Skip to content

Wellesley Platform API (1.0)

Download OpenAPI description
openapi.json
openapi.yaml
Languages
Servers
Mock server
https://docs.wellesley.social/_mock/openapi/
Simple setup, all in one. Digital Ocean
https://dust.allroads.social/
Simple setup, db is separate. Digital Ocean
https://meteor.allroads.social/

AI Agents

Assign and list group AI agent assignments

Operations

Accounts

Account management and authentication endpoints. Handles user registration, login flows (email/phone), profile management, and account lifecycle operations. Supports multi-step signup with email/SMS verification, CAPTCHA, and optional admin approval.

Operations

ActivityPub

WebFinger endpoint for ActivityPub user discovery and federation

Addresses

Endpoints for suggesting and validating physical addresses

Operations

Admin

Development and testing endpoints for populating the database with test data

Admin Accounts

Administrative endpoints for account and user management. Provides comprehensive tools for managing user accounts, including creation, deletion, role assignment, password management, state changes, and user impersonation for bot accounts.

Operations

Admin ActivityPub

Administrative endpoints for ActivityPub

Operations

Admin Audit

Administrative endpoints for viewing and managing audit logs. Provides comprehensive logging of all security-relevant actions performed in the system.

Operations

Admin Domain Blocks

Administrative APIs for managing domain blocks. Provides endpoints to block specific domains with different severity levels (SUSPEND, LIMIT, NOOP), update existing blocks, unblock domains, and list currently blocked domains. Domain blocks prevent or limit federation with specified domains.

Operations

Admin Domains Allow List

Administrative endpoints for managing domain allowlists. When domain allowlisting is enabled, only domains in this list can federate with the instance.

Operations

Admin Email Allow List

Administrative endpoints for managing email domain allowlist used for registrations.

Operations

Admin Email Blocks

Administrative APIs for managing email blocks to prevent unwanted signups. Supports blocking specific email addresses and entire domains. Email blocks are automatically normalized and checked during user registration.

Operations

Admin Federation Metrics

Administrative endpoints for monitoring and managing federation with other ActivityPub instances. Provides metrics on connected domains, user counts, post statistics, and federation health monitoring.

Operations

Admin Feeds

Administrative endpoints for managing user feeds and cache

Operations

Admin Groups

Administrative endpoints for Groups management

Operations

Admin Init

Administration endpoints for system initialization and updates

Admin Posts

Administrative endpoints for managing posts. Provides moderation capabilities to delete posts that violate community guidelines or are part of reported content.

Operations

Admin Reports

Administrative endpoints for managing user reports and moderation. Provides tools for reviewing, assigning, resolving, and annotating reports about users, posts, and groups. Supports workflow management with assignment, notes, and resolution tracking.

Operations

Admin Signup Requests

Administrative endpoints for managing user signup requests. Provides tools for reviewing, approving, rejecting, and managing signup requests in moderation queue. Supports workflow for manual account approval when enabled.

Operations

Admin Uploads

Administrative endpoints for managing file uploads and media storage. Provides tools for monitoring user storage usage, searching uploaded files, and managing upload processing jobs. Supports queue management for async upload processing workflows.

Operations

Aliases

Endpoints for managing previous usernames and username aliases

Operations

Application Data

Endpoints for managing application-specific data storage. Provides a flexible key-value storage system for applications to store custom data associated with users, groups, or the platform. Supports tagging, filtering, and ownership-based access control.

Operations

Applications

Endpoints for serving and routing platform applications to users

Operations

Blocks

User blocking functionality for preventing interaction with specific users. Blocking a user prevents them from following you, seeing your posts, or interacting with your content. Block operations are federated to remote servers when blocking remote users.

Operations

Categories

Endpoints for managing forum-specific categories

Operations

Domain Blocks

Public API for listing domains blocked by this instance. Visibility and reason details are controlled by platform settings.

