Aller au contenu principal

API Specification

REST API Specification​

openapi: 3.0.0
info:
  title: EMTB Tax Claim Management API
  version: 1.0.0
  description: Role-based API for multi-tenant tax claim management with comprehensive authorization
servers:
  - url: https://emtb-api.onrender.com
    description: Production API Server
  - url: http://localhost:3001
    description: Local Development Server

components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: JWT token with role and client_access claims

  schemas:
    User:
      type: object
      properties:
        id:
          type: string
        email:
          type: string
        name:
          type: string
        role:
          type: string
          enum: [ADMIN, ACCOUNT_MANAGER, TAX_SPECIALIST, CLIENT]
        client_access:
          type: array
          items:
            type: string
          description: Array of client IDs this user can access

    ApiError:
      type: object
      properties:
        error:
          type: object
          properties:
            code:
              type: string
            message:
              type: string
            details:
              type: object
            timestamp:
              type: string
              format: date-time
            requestId:
              type: string

security:
  - BearerAuth: []

paths:
  # Client Management (Role-based access)
  /api/clients:
    get:
      summary: List accessible clients
      security:
        - BearerAuth: []
      x-required-roles: [ADMIN, ACCOUNT_MANAGER, TAX_SPECIALIST, CLIENT]
      x-tenant-filter: client_access
      description: Returns only clients the user has access to based on role and client_access array
      responses:
        "200":
          description: List of accessible clients
        "403":
          description: Insufficient permissions

  /api/clients/{clientId}:
    get:
      summary: Get client details
      security:
        - BearerAuth: []
      x-required-roles: [ADMIN, ACCOUNT_MANAGER, TAX_SPECIALIST, CLIENT]
      x-tenant-filter: client_access
      parameters:
        - name: clientId
          in: path
          required: true
          schema:
            type: string
      responses:
        "200":
          description: Client details
        "403":
          description: No access to this client

  # Tax Claims (Reclamations) - Tenant isolated
  /api/clients/{clientId}/reclamations:
    get:
      summary: List tax claims for client
      security:
        - BearerAuth: []
      x-required-roles: [ADMIN, ACCOUNT_MANAGER, TAX_SPECIALIST, CLIENT]
      x-tenant-filter: client_access
      parameters:
        - name: clientId
          in: path
          required: true
          schema:
            type: string
      responses:
        "200":
          description: List of tax claims for accessible client
        "403":
          description: No access to this client's data