API reference (v1)

JSON REST API. Base URL: /api/v1/. Bearer-token authentication for authenticated endpoints. Rate-limited at 60/min/user-or-IP.

Download the OpenAPI 3 spec → — drop it into Stoplight, Postman, or Swagger UI.

Authentication

POST /auth/register — { name, email, password, device?, platform? } → { user, token, expires_at }
POST /auth/login — { email, password, device?, platform? }
POST /auth/logout — requires Authorization: Bearer <token>

Public content (no auth)

Method	Path	Notes
GET	/countries	q, region, status, per_page, page
GET	/countries/{slug}	returns country + regulations + articles
GET	/industries	q, risk
GET	/industries/{slug}	returns industry + regulations
GET	/topics
GET	/topics/{slug}	returns topic + regulations
GET	/regulations	q, country, industry, topic, status
GET	/regulations/{slug}	returns regulation detail
GET	/articles	q, type, topic
GET	/articles/{slug}	returns article + body
GET	/glossary	q
GET	/glossary/{slug}
GET	/search?q=	cross-collection

Authenticated

Method	Path	Notes
GET	/me	current user
PATCH	/me	partial update of profile and preferences
DELETE	/me	GDPR account deletion (requires confirm: "DELETE")
GET	/watchlist
POST	/watchlist	type, id, notify_email?, notify_push?
DELETE	/watchlist/{id}
GET	/alerts
POST	/alerts/{id}/read
POST	/alerts/read-all
GET	/saved-searches
POST	/saved-searches	label, query, scope, filters
DELETE	/saved-searches/{id}

Response envelope

List endpoints return { data, links, meta }; single-resource endpoints return the resource directly. Errors use standard HTTP codes with { message, errors? }.

Example — fetch a country

GET /api/v1/countries/united-states
Accept: application/json

Example — login

POST /api/v1/auth/login
Content-Type: application/json

{
  "email": "you@example.com",
  "password": "...",
  "device": "iPhone",
  "platform": "iOS"
}