Operations

Domain-blocks

Endpoints for managing user-level domain blocks to filter content from specific servers

Operations

Drafts

Endpoints for creating, reading, updating, and deleting drafts, as well as publishing them to posts

Operations

Email

Email address management for user accounts. Provides secure email change workflow with verification codes, password confirmation, and notification system. All email changes require authentication and are logged for security.

Operations

Emoji

Custom emoji management system for the platform. Supports creating, uploading, importing/exporting, searching, and deleting custom emojis. Emojis are automatically resized and optimized. Admin-only operations require Emojis.Manage permission.

Operations

Events

Endpoints for creating, retrieving, and managing events and attendees

Operations

Get public events or user-specific events

Request

Returns public events for unauthenticated users, or events for a specific user/owner for authenticated users. Supports filtering by organizer or owner.

Security
header
Query
groupIdstring or null

List specific group's events

Example: groupId=us_01hxcvk1hjexere4pvtrj0ymqq
limitinteger or null(int32)

Show no more than the given number of events

offsetinteger or null(int32)

An offset to show events starting from

organizerIdstring or null

List specific user's events

Example: organizerId=us_01hxcvk1hjexere4pvtrj0ymqq
usernamestring or null

List specific user's events

withTranslationstring or null

Include translation

Enum"BG""CS""DA""DE""EL""EN""ES""ET""FI""FR"
curl -i -X GET \
  'https://docs.wellesley.social/_mock/openapi/api/v1/events?groupId=us_01hxcvk1hjexere4pvtrj0ymqq&limit=0&offset=0&organizerId=us_01hxcvk1hjexere4pvtrj0ymqq&username=string&withTranslation=BG' \
  -H 'Authorization: YOUR_API_KEY_HERE'

Responses

OK

Bodyapplication/jsonArray [
idstringrequired

Internal event id

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
uristring(uri)required

Unique event uri

groupIdstring or nullrequired

Group id

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
namestringrequired

Event's name

startTimestring(date-time)required

Event's start time

Example: "2022-03-10T16:15:50Z"
endTimestring or null(date-time)

Event's end time

Example: "2022-03-10T16:15:50Z"
ianaTimeZonestring or null

Event's IANA time zone

timeZoneOffsetSecondsinteger(int32)required

Event's time zone offset (in seconds)

descriptionstring or null

Event's Markdown description (absent for non-local events)

descriptionHtmlstring or null

Event's HTML description

urlstring or null(uri)

Event's virtual location URL

addressIdinteger or null(int32)

Event's address id

tagsArray of strings or null

Event's tags

mentionsArray of strings or null(uri)

Event's mentions

statsobjectrequired

Stats

stats.​interestsinteger(int32)
stats.​joinsinteger(int32)
statusstringrequired

Event status

Enum"CONFIRMED""CANCELLED"
Example: "CONFIRMED"
attendeeStatusstring or null

Event attendee statuses

  • INVITED - a user has been invited to an event (for private events only).
  • JOINED - a user has joined and thus attending an event.
  • JOINED_TENTATIVELY - a user has tentatively joined / show an interest in an event.
  • REJECTED - a user has rejected an event invitation, and won't attend an event (for private events only).
Enum"INVITED""JOINED""JOINED_TENTATIVELY""REJECTED"
Example: "INVITED"
commentCountinteger or null(int32)

Event comment count

privacystring(PostPrivacy)required

Privacy levels for posts:

  • PUBLIC - post is visible to anyone, including people who are not logged in and those who do not follow the user. It appears in the public timelines (home, local, and federated).
  • UNLISTED - post is visible to anyone who visits the user's profile, but it does not appear in public timelines. Only followers and those who visit the user's profile directly can see it.
  • PRIVATE - post is only visible to the user's followers. It does not appear in public timelines or on the user's profile for non-followers.
  • DIRECT - post is visible only to the mentioned users. It functions like a direct message and is not visible on public timelines, the user's profile, or to followers.
  • FOLLOW_POST - comment only. Follow parent post visibility
Enum"PUBLIC""UNLISTED""PRIVATE""DIRECT""FOLLOW_POST"
translationobject or null

