API Reference - AI Interview Docs

API Reference

Complete documentation for all REST endpoints.

The AI Interview System exposes a RESTful HTTP API with a global prefix of /api/v1. All endpoints return JSON and follow consistent error format. Interactive documentation is available via Swagger UI at http://localhost:3009/api/docs.

Base URL

text

http://localhost:3009/api/v1

Environment	Base URL
Development	http://localhost:3009/api/v1
Swagger UI	http://localhost:3009/api/docs
OpenAPI JSON	http://localhost:3009/api/docs-json
Agent Card	http://localhost:3009/.well-known/agent.json

Guides

Authentication

JWT, API Key, and OAuth 2.0 authentication methods.

Interviews

Create and manage interview lifecycle.

Candidate Access

OTP verification and session management.

Workflow

HITL state machine transitions and history.

Users & Tenants

User management and tenant configuration.

Admin Monitoring

System metrics, agent status, dashboard data.

Authentication

All endpoints (except health checks and agent card) require one of three authentication methods:

Method	Header	Use Case
JWT Bearer	Authorization: Bearer <token>	Admin UI, recruiter operations
API Key	X-API-Key: <key>	External integrations, A2A protocol
OAuth 2.0	Authorization: Bearer <token>	Scoped client credentials

Endpoint Summary

Module	Endpoints	Auth
Authentication	POST /auth/login, POST /auth/oauth/token	None
Interviews	GET/POST /interviews, GET/PUT/DELETE /interviews/:id	JWT
A2A Protocol	POST /a2a/interview, GET /a2a/interview/:runId/status, ...	API Key / OAuth2
Candidate Access	GET /candidate-access/:token/info, POST .../request-otp, ...	Token-based
Workflow	POST /workflow/interviews/:id/transition, GET .../state, ...	JWT
Users	GET/POST /users, GET/PUT/DELETE /users/:id	JWT
Tenants	GET/POST /tenants, GET/PUT/DELETE /tenants/:id	JWT
API Keys	GET/POST /api-keys, DELETE /api-keys/:id	JWT
OAuth Clients	GET/POST /oauth-clients	JWT
MCP Skills	POST /mcp/skills/validate, GET/POST /mcp/skills	JWT
Admin Monitoring	GET /admin/metrics/system, .../agents, .../workflows	JWT
Health	GET /health/live, GET /health/ready	None

Error Format

All errors follow a consistent JSON structure:

json

{
  "statusCode": 400,
  "message": "Validation failed",
  "error": "Bad Request",
  "details": [
    {
      "field": "candidateEmail",
      "message": "Must be a valid email address"
    }
  ]
}

Status Code	Meaning
200	Success
201	Created
400	Bad Request — validation error
401	Unauthorized — missing or invalid auth
403	Forbidden — insufficient permissions
404	Not Found
429	Too Many Requests — rate limit (100 req/min)
500	Internal Server Error

The Swagger UI at /api/docs provides interactive documentation where you can test endpoints directly. Use the “Authorize” button to add your JWT token or API key.

Was this page helpful?

Previous← Quick Start

NextAuthentication →