API: argemas Chat (Restricted)
This endpoint powers the authenticated chat widget on the marketing site. Access is restricted to whitelisted Google accounts; it is not a public API.
Discoverable via /.well-known/api-catalog (RFC 9727). Machine-readable spec: chat.openapi.json.
Authentication
Authentication is handled by NextAuth with Google OAuth. After a successful sign-in, NextAuth issues a session cookie that must be present on requests to /api/chat.
A server-side allowlist gates access. Only accounts whose email appears in the ALLOWED_EMAILS environment variable (or whose domain appears in ALLOWED_DOMAINS) can obtain a session. Sign-in for other accounts is rejected in the NextAuth signIn callback, so non-whitelisted users never reach the chat endpoint.
Endpoints
| Method | Path | Purpose |
|---|---|---|
| POST | /api/chat | Submit a user query to the RAG backend (auth required, whitelist enforced). |
| GET/POST | /api/auth/signin | NextAuth sign-in page / handler (Google OAuth). |
| GET/POST | /api/auth/signout | NextAuth sign-out handler. |
| GET | /api/auth/session | Current session (JSON). Returns empty object when unauthenticated. |
| GET | /api/health | Liveness probe. Public, no auth required. |
| GET | /.well-known/api-catalog | RFC 9727 API catalog (Linkset JSON). |
Request / Response
Full request and response schemas, including error shapes, are defined in the OpenAPI 3.1 document: