"{\"openapi\":\"3.1.0\",\"info\":{\"title\":\"Trusta API\",\"version\":\"0.0.0\",\"description\":\"Published trust read API, publishing metadata, controls, evidence ingest, and project metadata contract.\"},\"servers\":[{\"url\":\"https://api.trusta.dev\"}],\"components\":{\"securitySchemes\":{\"bearerAuth\":{\"type\":\"http\",\"scheme\":\"bearer\",\"bearerFormat\":\"JWT\"}},\"schemas\":{\"ApiError\":{\"type\":\"object\",\"properties\":{\"error\":{\"type\":\"object\",\"properties\":{\"code\":{\"type\":\"string\"},\"message\":{\"type\":\"string\"}},\"required\":[\"code\",\"message\"]}},\"required\":[\"error\"]},\"User\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"cognitoSub\":{\"type\":\"string\"},\"email\":{\"type\":\"string\",\"format\":\"email\"},\"name\":{\"type\":\"string\"},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"cognitoSub\",\"email\",\"name\",\"createdAt\",\"updatedAt\"]},\"Organization\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"name\":{\"type\":\"string\"},\"slug\":{\"type\":\"string\"},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"name\",\"slug\",\"createdAt\",\"updatedAt\"]},\"OrganizationSummary\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"name\":{\"type\":\"string\"},\"slug\":{\"type\":\"string\"},\"role\":{\"type\":\"string\",\"enum\":[\"owner\",\"member\"]}},\"required\":[\"id\",\"name\",\"slug\",\"role\"]},\"OrganizationMember\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"organizationId\":{\"type\":\"string\",\"format\":\"uuid\"},\"userId\":{\"type\":\"string\",\"format\":\"uuid\"},\"role\":{\"type\":\"string\",\"enum\":[\"owner\",\"member\"]},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"organizationId\",\"userId\",\"role\",\"createdAt\"]},\"OrganizationMemberSummary\":{\"type\":\"object\",\"properties\":{\"membership\":{\"$ref\":\"#/components/schemas/OrganizationMember\"},\"user\":{\"$ref\":\"#/components/schemas/User\"}},\"required\":[\"membership\",\"user\"]},\"Project\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"organizationId\":{\"type\":\"string\",\"format\":\"uuid\"},\"name\":{\"type\":\"string\"},\"slug\":{\"type\":\"string\"},\"hostedSubdomain\":{\"type\":[\"string\",\"null\"]},\"visibility\":{\"type\":\"string\",\"enum\":[\"private\",\"public\"]},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"organizationId\",\"name\",\"slug\",\"hostedSubdomain\",\"visibility\",\"createdAt\",\"updatedAt\"]},\"ProjectDomain\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"domain\":{\"type\":\"string\"},\"verificationStatus\":{\"type\":\"string\",\"enum\":[\"pending\",\"verified\"]},\"verificationMethod\":{\"type\":\"string\",\"enum\":[\"dns_txt\"]},\"verificationToken\":{\"type\":\"string\"},\"verifiedAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"lastCheckedAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"projectId\",\"domain\",\"verificationStatus\",\"verificationMethod\",\"verificationToken\",\"verifiedAt\",\"lastCheckedAt\",\"createdAt\",\"updatedAt\"]},\"ProjectDomainVerificationInstructions\":{\"type\":\"object\",\"properties\":{\"method\":{\"type\":\"string\",\"enum\":[\"dns_txt\"]},\"recordName\":{\"type\":\"string\"},\"recordType\":{\"type\":\"string\",\"enum\":[\"TXT\"]},\"recordValue\":{\"type\":\"string\"}},\"required\":[\"method\",\"recordName\",\"recordType\",\"recordValue\"]},\"ProjectDomainSummary\":{\"type\":\"object\",\"properties\":{\"domain\":{\"$ref\":\"#/components/schemas/ProjectDomain\"},\"instructions\":{\"$ref\":\"#/components/schemas/ProjectDomainVerificationInstructions\"}},\"required\":[\"domain\",\"instructions\"]},\"CollectorPrincipal\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"organizationId\":{\"type\":\"string\",\"format\":\"uuid\"},\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"name\":{\"type\":\"string\"},\"type\":{\"type\":\"string\",\"enum\":[\"cli\"]},\"status\":{\"type\":\"string\",\"enum\":[\"active\",\"revoked\"]},\"allowedActions\":{\"type\":\"array\",\"items\":{\"type