API Documentation

🔐 Authentication

POST /api/auth/login

Authenticate admin users and obtain access token

{
  "email": "admin@askbob.cool",
  "password": "your_password"
}

POST /api/customers/auth/login

Authenticate customer users (multi-tenant)

{
  "email": "customer@business.com",
  "password": "customer_password"
}

💬 Chat & Conversations

Three paths: (1) Public same-origin anonymous → POST /api/chat (e.g. marketing site widget; no login). (2) Cross-origin embed → POST /api/widget/chat with X-Widget-Key and allowed Origin. (3) Authenticated app / Mission Control → POST /api/chat/session and POST /api/chat/message (requires chat.manage and session/CSRF for cookie auth) — not for anonymous fetch from public pages.

1) Public anonymous (same-origin)

POST /api/chat

Unified pipeline for visitors on your own domain without signing in. Body includes message, session_id, optional business_id.

2) Cross-origin widget

POST /api/widget/chat

Embeds on customer sites. Headers: X-Widget-Key, Content-Type: application/json. Origin must be allowed for the key. See REQUEST_FLOWS (repo) for CORS details.

3) Authenticated session / admin UI only

POST /api/chat/session

Create session when logged into Mission Control or dashboard (RBAC + CSRF for cookies).

POST /api/chat/message

Send a message from authenticated admin/chat UI (chat.manage). Returns 401 if called anonymously from a public page — use POST /api/chat for that case instead.

{
  "session_id": "session_123",
  "message": "Hello, I need help with my order"
}

GET /api/chat/history/:session_id

Retrieve chat conversation history (authenticated)

📊 Analytics & Monitoring

GET /api/analytics/overview

Get system analytics overview

GET /api/health

Check system health status

GET /api/metrics/business

Get business-specific metrics

🏢 Multi-Tenant Customer Management

GET /api/customers/dashboard/:businessId

Get customer dashboard data for specific business

GET /api/customers/analytics/:businessId

Get business analytics for specific customer

GET /api/customers/integration/:businessId/status

Check integration status for business

🎯 UnityXpressions Pilot

GET /api/unityxpressions/dashboard

UnityXpressions pilot dashboard data

GET /api/pilot/metrics/realtime

Real-time pilot performance metrics

GET /api/pilot/feedback/recent

Recent customer feedback from pilot

🎓 Training & Learning

POST /api/training/unityxpressions/analyze

Analyze UnityXpressions business for training

POST /api/training/unityxpressions/quick-setup

Quick setup training for UnityXpressions

GET /api/learning/health

Learning engine health status

🛠️ Integration Examples

Use the block that matches your scenario. Do not copy the admin example into anonymous marketing HTML.

Public same-origin (anonymous)

const response = await fetch('/api/chat', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    session_id: sessionId,
    message: userMessage,
    business_id: 'your-tenant-business-id'
  })
});
const data = await response.json();

Cross-origin widget

const response = await fetch('https://office16852.com/api/widget/chat', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'X-Widget-Key': 'pk_live_...',
    'Origin': 'https://your-customer-site.com'
  },
  body: JSON.stringify({ session_id: sessionId, message: userMessage })
});

Authenticated admin only (Bearer)

// JavaScript — requires logged-in admin / Mission Control (Bearer)
const response = await fetch('/api/chat/message', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer ' + token
  },
  body: JSON.stringify({
    session_id: sessionId,
    message: userMessage
  })
});
const data = await response.json();

// Python — authenticated only
import requests
response = requests.post(
    'https://your-api-host/api/chat/message',
    headers={
        'Content-Type': 'application/json',
        'Authorization': f'Bearer {token}'
    },
    json={ 'session_id': session_id, 'message': user_message }
)

Ask Bob Documentation