Event translation

createdAtstring(date-time)(Instant)required
Example: "2022-03-10T16:15:50Z"
updatedAtstring(date-time)(Instant)required
Example: "2022-03-10T16:15:50Z"
deletedAtstring or null(date-time)
Example: "2022-03-10T16:15:50Z"
langstring or null
Enum"BG""CS""DA""DE""EL""EN""ES""ET""FI""FR"
organizerobject(User)required

One of account's users. Can be multiple per account

organizer.​groupUserNamestring or null

Name of the channel inside a group

organizer.​idstringrequired

internal id of this user

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
organizer.​usernamestringrequired

unique user name

Example: "john_smith"
organizer.​domainstringrequired

user's domain, remote only, empty for local

Example: "wlsly1.net"
organizer.​displayNamestringrequired

full name of the user

Example: "John Smith"
organizer.​uristring(uri)required

URI of this user

Example: "https://wlsly1.net/users/john_smith"
organizer.​avatarobject or null

User's avatar

organizer.​createdAtstring(date-time)(Instant)required
Example: "2022-03-10T16:15:50Z"
organizer.​deletedboolean or null
organizer.​statestringrequired

Registration mode:

  • REGULAR - just regular state
  • SENSITIVE - all media attachments are flagged as sensitive, i.e. all user's posts should be marked as sensitive, old posts and all future ones.
  • LIMITED - all user's old and future posts should be set maximum to followers only unless user set it to direct himself. non-followers should not be notified, i.e. if user mentions non-follower we do not create notification.
  • SUSPENDED - User can login, but cannot do anything in his account except to read, cannot change anything, cannot create new posts or comments etc. All his posts are marked as deleted, but we do not delete them just yet. User is scheduled to be deleted in one month. During this month it is possible to restore it via admin.
Enum"REGULAR""SENSITIVE""LIMITED""SUSPENDED"
organizer.​relationshipobject or null

Relationship with this user

organizer.​channelboolean

Whether this is a channel or a user

organizer.​groupIdstring or null

UUID with type prefix

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
organizer.​groupPrivacystring or null
  • PUBLIC - Channel is visible to everyone and can be followed by anyone.
  • PRIVATE - Channel is visible only to group members and can only be followed by group members.
Enum"PUBLIC""PRIVATE"
organizer.​groupMainboolean or null
organizer.​groupDefaultboolean or null
organizer.​actorTypestring or null

Types that an Actor can be assigned. Coincide with ActivityPub Actor types:

  • APPLICATION: Apps will have this type
  • GROUP: Interest Groups and Generic Groups wil have this type
  • ORGANIZATION: Formal Organizations such as Companies, Institutions, etc. will have this type
  • PERSON: Individual people will have this type
  • SERVICE: Bots, Services, and other automated tools which are not also Apps will have this type
Enum"Application""Group""Organization""Person""Service"
coverobject or null

Uploaded file

addressobject or null

Address variant

emojisArray of objects or null(Emoji)
]
Response
application/json
[
  {
    "id": "us_01hxcvk1hjexere4pvtrj0ymqq",
    "uri": "http://example.com",
    "groupId": "us_01hxcvk1hjexere4pvtrj0ymqq",
    "name": "string",
    "startTime": "2022-03-10T16:15:50Z",
    "endTime": "2022-03-10T16:15:50Z",
    "ianaTimeZone": "string",
    "timeZoneOffsetSeconds": 0,
    "description": "string",
    "descriptionHtml": "string",
    "url": "http://example.com",
    "addressId": 0,
    "tags": [ … ],
    "mentions": [ … ],
    "stats": { … },
    "status": "CONFIRMED",
    "attendeeStatus": "INVITED",
    "commentCount": 0,
    "privacy": "PUBLIC",
    "translation": { … },
    "createdAt": "2022-03-10T16:15:50Z",
    "updatedAt": "2022-03-10T16:15:50Z",
    "deletedAt": "2022-03-10T16:15:50Z",
    "lang": "BG",
    "organizer": { … },
    "cover": { … },
    "address": { … },
    "emojis": [ … ]
  }
]

Create a new event

Request

Creates a new event with specified details including title, description, date/time, location, and privacy settings. The authenticated user becomes the event organizer.