\":\"string\"}},\"lastSeenAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"createdByUserId\":{\"type\":\"string\",\"format\":\"uuid\"},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"revokedAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"}},\"required\":[\"id\",\"organizationId\",\"projectId\",\"name\",\"type\",\"status\",\"allowedActions\",\"lastSeenAt\",\"createdByUserId\",\"createdAt\",\"revokedAt\"]},\"EvidenceCollectorSummary\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"name\":{\"type\":\"string\"}},\"required\":[\"id\",\"name\"]},\"EvidenceRecordSummary\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"organizationId\":{\"type\":\"string\",\"format\":\"uuid\"},\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"collectorPrincipalId\":{\"type\":\"string\",\"format\":\"uuid\"},\"collector\":{\"$ref\":\"#/components/schemas/EvidenceCollectorSummary\"},\"evidenceType\":{\"type\":\"string\",\"enum\":[\"build_provenance\",\"dependency_inventory\",\"deployment_snapshot\",\"policy_result\",\"sbom\",\"vulnerability_scan\"]},\"sourceType\":{\"type\":\"string\",\"enum\":[\"aws\",\"collector\",\"custom\",\"github_actions\",\"kubernetes\",\"terraform\"]},\"sourceRef\":{\"type\":\"string\"},\"payloadS3Key\":{\"type\":\"string\"},\"checksum\":{\"type\":\"string\"},\"observedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"receivedAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"organizationId\",\"projectId\",\"collectorPrincipalId\",\"collector\",\"evidenceType\",\"sourceType\",\"sourceRef\",\"payloadS3Key\",\"checksum\",\"observedAt\",\"receivedAt\"]},\"EvidenceRecordResponse\":{\"type\":\"object\",\"properties\":{\"record\":{\"$ref\":\"#/components/schemas/EvidenceRecordSummary\"}},\"required\":[\"record\"]},\"EvidenceRecordListResponse\":{\"type\":\"object\",\"properties\":{\"records\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/EvidenceRecordSummary\"}}},\"required\":[\"records\"]},\"FreshnessPolicy\":{\"oneOf\":[{\"type\":\"object\",\"properties\":{\"kind\":{\"type\":\"string\",\"enum\":[\"none\"]}},\"required\":[\"kind\"]},{\"type\":\"object\",\"properties\":{\"kind\":{\"type\":\"string\",\"enum\":[\"time_window\"]},\"windowSeconds\":{\"type\":\"integer\",\"minimum\":1}},\"required\":[\"kind\",\"windowSeconds\"]}]},\"DegradationPolicy\":{\"type\":\"object\",\"properties\":{\"staleAfterSeconds\":{\"type\":[\"integer\",\"null\"],\"minimum\":0},\"degradedAfterSeconds\":{\"type\":[\"integer\",\"null\"],\"minimum\":0}},\"required\":[\"staleAfterSeconds\",\"degradedAfterSeconds\"]},\"TrustControl\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"key\":{\"type\":\"string\"},\"category\":{\"type\":\"string\",\"enum\":[\"collector\",\"evidence\"]},\"publicName\":{\"type\":\"string\"},\"freshnessPolicyJson\":{\"$ref\":\"#/components/schemas/FreshnessPolicy\"},\"degradationPolicyJson\":{\"$ref\":\"#/components/schemas/DegradationPolicy\"},\"enabled\":{\"type\":\"boolean\"},\"createdAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"key\",\"category\",\"publicName\",\"freshnessPolicyJson\",\"degradationPolicyJson\",\"enabled\",\"createdAt\"]},\"TrustControlListResponse\":{\"type\":\"object\",\"properties\":{\"controls\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/TrustControl\"}}},\"required\":[\"controls\"]},\"ControlEvaluationSummary\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"trustControlId\":{\"type\":\"string\",\"format\":\"uuid\"},\"state\":{\"type\":\"string\",\"enum\":[\"unknown\",\"pass\",\"fail\",\"stale\",\"degraded\"]},\"confidence\":{\"type\":\"number\",\"minimum\":0,\"maximum\":1},\"latestEvidenceRecordId\":{\"type\":[\"string\",\"null\"],\"format\":\"uuid\"},\"latestEvidenceAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"freshUntil\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"nextCheckAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"updatedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"control\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