API Reference

The FLD REST API is available at https://api.firstlinedone.com. Interactive documentation (Swagger UI) is available at https://api.firstlinedone.com/api/docs.

Authentication

All API endpoints (except login and health check) require a Bearer token in theAuthorization header:

Authorization: Bearer <your_access_token>

Obtain a token by calling POST /api/auth/token:

curl -X POST "https://api.firstlinedone.com/api/auth/token" \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "password": "yourpassword"}'

API Keys

For server-to-server integrations, use API keys instead of user tokens. Generate API keys in Settings → API Keys. Pass the key in the X-API-Key header.

Rate Limiting

Default: 100 requests/minute per user. Burst: 200 requests/minute. Rate limit headers: X-RateLimit-Limit, X-RateLimit-Remaining,X-RateLimit-Reset.

Endpoints

Authentication

POST
/api/auth/token

Login — returns access and refresh tokens

POST
/api/auth/register

Register a new user (existing institution)

GET
/api/auth/me

Get current user profile

POST
/api/auth/refresh

Refresh access token

Entities

GET
/api/entities

List all entities

POST
/api/entities

Create a new entity

GET
/api/entities/{id}

Get entity by ID

PUT
/api/entities/{id}

Update entity

DELETE
/api/entities/{id}

Delete entity

Screening

POST
/api/screening/trigger

Trigger screening for an entity

GET
/api/screening/jobs/{job_id}

Get screening job status and results

Due Diligence

POST
/api/due-diligence/cases

Create a DD case

POST
/api/due-diligence/cases/{id}/process

Process a DD case

POST
/api/due-diligence/cases/{id}/reports/generate

Generate PDF/JSON report

Transactions

GET
/api/transactions

List transactions

POST
/api/transactions

Create a transaction

POST
/api/transactions/import

Bulk import from CSV

Alerts

GET
/api/alerts

Get alert queue

POST
/api/alerts/{id}/investigate

Add investigation note

POST
/api/alerts/{id}/escalate

Escalate alert

POST
/api/alerts/{id}/create-sar

Create SAR from alert

SAR/STR

GET
/api/v1/compliance/sar

List SARs

POST
/api/v1/compliance/sar

Create a SAR

POST
/api/v1/compliance/sar/{id}/approve

Approve a SAR

POST
/api/v1/compliance/sar/{id}/file

File a SAR

Billing

GET
/api/billing/plans

List available plans (public)

GET
/api/billing/subscription

Get current subscription

POST
/api/billing/checkout

Create Stripe checkout session

POST
/api/billing/portal

Create Stripe customer portal session

GET
/api/billing/invoices

List invoices

Team

GET
/api/team/members

List team members

POST
/api/team/invite

Send team invitation

GET
/api/team/invitations

List pending invitations

Usage

GET
/api/usage

Get usage metrics vs plan limits

Interactive Documentation

For full request/response schemas, use the interactive Swagger UI at https://api.firstlinedone.com/api/docs.