Security
header
Bodyapplication/jsonrequired
groupIdstring or null

Group id, not required for personal events

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
namestringrequired

Event name

Example: "New Event Name"
startTimestring(date-time)required

Event start time in UTC

Example: "2022-03-10T16:15:50Z"
endTimestring or null(date-time)

Event end time in UTC

Example: "2022-03-10T16:15:50Z"
ianaTimeZonestringrequired

Event IANA time zone name

Example: "Europe/Paris"
descriptionstring or null

Event's description

Example: "This is a birthday party"
urlstring or null(uri)

Event URL

addressobject or null

Event address

imageIdstring or null

Event cover image

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
statusstringrequired

Event status

Enum"CONFIRMED""CANCELLED"
Example: "CONFIRMED"
privacystringrequired

Privacy levels for posts:

  • PUBLIC - post is visible to anyone, including people who are not logged in and those who do not follow the user. It appears in the public timelines (home, local, and federated).
  • UNLISTED - post is visible to anyone who visits the user's profile, but it does not appear in public timelines. Only followers and those who visit the user's profile directly can see it.
  • PRIVATE - post is only visible to the user's followers. It does not appear in public timelines or on the user's profile for non-followers.
  • DIRECT - post is visible only to the mentioned users. It functions like a direct message and is not visible on public timelines, the user's profile, or to followers.
  • FOLLOW_POST - comment only. Follow parent post visibility
Enum"PUBLIC""UNLISTED""PRIVATE""DIRECT""FOLLOW_POST"
Example: "PUBLIC"
inviteesArray of strings or null(TypeId)

Users to invite to a private event

Example: ["us_01hxcvk1hjexere4pvtrj0ymqq"]
curl -i -X POST \
  https://docs.wellesley.social/_mock/openapi/api/v1/events \
  -H 'Authorization: YOUR_API_KEY_HERE' \
  -H 'Content-Type: application/json' \
  -d '{
    "groupId": "us_01hxcvk1hjexere4pvtrj0ymqq",
    "name": "New Event Name",
    "startTime": "2024-02-18T15:00:00Z",
    "endTime": "2024-02-18T18:00:00Z",
    "ianaTimeZone": "Europe/Paris",
    "description": "This is a birthday party",
    "url": "http://example.com",
    "address": {
      "formatted": "Adriaen Van Ostadestraat 53, 4703 NT Roosendaal, Netherlands",
      "name": "Casa Vacanze",
      "country": "USA",
      "countryCode": "us",
      "region": "Massachusetts",
      "regionCode": "MA",
      "subRegion": "Newton Heights",
      "locality": "Madrid",
      "street": "Adriaen Van Ostadestraat",
      "postalCode": "4703 NT",
      "houseNumber": "23",
      "longitude": 4.437564,
      "latitude": 51.534581,
      "timeZone": "Europe/Amsterdam",
      "plusCode": "9F36GCMQ+R2",
      "serviceId": "geoapify",
      "placeId": "string"
    },
    "imageId": "us_01hxcvk1hjexere4pvtrj0ymqq",
    "status": "CONFIRMED",
    "privacy": "PUBLIC",
    "invitees": [
      "us_01hxcvk1hjexere4pvtrj0ymqq"
    ]
  }'

Responses

Event object just created

Bodyapplication/json
idstringrequired

Internal event id

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
uristring(uri)required

Unique event uri

groupIdstring or nullrequired

Group id

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
namestringrequired

Event's name

startTimestring(date-time)required

Event's start time

Example: "2022-03-10T16:15:50Z"
endTimestring or null(date-time)