"key\":{\"type\":\"string\"},\"category\":{\"type\":\"string\",\"enum\":[\"collector\",\"evidence\"]},\"publicName\":{\"type\":\"string\"},\"enabled\":{\"type\":\"boolean\"}},\"required\":[\"id\",\"key\",\"category\",\"publicName\",\"enabled\"]}},\"required\":[\"id\",\"projectId\",\"trustControlId\",\"state\",\"confidence\",\"latestEvidenceRecordId\",\"latestEvidenceAt\",\"freshUntil\",\"nextCheckAt\",\"updatedAt\",\"control\"]},\"ControlEvaluationListResponse\":{\"type\":\"object\",\"properties\":{\"evaluations\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/ControlEvaluationSummary\"}}},\"required\":[\"evaluations\"]},\"PublishJob\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"status\":{\"type\":\"string\",\"enum\":[\"requested\",\"running\",\"completed\",\"failed\"]},\"reason\":{\"type\":[\"string\",\"null\"]},\"requestedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"startedAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"completedAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"}},\"required\":[\"id\",\"projectId\",\"status\",\"reason\",\"requestedAt\",\"startedAt\",\"completedAt\"]},\"PublishedProfile\":{\"type\":\"object\",\"properties\":{\"id\":{\"type\":\"string\",\"format\":\"uuid\"},\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"version\":{\"type\":\"integer\",\"minimum\":1},\"artifactS3Key\":{\"type\":\"string\"},\"publishedAt\":{\"type\":\"string\",\"format\":\"date-time\"}},\"required\":[\"id\",\"projectId\",\"version\",\"artifactS3Key\",\"publishedAt\"]},\"PublishProjectResponse\":{\"type\":\"object\",\"properties\":{\"job\":{\"$ref\":\"#/components/schemas/PublishJob\"},\"publishedProfile\":{\"$ref\":\"#/components/schemas/PublishedProfile\"}},\"required\":[\"job\",\"publishedProfile\"]},\"PublishedProfileResponse\":{\"type\":\"object\",\"properties\":{\"publishedProfile\":{\"$ref\":\"#/components/schemas/PublishedProfile\"}},\"required\":[\"publishedProfile\"]},\"PublishedTrustProject\":{\"type\":\"object\",\"properties\":{\"slug\":{\"type\":\"string\"},\"name\":{\"type\":\"string\"},\"hostedSubdomain\":{\"type\":[\"string\",\"null\"]}},\"required\":[\"slug\",\"name\",\"hostedSubdomain\"]},\"PublishedTrustSummary\":{\"type\":\"object\",\"properties\":{\"overallState\":{\"type\":\"string\",\"enum\":[\"unknown\",\"pass\",\"fail\",\"stale\",\"degraded\"]},\"totalControls\":{\"type\":\"integer\",\"minimum\":0},\"passCount\":{\"type\":\"integer\",\"minimum\":0},\"failCount\":{\"type\":\"integer\",\"minimum\":0},\"staleCount\":{\"type\":\"integer\",\"minimum\":0},\"degradedCount\":{\"type\":\"integer\",\"minimum\":0},\"unknownCount\":{\"type\":\"integer\",\"minimum\":0}},\"required\":[\"overallState\",\"totalControls\",\"passCount\",\"failCount\",\"staleCount\",\"degradedCount\",\"unknownCount\"]},\"PublishedTrustControl\":{\"type\":\"object\",\"properties\":{\"key\":{\"type\":\"string\"},\"category\":{\"type\":\"string\",\"enum\":[\"collector\",\"evidence\"]},\"name\":{\"type\":\"string\"},\"state\":{\"type\":\"string\",\"enum\":[\"unknown\",\"pass\",\"fail\",\"stale\",\"degraded\"]},\"confidence\":{\"type\":\"number\",\"minimum\":0,\"maximum\":1},\"latestEvidenceAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"freshUntil\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"},\"nextCheckAt\":{\"type\":[\"string\",\"null\"],\"format\":\"date-time\"}},\"required\":[\"key\",\"category\",\"name\",\"state\",\"confidence\",\"latestEvidenceAt\",\"freshUntil\",\"nextCheckAt\"]},\"PublishedTrustProfile\":{\"type\":\"object\",\"properties\":{\"schemaVersion\":{\"type\":\"integer\",\"enum\":[1]},\"project\":{\"$ref\":\"#/components/schemas/PublishedTrustProject\"},\"version\":{\"type\":\"integer\",\"minimum\":1},\"publishedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"summary\":{\"$ref\":\"#/components/schemas/PublishedTrustSummary\"},\"controls\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/PublishedTrustControl\"}}},\"required\":[\"schemaVersion\",\"project