Documents
Document upload and management
Authentication
Requires session cookie (web app) or API key (x-api-key header). All endpoints are tenant-scoped via entityId.
Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/documents?entityId= | List documents |
| POST | /api/documents | Upload document |
| DELETE | /api/documents | Delete document |
List documents
GET /api/documents?entityId={entityId}
Returns an array of documents for the entity.
[
{
"id": "doc_abc123",
"filename": "invoice.pdf",
"mimeType": "application/pdf",
"size": 102400,
"createdAt": "2025-01-15T12:00:00Z"
}
]Upload document
POST /api/documents
Use multipart/form-data with entityId, file, and optional metadata (JSON string).
Delete document
DELETE /api/documents
Body: { "entityId", "documentId" }