📜API Endpoints Overview

This document tracks all active RESTful endpoints in the UDAI API. For detailed request schemas, response codes, and business logic, click on the respective documentation links.

1. 🔐 Authentication APIs

00. 🔐 Access Control

Docs: Access Control Matrix

  • Explains the strict 12-module Access Matrix mapping endpoints to users

  • Details Context-Based Access Control (CBAC) ownership rules

  • Details Role-Based Access Control (RBAC) membership rules (Owner, Admin, Member)

  • Maps the 7 different org_type classifications to permissions

01. 🌐 Base URL & Common Responses

Docs: Hostname & Error Codes

  • Outlines the primary REST endpoints for STG, UAT, and PROD

  • Defines the unified error schema required for all 4xx and 5xx responses

  • Maps HTTP status codes used globally across the API

02. 🔑 Authentication Endpoints

Docs: Authentication APIarrow-up-right

  • POST /auth/register — Register a new user and create an associated organisation

  • POST /auth/verify/send-otp — Send verification OTP to unverified email/phone

  • POST /auth/verify — Verify email/phone using OTP

  • POST /auth/login/send-otp — Send OTP for password-less login

  • POST /auth/login-password — Authenticate using password

  • POST /auth/login-otp — Authenticate using OTP

  • POST /auth/logout — Invalidate current access token

  • POST /auth/refresh-token — Issue new access token using refresh token

  • POST /auth/forgot-password — Send password reset link

  • POST /auth/change-password — Change password for authenticated user

03. 👤 User Management Endpoints

Docs: User Management API

Header Required: X-Organization-ID

  • GET /users — Get all members of the organisation

  • GET /users/{user_uuid} — Get specific member's details

  • PUT /users/{user_uuid}/role — Update a member's role

  • DELETE /users/{user_uuid} — Set member's org validation status to INACTIVE

  • PUT /users/{user_uuid} — Update the authenticated user's own profile

  • POST /users/{user_uuid}/pilot-creds — Create or update the user's pilot credentials

  • GET /users/{user_uuid}/pilot-creds — Return the user's pilot credentials

04. 🏢 Organisation Endpoints

Docs: Organisation API

  • GET /organisations/{org_uuid} — Get current user's organisation details

  • PUT /organisations/{org_uuid} — Update organisation details

05. 🤝 Organisation Membership Endpoints

Docs: Membership API

Header Required: X-Organization-ID

  • POST /users/invite — Invite one or multiple users to the organisation

  • POST /users/invite/accept — Accept or decline a pending invitation

  • GET /invitations — Get all invitations sent by the organisation

  • GET /invitations/{invitation_uuid} — Get details of a specific invitation

  • DELETE /invitations/{invitation_uuid} — Revoke a pending invitation

  • DELETE /memberships — Remove active members (soft-delete to INACTIVE)

2. 🚁 Fleet APIs

06. 🚁 Drone Model Endpoints

Docs: Drone Model APIarrow-up-right

Header Required: X-Organization-ID

  • POST /drone-models — Create a new drone model

  • GET /drone-models — Get all drone models from manufacturer

  • GET /drone-models/{drone_uuid} — Get details of a specific drone model

  • PUT /drone-models/{model_uuid} — Update a drone model

  • DELETE /drone-models/{drone_uuid} — Update drone model status to INACTIVE

07. 📦 Payload Endpoints

Docs: Payload APIarrow-up-right

Header Required: X-Organization-ID

  • POST /payloads — Register a physical payload

  • GET /payloads — Get all payloads owned by organisation

  • GET /payloads/{payload_uuid} — Get specific payload details

  • PUT /payloads/{payload_uuid} — Update specific payload details

  • DELETE /payloads/{payload_uuid} — Remove the payload (soft-delete to INACTIVE)

08. 🚁 Drone Endpoints

Docs: Drone APIarrow-up-right

Header Required: X-Organization-ID

  • POST /drones — Register a single drone into the organisation

  • POST /drones/bulk — Register multiple drones in bulk

  • GET /drones — Get all drones owned by organisation

  • GET /drones/{drone_uuid} — Get specific drone details

  • PUT /drones/{drone_uuid} — Update specific drone details

  • DELETE /drones/{drone_uuid} — Remove the drone (soft-delete to INACTIVE)

