auditor API](/api-reference/auditor)
* [GDPR API](/api-reference/gdpr)
* [Payments API](/api-reference/payments)
* [Signatures API](/api-reference/signatures)

***

**Last Updated**: 2026-01-14\
**Code Reference**: `app/api/` directory