\",\"version\",\"publishedAt\",\"summary\",\"controls\"]},\"PublishedTrustProfileResponse\":{\"type\":\"object\",\"properties\":{\"profile\":{\"$ref\":\"#/components/schemas/PublishedTrustProfile\"}},\"required\":[\"profile\"]},\"PublishedTrustControlsResponse\":{\"type\":\"object\",\"properties\":{\"project\":{\"$ref\":\"#/components/schemas/PublishedTrustProject\"},\"version\":{\"type\":\"integer\",\"minimum\":1},\"publishedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"summary\":{\"$ref\":\"#/components/schemas/PublishedTrustSummary\"},\"controls\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/PublishedTrustControl\"}}},\"required\":[\"project\",\"version\",\"publishedAt\",\"summary\",\"controls\"]},\"ProjectDomainListResponse\":{\"type\":\"object\",\"properties\":{\"project\":{\"$ref\":\"#/components/schemas/Project\"},\"domains\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/ProjectDomainSummary\"}}},\"required\":[\"project\",\"domains\"]},\"ProjectDomainResponse\":{\"type\":\"object\",\"properties\":{\"project\":{\"$ref\":\"#/components/schemas/Project\"},\"domain\":{\"$ref\":\"#/components/schemas/ProjectDomainSummary\"}},\"required\":[\"project\",\"domain\"]},\"CreateProjectDomainRequest\":{\"type\":\"object\",\"properties\":{\"domain\":{\"type\":\"string\"}},\"required\":[\"domain\"]},\"IngestEvidenceRequest\":{\"type\":\"object\",\"properties\":{\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"evidenceType\":{\"type\":\"string\",\"enum\":[\"build_provenance\",\"dependency_inventory\",\"deployment_snapshot\",\"policy_result\",\"sbom\",\"vulnerability_scan\"]},\"sourceType\":{\"type\":\"string\",\"enum\":[\"aws\",\"collector\",\"custom\",\"github_actions\",\"kubernetes\",\"terraform\"]},\"sourceRef\":{\"type\":\"string\"},\"observedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"payload\":{\"type\":\"object\",\"additionalProperties\":true}},\"required\":[\"projectId\",\"evidenceType\",\"sourceType\",\"sourceRef\",\"observedAt\",\"payload\"]},\"BatchIngestEvidenceRequest\":{\"type\":\"object\",\"properties\":{\"projectId\":{\"type\":\"string\",\"format\":\"uuid\"},\"records\":{\"type\":\"array\",\"minItems\":1,\"maxItems\":100,\"items\":{\"type\":\"object\",\"properties\":{\"evidenceType\":{\"type\":\"string\",\"enum\":[\"build_provenance\",\"dependency_inventory\",\"deployment_snapshot\",\"policy_result\",\"sbom\",\"vulnerability_scan\"]},\"sourceType\":{\"type\":\"string\",\"enum\":[\"aws\",\"collector\",\"custom\",\"github_actions\",\"kubernetes\",\"terraform\"]},\"sourceRef\":{\"type\":\"string\"},\"observedAt\":{\"type\":\"string\",\"format\":\"date-time\"},\"payload\":{\"type\":\"object\",\"additionalProperties\":true}},\"required\":[\"evidenceType\",\"sourceType\",\"sourceRef\",\"observedAt\",\"payload\"]}}},\"required\":[\"projectId\",\"records\"]},\"CollectorWithSecretResponse\":{\"type\":\"object\",\"properties\":{\"collector\":{\"$ref\":\"#/components/schemas/CollectorPrincipal\"},\"secret\":{\"type\":\"object\",\"properties\":{\"value\":{\"type\":\"string\"},\"prefix\":{\"type\":\"string\"}},\"required\":[\"value\",\"prefix\"]}},\"required\":[\"collector\",\"secret\"]},\"CollectorListResponse\":{\"type\":\"object\",\"properties\":{\"collectors\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/CollectorPrincipal\"}}},\"required\":[\"collectors\"]},\"CollectorResponse\":{\"type\":\"object\",\"properties\":{\"collector\":{\"$ref\":\"#/components/schemas/CollectorPrincipal\"}},\"required\":[\"collector\"]},\"OrganizationMembersResponse\":{\"type\":\"object\",\"properties\":{\"organization\":{\"$ref\":\"#/components/schemas/Organization\"},\"members\":{\"type\":\"array\",\"items\":{\"$ref\":\"#/components/schemas/OrganizationMemberSummary\"}}},\"required\":[\"organization\",\"members\"]},\"BootstrapWorkspaceRequest\":{\"type\":\"object\",\"properties\":{\"workspaceName\":{\"type\":\"string\"},\"workspaceSlug\":{\"type\":\"string\"},\"projectName\":{\"type\":\"string\"},\"projectSlug\":{\"type\":\"string\"},\"projectHostedSubdomain\":{\"type\":[\"string\",\"null\"]},\"projectVisibility\":{\"type\":\"string\",\"enum\":[\"private\",\"public\"]}},\"required\":[\"workspaceName\",\"projectName\"]},\"BootstrapWorkspaceResponse\":{\"type\":\"object\",\"properties\":{\"organization\":{\"$ref\":\"#/components/schemas/Organization\"},\"project\":{\"$ref\":\"#/components/schemas/Project\"}},\"required\":[\"organization\",\"project\"]}}},\"paths\":{\"/me\":{\"get\":{\"summary\":\"Get