09. 🔄 Drone Ownership Endpoints

Docs: Drone Ownership APIarrow-up-right

Header Required: X-Organization-ID

  • POST /drone-transfer — Initiate a transfer (single or bulk)

  • POST /drone-transfers/accept — Accept or reject a pending drone transfer

  • GET /drone-transfers — List all transfer requests for org

  • GET /drone-transfers/{transfer_uuid} — Get details of a specific transfer

  • GET /drone-ownership — List all active/inactive drone ownerships

  • GET /drone-ownership/{ownership_uuid} — Get details of a specific ownership record

  • DELETE /drone-ownership/{ownership_uuid} — Revoke an active drone ownership

3. 📋 Mission APIs

10. 📋 Mission Endpoints

Docs: Mission APIarrow-up-right

Header Required: X-Organization-ID

  • POST /missions — Create a new mission

  • GET /missions — Get all missions

  • GET /missions/{mission_uuid} — Get specific mission details

  • PUT /missions/{mission_uuid} — Update a mission

  • DELETE /missions/{mission_uuid} — Soft delete mission (update status to INACTIVE)

  • POST /permissions?parent_type=MISSION&parent_uuid=\{mission_uuid\} — Request access to an airspace segment for this mission

  • PUT /permissions/\{permission_uuid\} — Grant or deny access to a specific airspace segment

  • POST /flight-plans?mission_uuid=\{mission_uuid\} — Create a flight plan under a mission

  • GET /flight-plans?mission_uuid=\{mission_uuid\} — Get all flight plans for a mission

  • GET /flight-plans/\{plan_uuid\} — Get specific flight plan details

  • PUT /flight-plans/\{plan_uuid\} — Update a flight plan

  • POST /permissions?parent_type=FLIGHT_PLAN&parent_uuid=\{plan_uuid\} — Request access to an airspace segment for a flight plan

  • PUT /permissions/\{permission_uuid\} — Grant or deny access to a specific airspace segment for flight plan

  • GET /flight-plans/log?s — Get combined list of all flight plans

4. 📊 Telemetry APIs

11. 🕒 Flight Sessions and Data

Docs: Flight Sessions APIarrow-up-right

Header Required: X-Organization-ID

  • POST /flight-sessions — Initiate a new flight session (ad-hoc or planned)

  • GET /flight-sessions — Get all flight sessions

  • GET /flight-sessions/{session_uuid} — Get specific flight session details

  • POST /flight-sessions/{session_uuid}/telemetry — Submit Live Telemetry (Placeholder)

12. 🛰️ Airspace Monitoring Management Endpoints

Docs: Airspace Monitoring APIarrow-up-right

Header Required: X-Organization-ID

  • GET /airspace/drones/{drone_uuid} — Get detailed drone information for monitoring

  • GET /airspace/drones/{drone_uuid}/plans — Get all flight plans associated with a drone

  • GET /airspace/drones/{drone_uuid}/plans/{plan_uuid} — Get details of a specific flight plan for a drone

  • POST /airspace/drones/{drone_uuid}/alert — Trigger or log a flight alert or incident

5. 🗺️ Airspace APIs

13. 🗺️ Airspace Zone Endpoints

Docs: Airspace Zone APIarrow-up-right

  • POST /airspaces — Create a new airspace zone

  • GET /airspaces — List all airspace zones

  • GET /airspaces/{zone_uuid} — Get specific zone details

  • PUT /airspaces/{zone_uuid} — Update a zone

14. 🗺️ Airspace Zone Membership Endpoints

Docs: Airspace Zone Memberships APIarrow-up-right

  • POST /airspaces/{zone_uuid}/memberships — Link an org to a zone as Manager/Monitor

  • GET /airspaces/{zone_uuid}/memberships — Get all memberships for a specific zone

  • GET /airspace-memberships — List all zones an organisation is linked to

  • DELETE /airspaces/{zone_uuid}/memberships/{membership_uuid} — Remove an organisation's link (soft-delete to INACTIVE)

15. 🧱 Constraint Engine Endpoints

Docs: Constraint Engine APIarrow-up-right

  • POST /constraints — Create a new spatial constraint

  • GET /constraints/{constraint_uuid} — Get specific constraint details

  • POST /constraints/intersect — Query constraints by geospatial intersection

Last updated