Event's end time

Example: "2022-03-10T16:15:50Z"
ianaTimeZonestring or null

Event's IANA time zone

timeZoneOffsetSecondsinteger(int32)required

Event's time zone offset (in seconds)

descriptionstring or null

Event's Markdown description (absent for non-local events)

descriptionHtmlstring or null

Event's HTML description

urlstring or null(uri)

Event's virtual location URL

addressIdinteger or null(int32)

Event's address id

tagsArray of strings or null

Event's tags

mentionsArray of strings or null(uri)

Event's mentions

statsobjectrequired

Stats

stats.​interestsinteger(int32)
stats.​joinsinteger(int32)
statusstringrequired

Event status

Enum"CONFIRMED""CANCELLED"
Example: "CONFIRMED"
attendeeStatusstring or null

Event attendee statuses

  • INVITED - a user has been invited to an event (for private events only).
  • JOINED - a user has joined and thus attending an event.
  • JOINED_TENTATIVELY - a user has tentatively joined / show an interest in an event.
  • REJECTED - a user has rejected an event invitation, and won't attend an event (for private events only).
Enum"INVITED""JOINED""JOINED_TENTATIVELY""REJECTED"
Example: "INVITED"
commentCountinteger or null(int32)

Event comment count

privacystring(PostPrivacy)required

Privacy levels for posts:

  • PUBLIC - post is visible to anyone, including people who are not logged in and those who do not follow the user. It appears in the public timelines (home, local, and federated).
  • UNLISTED - post is visible to anyone who visits the user's profile, but it does not appear in public timelines. Only followers and those who visit the user's profile directly can see it.
  • PRIVATE - post is only visible to the user's followers. It does not appear in public timelines or on the user's profile for non-followers.
  • DIRECT - post is visible only to the mentioned users. It functions like a direct message and is not visible on public timelines, the user's profile, or to followers.
  • FOLLOW_POST - comment only. Follow parent post visibility
Enum"PUBLIC""UNLISTED""PRIVATE""DIRECT""FOLLOW_POST"
translationobject or null

Event translation

createdAtstring(date-time)(Instant)required
Example: "2022-03-10T16:15:50Z"
updatedAtstring(date-time)(Instant)required
Example: "2022-03-10T16:15:50Z"
deletedAtstring or null(date-time)
Example: "2022-03-10T16:15:50Z"
langstring or null
Enum"BG""CS""DA""DE""EL""EN""ES""ET""FI""FR"
organizerobject(User)required

One of account's users. Can be multiple per account

organizer.​groupUserNamestring or null

Name of the channel inside a group

organizer.​idstringrequired

internal id of this user

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
organizer.​usernamestringrequired

unique user name

Example: "john_smith"
organizer.​domainstringrequired

user's domain, remote only, empty for local

Example: "wlsly1.net"
organizer.​displayNamestringrequired

full name of the user

Example: "John Smith"
organizer.​uristring(uri)required

URI of this user

Example: "https://wlsly1.net/users/john_smith"
organizer.​avatarobject or null

User's avatar

organizer.​createdAtstring(date-time)(Instant)required
Example: "2022-03-10T16:15:50Z"
organizer.​deletedboolean or null
organizer.​statestringrequired

Registration mode:

  • REGULAR - just regular state
  • SENSITIVE - all media attachments are flagged as sensitive, i.e. all user's posts should be marked as sensitive, old posts and all future ones.
  • LIMITED - all user's old and future posts should be set maximum to followers only unless user set it to direct himself. non-followers should not be notified, i.e. if user mentions non-follower we do not create notification.
  • SUSPENDED - User can login, but cannot do anything in his account except to read, cannot change anything, cannot create new posts or comments etc. All his posts are marked as deleted, but we do not delete them just yet. User is scheduled to be deleted in one month. During this month it is possible to restore it via admin.
Enum"REGULAR""SENSITIVE""LIMITED""SUSPENDED"
organizer.​relationshipobject or null