the authenticated user profile\",\"operationId\":\"getMe\",\"security\":[{\"bearerAuth\":[]}],\"responses\":{\"200\":{\"description\":\"Current user profile and memberships\"},\"401\":{\"description\":\"Authentication failed\"}}}},\"/onboarding/bootstrap\":{\"post\":{\"summary\":\"Bootstrap the first workspace and project for a new user\",\"operationId\":\"bootstrapWorkspace\",\"security\":[{\"bearerAuth\":[]}],\"responses\":{\"201\":{\"description\":\"Workspace bootstrap completed\"},\"409\":{\"description\":\"Workspace bootstrap is no longer allowed\"}}}},\"/organizations\":{\"post\":{\"summary\":\"Create an organization\",\"operationId\":\"createOrganization\",\"security\":[{\"bearerAuth\":[]}],\"responses\":{\"201\":{\"description\":\"Organization created\"}}}},\"/organizations/{organizationId}\":{\"get\":{\"summary\":\"Get an organization\",\"operationId\":\"getOrganization\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"organizationId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Organization details\"}}}},\"/organizations/{organizationId}/projects\":{\"get\":{\"summary\":\"List projects in an organization\",\"operationId\":\"listOrganizationProjects\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"organizationId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Projects in the organization\"}}}},\"/organizations/{organizationId}/members\":{\"get\":{\"summary\":\"List members in an organization\",\"operationId\":\"listOrganizationMembers\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"organizationId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Members in the organization\"}}}},\"/projects\":{\"post\":{\"summary\":\"Create a project\",\"operationId\":\"createProject\",\"security\":[{\"bearerAuth\":[]}],\"responses\":{\"201\":{\"description\":\"Project created\"}}}},\"/projects/{id}\":{\"get\":{\"summary\":\"Get a project\",\"operationId\":\"getProject\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Project details\"}}},\"patch\":{\"summary\":\"Update a project\",\"operationId\":\"updateProject\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Project updated\"}}}},\"/projects/{id}/controls\":{\"get\":{\"summary\":\"List trust controls for a project\",\"operationId\":\"listProjectControls\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Trust control catalog metadata listed\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"}}}},\"/projects/{id}/evaluations\":{\"get\":{\"summary\":\"List persisted control evaluations for a project\",\"operationId\":\"listProjectEvaluations\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Control evaluations listed\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"}}}},\"/projects/{id}/evaluations/recompute\":{\"post\":{\"summary\":\"Recompute all deterministic control evaluations for a project\",\"description\":\"Human-auth protected recompute path. Re-evaluates the enabled control catalog against current project evidence and collector metadata, then persists evaluation results deterministically.\",\"operationId\":\"recomputeProjectEvaluations\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Project evaluations recomputed and persisted\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"}}}},\"/projects/{id}/publish\":{\"post\":{\"summary\":\"Publish current project metadata and evaluation state\",\"description\":\"Human-auth protected synchronous publish flow. Creates a publish job, writes deterministic artifact metadata, persists the next published profile version, and finalizes the job status.