OPEN10X platform boundary
open10x-api
Auth preview, Story persistence, moderation, quota, audit, export, and search metadata stay behind this API boundary. This surface is an operations diagnostic page, not a public product launcher.
Auth modesupabase-google
Write actionsenabled
Publishingenabled
Export windowclosed
Storagesupabase-postgres -> supabase-postgres
Deployment safetyready
Runtime boundary
- GET/healthservice, auth, storage, deployment postureno secrets or user content
- GET/contractmachine-readable API contractsource of route truth
- GET/system/statusemergency/export/write flagsruntime switches
- GET/melocal account session previewemail and provider tokens not stored
Story and publishing
- GET/public/story/postspublished safe archivepublic read only
- GET/story/postsworkspace Story listactive session required
- POST/story/postscreate draftquota and write guard
- POST/story/posts/:id/publishmoderated publishsafe, review, or rejected
- POST/story/posts/:id/reportpublic report handoffmetadata-only event
Search, moderation, and operations
- GET/search?q=AIsearch provider boundarylocal fallback when providers are absent
- POST/search/eventsquery hash eventraw query not persisted
- GET/moderation/queueadmin moderation queuemetadata only
- GET/admin/audit/eventsadmin audit streammoderation, abuse, search metadata
- POST/admin/emergency-modebreak-glass export/write freezeadmin only