Relationship with this user

organizer.​channelboolean

Whether this is a channel or a user

organizer.​groupIdstring or null

UUID with type prefix

Example: "us_01hxcvk1hjexere4pvtrj0ymqq"
organizer.​groupPrivacystring or null
  • PUBLIC - Channel is visible to everyone and can be followed by anyone.
  • PRIVATE - Channel is visible only to group members and can only be followed by group members.
Enum"PUBLIC""PRIVATE"
organizer.​groupMainboolean or null
organizer.​groupDefaultboolean or null
organizer.​actorTypestring or null

Types that an Actor can be assigned. Coincide with ActivityPub Actor types:

  • APPLICATION: Apps will have this type
  • GROUP: Interest Groups and Generic Groups wil have this type
  • ORGANIZATION: Formal Organizations such as Companies, Institutions, etc. will have this type
  • PERSON: Individual people will have this type
  • SERVICE: Bots, Services, and other automated tools which are not also Apps will have this type
Enum"Application""Group""Organization""Person""Service"
coverobject or null

Uploaded file

addressobject or null

Address variant

emojisArray of objects or null(Emoji)
Response
application/json
{
  "id": "us_01hxcvk1hjexere4pvtrj0ymqq",
  "uri": "http://example.com",
  "groupId": "us_01hxcvk1hjexere4pvtrj0ymqq",
  "name": "string",
  "startTime": "2022-03-10T16:15:50Z",
  "endTime": "2022-03-10T16:15:50Z",
  "ianaTimeZone": "string",
  "timeZoneOffsetSeconds": 0,
  "description": "string",
  "descriptionHtml": "string",
  "url": "http://example.com",
  "addressId": 0,
  "tags": [
    "string"
  ],
  "mentions": [
    "http://example.com"
  ],
  "stats": {
    "interests": 0,
    "joins": 0
  },
  "status": "CONFIRMED",
  "attendeeStatus": "INVITED",
  "commentCount": 0,
  "privacy": "PUBLIC",
  "translation": {
    "name": "string",
    "descriptionHtml": "string"
  },
  "createdAt": "2022-03-10T16:15:50Z",
  "updatedAt": "2022-03-10T16:15:50Z",
  "deletedAt": "2022-03-10T16:15:50Z",
  "lang": "BG",
  "organizer": {
    "groupUserName": "string",
    "id": "us_01hxcvk1hjexere4pvtrj0ymqq",
    "username": "john_smith",
    "domain": "wlsly1.net",
    "displayName": "John Smith",
    "uri": "https://wlsly1.net/users/john_smith",
    "avatar": { … },
    "createdAt": "2022-03-10T16:15:50Z",
    "deleted": true,
    "state": "REGULAR",
    "relationship": { … },
    "channel": true,
    "groupId": "us_01hxcvk1hjexere4pvtrj0ymqq",
    "groupPrivacy": "PUBLIC",
    "groupMain": true,
    "groupDefault": true,
    "actorType": "Application"
  },
  "cover": {
    "uploadId": "up_kjhwieuy2387928371",
    "userId": "us_97234khddqdkuhqwij",
    "uploadType": "video",
    "meta": { … },
    "size": 0,
    "files": [ … ],
    "tags": [ … ],
    "error": "string",
    "cached": true,
    "logs": "string",
    "remote": true,
    "createdAt": "2022-03-10T16:15:50Z",
    "updatedAt": "2022-03-10T16:15:50Z"
  },
  "address": {
    "formatted": "Adriaen Van Ostadestraat 53, 4703 NT Roosendaal, Netherlands",
    "name": "Casa Vacanze",
    "country": "USA",
    "countryCode": "us",
    "region": "Massachusetts",
    "regionCode": "MA",
    "subRegion": "Newton Heights",
    "locality": "Madrid",
    "street": "Adriaen Van Ostadestraat",
    "postalCode": "4703 NT",
    "houseNumber": "23",
    "longitude": 4.437564,
    "latitude": 51.534581,
    "timeZone": "Europe/Amsterdam",
    "plusCode": "9F36GCMQ+R2",
    "serviceId": "geoapify",
    "placeId": "string"
  },
  "emojis": [
    { … }
  ]
}

Export group's public calendar

Request

Exports a group's public events as an ICS (iCalendar) file. Only available if the group has enabled public calendar export in their settings.