\",\"operationId\":\"publishProject\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"201\":{\"description\":\"Publish job completed and latest published profile metadata persisted\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"},\"500\":{\"description\":\"Publish flow failed after job creation\"}}}},\"/projects/{id}/published-profile\":{\"get\":{\"summary\":\"Get the latest published profile metadata for a project\",\"operationId\":\"getPublishedProfile\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Latest published profile metadata returned\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"},\"404\":{\"description\":\"No published profile exists for the project\"}}}},\"/projects/{id}/domains\":{\"get\":{\"summary\":\"List custom domains for a project\",\"operationId\":\"listProjectDomains\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Project domains listed\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"}}},\"post\":{\"summary\":\"Add a custom domain to a project\",\"operationId\":\"createProjectDomain\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"201\":{\"description\":\"Project domain created with verification instructions\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"},\"409\":{\"description\":\"Domain is already assigned to another project\"}}}},\"/projects/{projectId}/domains/{domainId}/verify\":{\"post\":{\"summary\":\"Verify a project custom domain via DNS TXT\",\"operationId\":\"verifyProjectDomain\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"projectId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}},{\"in\":\"path\",\"name\":\"domainId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Project domain verification checked\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"},\"404\":{\"description\":\"Project domain not found\"}}}},\"/projects/{projectId}/domains/{domainId}\":{\"delete\":{\"summary\":\"Remove a custom domain from a project\",\"operationId\":\"deleteProjectDomain\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"projectId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}},{\"in\":\"path\",\"name\":\"domainId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Project domain removed\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"},\"404\":{\"description\":\"Project domain not found\"}}}},\"/trust/{projectSlug}\":{\"get\":{\"summary\":\"Get the latest published trust profile for a project slug\",\"description\":\"Public published-read endpoint. Resolves the latest published profile metadata, reads the stored published artifact, and returns only the stable public-safe contract.\",\"operationId\":\"getPublishedTrust\",\"parameters\":[{\"name\":\"projectSlug\",\"in\":\"path\",\"required\":true,\"schema\":{\"type\":\"string\"}}],\"responses\":{\"200\":{\"description\":\"Published trust profile returned\"},\"404\":{\"description\":\"Project slug not found or project has not been published\"}}}},\"/trust/domains/{domain}\":{\"get\":{\"summary\":\"Get the latest published trust profile for a verified custom domain\",\"description\":\"Public published-read endpoint that resolves a verified project domain, then serves the same stable published profile contract as the canonical project trust page.\",\"operationId\":\"getPublishedTrustByDomain\",\"parameters\":[{\"name\":\"domain\",\"in\":\"path\",\"required\":true,\"schema\":{\"type\":\"string\"}}],\"responses\":{\"200\":{\"description\":\"Published trust profile returned for the verified domain\"},\"404\":{\"description\":\"Verified custom domain not found or project has not been published\"}}}},\"/trust/{projectSlug}/controls\":{\"get\":{\"summary\":\"Get the published trust controls for a project slug\",\"description\":\"Public published-read endpoint returning only the controls section of the latest published artifact.