API Overview

All Auva services expose REST APIs that follow consistent patterns for authentication, error handling, and pagination. This reference covers the conventions used across every endpoint.

Base URLs

Service	Base URL
Auth API	`https://auth.auva.dev`
Auva Go	`https://go.auva.dev/api`
Auva Mail	`https://auva.email/api`
Auva Notes	`https://notes.auva.dev/api`

Authentication

Most endpoints require a valid access token in the Authorization header:

text

Authorization: Bearer YOUR_ACCESS_TOKEN

See the Authentication docs for how to obtain tokens.

Some endpoints (like creating anonymous Auva Mail inboxes) do not require authentication. These are marked as Public in their documentation.

Request Format

All request bodies use JSON:

text

Content-Type: application/json

Response Format

All responses return JSON. Successful responses include the requested data:

text

{
  "id": "resource_id",
  "name": "Resource Name",
  "createdAt": "2024-03-15T10:30:00.000Z"
}

List endpoints return paginated results:

text

{
  "data": [...],
  "total": 142,
  "page": 1,
  "limit": 50,
  "hasMore": true
}

HTTP Methods

Method	Usage
`GET`	Read resources
`POST`	Create resources, trigger actions
`PATCH`	Partially update a resource
`PUT`	Fully replace a resource
`DELETE`	Remove a resource

Common Headers

Header	Required	Description
`Authorization`	Usually	`Bearer {accessToken}`
`Content-Type`	For POST/PATCH/PUT	Always `application/json`
`Accept`	No	`application/json` (default)

Authentication

Token lifecycle, refresh flow, and session management.

Rate Limits

Request quotas, throttle headers, and retry strategies.

Error Handling

Standardized error codes and response format.