Security
header
Path
groupnamestringrequired

Group name of the group of public calendar

curl -i -X GET \
  'https://docs.wellesley.social/_mock/openapi/api/v1/events/calendar/g/{groupname}.ics' \
  -H 'Authorization: YOUR_API_KEY_HERE'

Responses

Calendar in ICS format

Bodytext/calendar
string(binary)
Response
No content

Events ActivityPub

ActivityPub-compatible endpoint for events

Follow

User follow relationship management. Handles following/unfollowing users, managing follow requests, and querying follower/followee relationships. Supports both local and remote (federated) users with ActivityPub protocol integration.

Operations

Forums

Endpoints for managing discussion forums, including creation, retrieval, and deletion

Operations

Geo

Endpoints for geographic location lookup and timezone services

Operations

Group Applications

Endpoints for managing applications available to groups, including listing, adding, and removing group-specific applications

Operations

Group Channels

API endpoints for managing channels within groups. Channels are specialized accounts that enable organized content distribution within groups. They support hierarchical organization with main and default channels, privacy controls inherited from parent groups, and both scoped (group-specific) and global usernames for discovery. Group administrators manage channels while members can follow them.

Operations

Group Member Settings

Endpoints for managing member-specific settings within groups. These settings are personal to each group member and affect their individual experience within the group. Members can only access and modify their own settings within groups they belong to.

Operations

Group Members

API endpoints for managing group membership. Provides functionality to add, update, and remove members from groups, as well as retrieve membership information. Supports both local and federated groups through ActivityPub protocol. Access control is enforced based on group privacy settings and user permissions.

Operations

Group Questions

API endpoints for managing group entry questions. Groups can require prospective members to answer questions before joining. Questions support multiple types (text, single choice, multiple choice) and are used to screen members when the group's join mode is set to QUESTIONS. Answers are validated and generate a token that can be used during the join process.

Operations

Group Reports

Group-scoped moderation reports. Allows group admins to review and resolve reports targeting their channels, forums, and events without global moderator access.

Operations

Group Rules

API endpoints for managing community rules within groups. Rules define the expected conduct and content policies that members must follow. Each rule consists of text (the rule itself), a hint (explanation or context), and an ordering value for display sequence. Rules are scoped to specific groups and can be managed by users with appropriate permissions.

Operations

Group Settings

Endpoints for managing group-specific settings and configuration options. These endpoints allow authorized group members to view, update, and delete settings that control group behavior, features, and customization options.

Operations

Groups

API endpoints for managing groups within the Wellesley platform. Groups are community spaces that can be public or private, support forums, and have their own membership and permission systems. Groups can be federated via ActivityPub for cross-instance communication.

Operations

Import

Endpoints for importing data from other platforms including followers, blocks, and mutes

Operations

Instance

Server instance information and configuration. Provides metadata about the server, compatible domains, supported languages, timezones, and countries. All endpoints are publicly accessible without authentication.