\",\"operationId\":\"getPublishedTrustControls\",\"parameters\":[{\"name\":\"projectSlug\",\"in\":\"path\",\"required\":true,\"schema\":{\"type\":\"string\"}}],\"responses\":{\"200\":{\"description\":\"Published controls returned\"},\"404\":{\"description\":\"Project slug not found or project has not been published\"}}}},\"/trust/{projectSlug}/profile\":{\"get\":{\"summary\":\"Get the published trust profile contract for a project slug\",\"description\":\"Public published-read endpoint returning the same stable contract as GET /trust/{projectSlug}.\",\"operationId\":\"getPublishedTrustProfile\",\"parameters\":[{\"name\":\"projectSlug\",\"in\":\"path\",\"required\":true,\"schema\":{\"type\":\"string\"}}],\"responses\":{\"200\":{\"description\":\"Published trust profile returned\"},\"404\":{\"description\":\"Project slug not found or project has not been published\"}}}},\"/projects/{projectId}/collectors\":{\"get\":{\"summary\":\"List collectors for a project\",\"operationId\":\"listProjectCollectors\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"projectId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Collectors listed\"}}},\"post\":{\"summary\":\"Create a collector and reveal secret once\",\"operationId\":\"createCollector\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"projectId\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"201\":{\"description\":\"Collector created with one-time secret\"}}}},\"/projects/{id}/evidence\":{\"get\":{\"summary\":\"List project evidence metadata\",\"operationId\":\"listProjectEvidence\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Evidence metadata listed\"},\"401\":{\"description\":\"Authentication failed\"},\"403\":{\"description\":\"Project access denied\"}}}},\"/collectors/{id}/rotate-secret\":{\"post\":{\"summary\":\"Rotate collector secret\",\"operationId\":\"rotateCollectorSecret\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Collector secret rotated and revealed once\"}}}},\"/collectors/{id}/revoke\":{\"post\":{\"summary\":\"Revoke collector\",\"operationId\":\"revokeCollector\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Collector revoked\"}}}},\"/collectors/{id}/heartbeat\":{\"post\":{\"summary\":\"Collector heartbeat\",\"operationId\":\"collectorHeartbeat\",\"security\":[{\"bearerAuth\":[]}],\"parameters\":[{\"in\":\"path\",\"name\":\"id\",\"required\":true,\"schema\":{\"type\":\"string\",\"format\":\"uuid\"}}],\"responses\":{\"200\":{\"description\":\"Heartbeat accepted\"},\"401\":{\"description\":\"Machine authentication failed\"}}}},\"/ingest/evidence\":{\"post\":{\"summary\":\"Ingest a single evidence payload\",\"operationId\":\"ingestEvidence\",\"security\":[{\"bearerAuth\":[]}],\"requestBody\":{\"required\":true,\"content\":{\"application/json\":{\"schema\":{\"$ref\":\"#/components/schemas/IngestEvidenceRequest\"}}}},\"responses\":{\"201\":{\"description\":\"Evidence metadata persisted and payload stored in S3\"},\"400\":{\"description\":\"Payload validation failed\"},\"401\":{\"description\":\"Machine authentication failed\"},\"403\":{\"description\":\"Collector cannot write evidence for the project\"}}}},\"/ingest/evidence/batch\":{\"post\":{\"summary\":\"Ingest multiple evidence payloads\",\"description\":\"Atomic batch ingest. The API persists evidence metadata for all records in the batch or for none of them. If validation or processing fails for any item, no evidence metadata from the batch is persisted.\",\"operationId\":\"ingestEvidenceBatch\",\"security\":[{\"bearerAuth\":[]}],\"requestBody\":{\"required\":true,\"content\":{\"application/json\":{\"schema\":{\"$ref\":\"#/components/schemas/BatchIngestEvidenceRequest\"}}}},\"responses\":{\"201\":{\"description\":\"All evidence metadata records in the batch were persisted and their payloads were stored.\"},\"400\":{\"description\":\"Batch validation or processing failed. No evidence metadata from the batch was persisted.\"},\"401\":{\"description\":\"Machine authentication failed\"},\"403\":{\"description\":\"Collector cannot write evidence for the project. No evidence metadata from the batch was persisted.\"}}}}}}"