{"openapi":"3.1.0","info":{"title":"Page4 API","version":"1.0.0"},"paths":{"/v1/pages":{"get":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List pages"},"post":{"parameters":[{"description":"Optional 24h idempotency key for mutating agent calls. Replays completed responses and rejects concurrent pending requests.","in":"header","name":"Idempotency-Key","required":false,"schema":{"maxLength":200,"type":"string"}}],"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a page draft or publish in one call from Markdown, CSV, JSON, or PageSpec"}},"/v1/pages/{id}":{"delete":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Soft delete a page"},"get":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Get a page"},"patch":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Update page metadata"}},"/v1/pages/{id}/comments":{"get":{"description":"Dashboard session or Bearer API key with pages:read scope. Lists page collaboration comments for the current workspace.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List page comments"},"post":{"description":"Dashboard session or Bearer API key with pages:comment scope. Adds a bounded comment to a page or specific version.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a page comment"}},"/v1/pages/{id}/comments/{commentId}":{"patch":{"description":"Dashboard session or Bearer API key with pages:comment scope. Reopens or resolves a page comment.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Update a page comment"}},"/v1/pages/{id}/publish":{"post":{"parameters":[{"description":"Optional 24h idempotency key for mutating agent calls. Replays completed responses and rejects concurrent pending requests.","in":"header","name":"Idempotency-Key","required":false,"schema":{"maxLength":200,"type":"string"}}],"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Publish Markdown, CSV, JSON, or PageSpec to a safe HTML deployment"}},"/v1/pages/{id}/review-requests":{"get":{"description":"Dashboard session or Bearer API key with pages:read scope. Lists review requests for a page.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List page review requests"},"post":{"description":"Dashboard session or Bearer API key with pages:comment scope. Opens a review request for a page or specific version.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a page review request"}},"/v1/pages/{id}/review-requests/{requestId}":{"patch":{"description":"Dashboard session or Bearer API key with pages:comment scope. Records an approved, changes_requested, or closed review decision.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Update a page review request"}},"/v1/pages/{id}/rollback":{"post":{"parameters":[{"description":"Optional 24h idempotency key for mutating agent calls. Replays completed responses and rejects concurrent pending requests.","in":"header","name":"Idempotency-Key","required":false,"schema":{"maxLength":200,"type":"string"}}],"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a new deployment pointing at a previous version"}},"/v1/pagespec/validate":{"post":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Dry-run PageSpec, Markdown, CSV, or JSON validation and sanitization"}},"/v1/pagespec/enrich":{"post":{"description":"Phase 3 deterministic fallback for SEO title/description, summary, and FAQ suggestions. Translation returns requires_ai_gateway until provider-backed translation is enabled.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Suggest SEO, summary, and FAQ metadata for a page draft"}},"/v1/api-keys":{"get":{"description":"Dashboard session only. Bearer API keys cannot manage keys.","security":[{"dashboardSession":[]}],"summary":"List personal API keys"},"post":{"description":"Dashboard session only. Scopes must come from the Page4 allowlist; wildcard scopes are rejected.","security":[{"dashboardSession":[]}],"summary":"Create a personal API key"}},"/v1/api-keys/{id}":{"delete":{"description":"Dashboard session only. Bearer API keys cannot revoke keys.","security":[{"dashboardSession":[]}],"summary":"Revoke a personal API key"}},"/v1/billing/checkout":{"post":{"description":"Dashboard session only. Creates a Stripe-hosted Checkout Session for the selected subscription plan.","security":[{"dashboardSession":[]}],"summary":"Create a Stripe subscription Checkout Session"}},"/v1/billing/portal":{"post":{"description":"Dashboard session only. Creates a Stripe Customer Portal session for the workspace billing customer.","security":[{"dashboardSession":[]}],"summary":"Create a Stripe Customer Portal session"}},"/v1/domains":{"get":{"description":"Dashboard session only. Lists custom hostnames linked to the current workspace.","security":[{"dashboardSession":[]}],"summary":"List workspace custom domains"},"post":{"description":"Dashboard session only. Creates a Cloudflare for SaaS Custom Hostname and records DNS setup state.","security":[{"dashboardSession":[]}],"summary":"Create a workspace custom domain"}},"/v1/openapi.json":{"get":{"summary":"OpenAPI 3.1 document"}},"/v1/runtime/deployments":{"get":{"description":"Dashboard session or Bearer API key with runtime:request scope. Lists isolated runtime deployment requests for the current workspace.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List isolated runtime deployment requests"},"post":{"description":"Phase 6 request-only endpoint. Requires a paid workspace plan and an existing page version, validates no-egress or hostname allowlist sandbox policy with CPU/memory/storage/time quotas, then records a review_required runtime request without executing user code.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Request an isolated runtime deployment"}},"/v1/templates":{"get":{"description":"Dashboard session or Bearer API key with templates:manage scope. Lists template listings owned by the current workspace.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List workspace template listings"},"post":{"description":"Creates a free draft or review_required template listing from a valid PageSpec snapshot. Marketplace commerce and purchases are not enabled in this endpoint.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a workspace template listing"}},"/v1/webhooks":{"get":{"description":"Dashboard session or Bearer API key with webhooks:manage scope. Lists webhook endpoints for the current workspace.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List workspace webhook endpoints"},"post":{"description":"Registers a HTTPS webhook endpoint for supported events and returns the signing secret once. Delivery is queued through the webhook outbox.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a workspace webhook endpoint"}},"/v1/webhooks/{id}":{"delete":{"description":"Dashboard session or Bearer API key with webhooks:manage scope. Disables an active webhook endpoint.","security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Disable a workspace webhook endpoint"}},"/v1/stripe/webhook":{"post":{"description":"Stripe webhook endpoint. Verifies Stripe-Signature before syncing workspace subscription state.","summary":"Receive Stripe billing webhooks"}},"/v1/workspace/members":{"get":{"description":"Dashboard session only. Lists members in the current workspace.","security":[{"dashboardSession":[]}],"summary":"List workspace members"},"post":{"description":"Dashboard session only. Workspace owners/admins can add existing Page4 users to the workspace; only owners can assign admin roles.","security":[{"dashboardSession":[]}],"summary":"Add an existing user to the workspace"}},"/v1/workspace/members/{userId}":{"delete":{"description":"Dashboard session only. Workspace owners/admins can remove non-owner members; members cannot remove themselves.","security":[{"dashboardSession":[]}],"summary":"Remove a workspace member"},"patch":{"description":"Dashboard session only. Workspace owners/admins can update non-owner member roles; only owners can assign admin roles.","security":[{"dashboardSession":[]}],"summary":"Update a workspace member role"}},"/report":{"get":{"summary":"Report form"},"post":{"description":"Public abuse report endpoint. The slug must resolve to a known deployment and is lightly rate limited.","summary":"Submit an abuse report"}}},"components":{"schemas":{"ErrorResponse":{"properties":{"error":{"properties":{"code":{"type":"string"},"message":{"type":"string"}},"required":["code","message"],"type":"object"}},"required":["error"],"type":"object"}},"securitySchemes":{"bearerApiKey":{"scheme":"bearer","type":"http"},"dashboardSession":{"description":"Host-only HttpOnly cookie for app.page4.you. State-changing session requests enforce Origin / Sec-Fetch-Site CSRF checks.","in":"cookie","name":"p4_session","type":"apiKey"}}},"security":[{"bearerApiKey":[]},{"dashboardSession":[]}]}