Operations

Invites

Endpoints for sending and managing user invitations

Operations

Jobs

Endpoints for monitoring and managing background job queues, including statistics, job listings, and queue monitoring

Operations

Lists

Endpoints for managing user lists for organizing and grouping followed accounts

Operations

Logins

Endpoints for managing user login methods including email, password, and phone authentication

Operations

Metrics

Endpoints for retrieving metrics and analytics data from the events stream

Operations

Mutes

Endpoints for managing user mutes to hide content from specific users

Operations

Notes

Endpoints for managing personal notes about other users

Operations

Notifications

Endpoints for managing user notifications including retrieving, counting, and marking notifications as read or unread

Operations

Passkeys

Passkey (WebAuthn) registration and authentication

Operations

Password

Endpoints for password management including changing, resetting, and recovering passwords

Operations

Pins

Endpoints for pinning posts to profiles and retrieving pinned posts

Operations

Platform Data

Endpoints for managing platform-wide and group-specific data storage. Unlike application data, this provides direct data management not tied to specific applications. Supports flexible ownership models including platform-level, group-level, and user-level data with appropriate access controls.

Operations

Platform Settings

Endpoints for managing platform-wide settings and configuration options. These endpoints control server-level settings that affect the entire platform, including features, limits, security policies, and default behaviors for all users and groups.

Operations

Polls

Endpoints for interacting with polls, including voting and retrieving results

Operations

Posts

Endpoints for creating, reading, updating, and deleting posts, as well as managing comments, likes, bookmarks, and reposts

Operations

RBAC

Endpoints for retrieving Role-Based Access Control (RBAC) configurations and managing roles, resources, permissions and role-to-user assignments. Scoped Role Definition (RBACRole):

  • Represents roles within the RBAC system.
  • Each role has a unique roleId, a name, an optional description, and a scope.
  • The scope defines the domain or area in which the role is valid.
  • The scope can be Global (hardcoded), currently the only one is "System"
  • The scope also can be dynamic, currently we use Group Ids, like "gr_05hxcvk1hjexere4pvtrj0hggt"
  • Roles come with assigned permissions (RBACPermissions) that define what actions the role can perform on system resources.
  • Metadata such as createdAt and updatedAt timestamps track the role's lifecycle events.

Permissions** (RBACPermissions):

  • Encapsulates resource-specific access controls.
  • Each permission object specifies the resource (e.g., "user", "document") and an associated list of allowed RBACAccess types.
  • RBACAccess enumerates the supported actions: Read, Add, Modify, Delete.

Role Assignments to Actors (RBACActorRole):

  • Maps actors (e.g., users, services) to specific roles.
  • Tracks the association through actorId (representing the unique entity being assigned) and roleId (specific role ID).
  • Includes timestamps to record when the assignment was created or updated.
Operations

Remote collections

API to retrieve followers and following collections for remote users.

Operations

Reports

Endpoints for reporting content and managing content reports

Operations

Rules

Endpoints for managing platform rules that govern user conduct and content policies

Operations

Sessions

Endpoints for managing user authentication sessions and device logins

Operations

Tags

Endpoints for managing hashtags, including following, featuring, and retrieving tag information

Operations

Tags v2

Scoped tags search, policy lists and reports

Operations

Translation

Endpoints for translating text between languages

Operations

Uploads

Endpoints for uploading, retrieving, and managing media files

Operations

User Devices

APIs for managing user devices for push notifications

Operations

User Settings

Endpoints for managing user-specific settings and preferences. These endpoints allow authenticated users to view, update, and delete their personal settings that control their account behavior, interface preferences, privacy options, and feature customizations.

Operations

Users

Endpoints for managing user profiles, including creation, retrieval, updates, and moderation

Operations

employee

Employee. DO NOT USE, SUBJECT TO CHANGE/REMOVE

employer

Employer. DO NOT USE, SUBJECT TO CHANGE/REMOVE

job-applications

Jobs. DO NOT USE, SUBJECT TO CHANGE/REMOVE

job-postings

Jobs. DO NOT USE, SUBJECT TO CHANGE/REMOVE

phone

Phone management

Operations

Fasp Resource

Operations

Debug Resource

Operations

Test Authenticated Controller

Operations

Test Class Auth Controller

Operations

Test Class Authenticated Controller

Operations

Test Class Permit All Controller

Operations

Test Permit All Controller

Operations

Test Authorization Controller

Operations

Quarkus Test Resource For Transaction

Operations