{"openapi":"3.1.0","info":{"title":"Page4 API","version":"1.0.0"},"paths":{"/v1/pages":{"get":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"List pages"},"post":{"parameters":[{"description":"Optional 24h idempotency key for mutating agent calls. Replays completed responses and rejects concurrent pending requests.","in":"header","name":"Idempotency-Key","required":false,"schema":{"maxLength":200,"type":"string"}}],"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a page draft or publish in one call"}},"/v1/pages/{id}":{"delete":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Soft delete a page"},"get":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Get a page"},"patch":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Update page metadata"}},"/v1/pages/{id}/publish":{"post":{"parameters":[{"description":"Optional 24h idempotency key for mutating agent calls. Replays completed responses and rejects concurrent pending requests.","in":"header","name":"Idempotency-Key","required":false,"schema":{"maxLength":200,"type":"string"}}],"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Publish Markdown or PageSpec to a safe HTML deployment"}},"/v1/pages/{id}/rollback":{"post":{"parameters":[{"description":"Optional 24h idempotency key for mutating agent calls. Replays completed responses and rejects concurrent pending requests.","in":"header","name":"Idempotency-Key","required":false,"schema":{"maxLength":200,"type":"string"}}],"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Create a new deployment pointing at a previous version"}},"/v1/pagespec/validate":{"post":{"security":[{"bearerApiKey":[]},{"dashboardSession":[]}],"summary":"Dry-run PageSpec or Markdown validation and sanitization"}},"/v1/api-keys":{"get":{"description":"Dashboard session only. Bearer API keys cannot manage keys.","security":[{"dashboardSession":[]}],"summary":"List personal API keys"},"post":{"description":"Dashboard session only. Scopes must come from the Phase 1 allowlist; wildcard scopes are rejected.","security":[{"dashboardSession":[]}],"summary":"Create a personal API key"}},"/v1/api-keys/{id}":{"delete":{"description":"Dashboard session only. Bearer API keys cannot revoke keys.","security":[{"dashboardSession":[]}],"summary":"Revoke a personal API key"}},"/v1/openapi.json":{"get":{"summary":"OpenAPI 3.1 document"}},"/report":{"get":{"summary":"Report form"},"post":{"description":"Public abuse report endpoint. The slug must resolve to a known deployment and is lightly rate limited.","summary":"Submit an abuse report"}}},"components":{"schemas":{"ErrorResponse":{"properties":{"error":{"properties":{"code":{"type":"string"},"message":{"type":"string"}},"required":["code","message"],"type":"object"}},"required":["error"],"type":"object"}},"securitySchemes":{"bearerApiKey":{"scheme":"bearer","type":"http"},"dashboardSession":{"description":"Host-only HttpOnly cookie for app.page4.you. State-changing session requests enforce Origin / Sec-Fetch-Site CSRF checks.","in":"cookie","name":"p4_session","type":"apiKey"}}},"security":[{"bearerApiKey":[]},{"dashboardSession":[]}]}