ODP Service APIInternal API Documentation

Comprehensive reference for the ODP backend API — endpoints, auth, data model, and modules.

Architecture Overview

Authentication

4-strategy auth pipeline — JWT with session binding, static tokens, session tokens, and scoped sub-tokens.

RBAC Permissions

Role-based access control with policies and per-collection field-level permissions.

Dynamic Data Model

Create and manage collections, fields, and relations at runtime without code changes.

File Management

Multipart upload, URL import, TUS resumable uploads, image transformation, and file replacement.

Notification Module

Template-based multi-channel notifications (email, in-app, Mattermost) with layout system and delivery logs.

Workflow Engine

Visual approval workflows with steps, transitions, task inbox, delegation, and audit log.

ODP Service API

This is the internal API documentation for the ODP Service API — a headless content and data management platform built on Fastify 5, TypeScript, and Knex.

Base URL

http://localhost:8055

Configured via PUBLIC_URL environment variable.

Response Format

All endpoints return JSON. Successful responses wrap data in a data key:

json

{
  "data": { ... }
}

List responses may also include meta:

json

{
  "data": [...],
  "meta": {
    "total_count": 100,
    "filter_count": 25
  }
}

Errors return an errors array:

json

{
  "errors": [
    {
      "message": "You don't have permission to access this.",
      "extensions": {
        "code": "FORBIDDEN"
      }
    }
  ]
}

Authentication

Pass the access token in the Authorization header:

Authorization: Bearer <access_token>

See Auth Middleware & Token Strategy for full details.

ODP Service APIInternal API Documentation

Authentication

RBAC Permissions

Dynamic Data Model

File Management

Notification Module

Workflow Engine

ODP Service API ​

Base URL ​

Response Format ​

Authentication ​

ODP Service API

Base URL

Response Format

Authentication